Artificial intelligence and criminal liability of legal entities

Articles26 May 2026
The use of artificial intelligence systems within organizations not only increases operational efficiency but also introduces new areas of risk that have a direct impact on the criminal liability of companies.

By the end of 2026, stricter requirements of the European Artificial Intelligence Regulation (AIR) will come into effect for systems classified as high risk, with a sanction regime that can reach up to 35 million euros or 7% of the global turnover of the offender. This date should not be understood solely in administrative terms: it marks the moment when artificial intelligence ceases to be, legally speaking, an emerging phenomenon and becomes a structural vector of corporate criminal risk. The thesis of this article is simple: the use —whether by the organization itself or by third parties— of AI systems within the organization reconfigures the risk landscape of Article 31 bis of the Penal Code and requires an update of organizational and management models so that they do not lose their exculpatory effect.


This regulatory convergence is compounded by a de facto phenomenon that cannot be ignored: the so-called shadow AI. According to Microsoft's 2024 Labor Trends Index, 78% of AI users at work use their own tools without the knowledge of the IT department, and 38% admit to having shared sensitive information. The Samsung case, in which several engineers leaked semiconductor source code through ChatGPT, illustrates how blurred the line between authorized and unauthorized use has become in business practice.


The framework of Article 31 bis of the Penal Code in relation to AI

Article 31 bis of the Penal Code, consolidated following the reform of Organic Law 1/2015, holds the legal entity responsible for offenses committed in its name or on its behalf, whether by its administrators or legal representatives, or by employees when there has been a serious breach of supervision, monitoring, and control duties. The exemption requires the effective adoption and implementation, before the commission of the infringement, of an adequate organizational and management model to prevent or significantly reduce the risk of its commission.


The emergence of AI operates within this framework in two ways. On the one hand, AI is an ally of compliance: it enables the detection of anomalous patterns, monitoring of communications and operations in real time, and automation of controls, which reduces human error —what legal doctrine has called “Digital Penal Compliance”. On the other hand, and this is the less explored angle, it operates as a new criminogenic factor that reconfigures the catalog of offenses attributed to legal entities, which now includes 41 offenses according to Organic Law 4/2023.


Tangible and growing examples include:

  • Financial sphere. Fraud (Article 251 bis of the Penal Code) is committed using deepfakes of voice or video impersonating executives to authorize transfers —the well-known 'CEO fraud' enabled by generative AI— while money laundering (Article 302 of the Penal Code) can be facilitated through automated transactions that impair traceability.
  • Information, data, and secrets. Crimes related to the discovery and disclosure of secrets (Art. 197 quinquies of the Penal Code) and computer damage (Art. 264 quater of the Penal Code) acquire a new dimension when autonomous agents exfiltrate confidential information —the phenomenon of “shadow leakage” identified by the AEPD in its February 2026 guidelines on agency AI— or when employees input sensitive data into unregulated tools.
  • Workers' rights. Offenses against workers' rights (Art. 318 bis of the Penal Code) can be caused by algorithmic selection, evaluation, or monitoring systems that lead to discrimination, a particularly sensitive area since the RIA expressly classifies these systems as high risk.

The convergence with the RIA is structural: the areas that the European regulation classifies as high risk —employment, credit, justice, health, critical infrastructure, migration— largely coincide with those where the Penal Code concentrates the greatest risk of criminal liability for companies. Consequently, the list is extensive and complex, and depends both on each identified use case and the specific context and risk environment of the organization.


Data governance

Article 10 of the RIA elevates data governance to a legal obligation: high-risk systems can only be trained using relevant and sufficiently representative datasets that are as free of errors and as complete as possible, subject to bias analysis and documented processes of collection, labeling, and cleaning. Translated into penal law, this requirement is unequivocal: poor governance of data and models —training with biased datasets, lack of traceability, absence of logs, lack of explanatory transparency, or merely nominal human oversight— can serve as objective evidence of the “organizational defect” that legal doctrine and jurisprudence identify as the basis for convicting a legal entity.


The issue of the 'black box' thus becomes critical. The circular 1/2016 of the Office of the Attorney General warned that compliance programs are not a 'juggernaut for impunity', but rather the expression of an ethical culture. If the system's decisions are opaque or inexplicable, the company will have difficulty demonstrating its due diligence before the court. Delegating control to an algorithm does not exonerate the management body: it imposes an additional duty of diligence, namely, to understand, audit, and actively oversee the tool.


Expansion of the scope of liability

The incorporation of AI tends to expand the scope of liability in two ways.

  • First, it broadens the scope of employees and processes whose decisions may lead to the company's liability, making the second reason of Article 31 bis more frequently applicable: serious breaches of supervisory duties.
  • Second, it raises the level of diligence required of the board of directors, which must demonstrate that it has understood, audited, and actively controlled tools that are opaque and evolving.

Italian Law 132/2025

The Italian legal system has already taken the first step. Law 132/2025, of September 23, has introduced a general aggravating circumstance applicable to offenses committed using AI systems in Article 61 of the Italian Penal Code, along with a new offense of illicit dissemination of AI-generated or altered content (Art.612-quater) and specific aggravating circumstances related to market manipulation and violations of political rights.


Although the law does not directly modify the list of offenses of Law 231/2001 on the criminal liability of legal entities, Italian legal doctrine agrees that it requires a revision of organizational, management, and control models to incorporate the new risks arising from corporate use of AI. It is reasonable to expect that Spanish legislation will evolve in a similar direction.


Prevention models

Now, four lines of action are inevitable. First, integrate into the risk map of the model those offenses whose commission may be triggered or aggravated by the use of AI in each business process. Second, establish specific protocols for validation, human oversight, and traceability of automated decisions, with auditable logs and documented review processes. Third, incorporate contractual clauses on compliance, security, and explainability that are enforceable against AI suppliers, as well as the obligation to cooperate in the event of an incident. Fourth, train employees and executives in the responsible use of AI and channel ghost AI towards regulated corporate tools, given that a general prohibition, according to available data, is ineffective: 63% of employees subjected to an explicit prohibition still violate it.


Conclusion

The requirements of the RIA —risk management, data governance, documentation, traceability, human oversight, and reporting channels— are, in essence, those of a penal compliance program adapted to the algorithmic era. Any organizational and management model intending to be effective for the purposes of Article 31 bis of the Penal Code must now necessarily incorporate the assessment of criminal risks arising from the use of AI within the company.


Anyone who does not do so before the end of 2026 will not only face administrative sanctions: they will encounter a prevention model that a court may consider inadequate precisely for what it did not incorporate.


Read the full article here.

La imagen muestra una vista desde abajo de una estructura arquitectónica moderna con paredes curvas y un cielo azul de fondo.
  • Artificial Intelligence

Related partners

LATEST FROM #ECIJA