Corporate AI Criminal Risk in Spain: The EU AI Act and Compliance

Businesses are adopting artificial intelligence faster than the internal controls that should accompany it. An AI system that decides who gets hired, that scores a credit applicant, or that answers customers on the company's behalf is not merely an efficiency tool: it is a source of corporate criminal risk. When that system produces a harmful result, the question stops being technical and becomes legal: who is responsible? Through our advice on the criminal risk of artificial intelligence, we explain how this risk is managed under the EU AI Act and the compliance regime of Article 31 bis of the Spanish Criminal Code.

What Kind of Criminal Risk We Mean

There is no "offence of using artificial intelligence". Criminal risk does not stem from the technology in the abstract, but from the unlawful results a system can cause once it is embedded in the company's activity. AI acts here as an amplifier: it automates decisions, applies them at scale, and blurs the line between who decides and who executes. That is precisely the terrain where criminal law looks for someone to hold responsible.

The focus, therefore, is not "the offence of X" but prevention and corporate defence: identifying where an AI system can cross the criminal threshold, shielding the organisation with adequate controls, and, if an investigation arrives, building a defence that allocates or excludes liability. It is criminal-compliance work before it is litigation.

Two features of AI make this risk distinctive. The first is opacity: when the logic of a model is hard to explain, it becomes harder for a company to show that it understood and controlled what the system was doing —and that difficulty cuts both ways in a criminal file. The second is scale: an isolated human error affects one decision, whereas a flawed automated rule can reproduce the same unlawful outcome thousands of times before anyone notices. A criminal court reads that scale as a sign of how foreseeable, and how preventable, the harm was. Anticipating both features is what separates a defensible deployment from an exposed one.

The EU AI Act as a Governance Framework

Regulation (EU) 2024/1689, known as the EU AI Act, is the first European law to regulate artificial intelligence horizontally. It does not create offence types, but it establishes a system of obligations graded by the risk level of the system:

• Unacceptable risk: prohibited practices, such as certain biometric identification uses or social scoring.
• High risk: systems affecting rights —recruitment, credit scoring, access to essential services— subject to reinforced obligations of documentation, risk management, human oversight and traceability.
• Limited risk: systems such as chatbots, subject mainly to transparency duties towards the user.
• Minimal risk: the majority of applications, with no specific obligations.

Its criminal relevance is indirect but decisive: compliance or non-compliance with these obligations becomes a barometer of a control failure. A company that neglects the governance required for a high-risk system and lets that system cause an unlawful result will have generated solid evidence of deficient supervision —exactly the element on which the criminal liability of the legal person is built.

Corporate Criminal Liability (Art. 31 bis CP)

Article 31 bis of the Spanish Criminal Code allows the company to be prosecuted for offences committed in its name or on its behalf and for its direct or indirect benefit, where there has been a failure of control. The consequences for the company can be severe: a proportional fine, disqualification from contracting with the public sector and, in the most serious cases, suspension of activities.

The core of the provision is its exemption: the legal person is exempt if, before the offence was committed, it adopted and effectively implemented an organisation and management model suited to preventing offences of that nature. In the AI context, that model cannot be an off-the-shelf, generic compliance programme: it must specifically address the algorithmic systems the company uses. A compliance programme that ignores AI altogether will struggle to be considered adequate where the offence stems precisely from an automated system.

The Most Exposed Offences

Although any corporate offence can appear mediated by AI, there are three areas where the risk is sharpest:

• Discrimination and hate offences (Art. 510 CP): punished with one to four years' imprisonment and a fine of six to twelve months. An AI system trained on biased data can generate discriminatory treatment on protected grounds —origin, sex, religion, orientation— especially in targeted advertising, content moderation or user segmentation.
• Serious employment discrimination (Art. 314 CP): penalises serious discrimination in employment, public or private, not remedied after an administrative request or sanction. This is the natural framework for algorithmic bias in recruitment and HR, where automated screening systems can systematically penalise certain groups.
• Fraud (Art. 248 CP): six months to three years' imprisonment in the basic type, with the penalty modulated by the amount and circumstances. It applies where the erroneous output of a chatbot or virtual adviser misleads a customer and causes financial loss —for instance, asserting terms, prices or coverage the company does not actually offer.

In every case, the system does not "commit" the offence: it is attributed to the individuals who designed, deployed or were meant to supervise it, and to the company that relies on it. A record of who approved each system, and with which controls, is therefore central to both prevention and defence.

Algorithmic Governance: Art. 31 bis Compliance, Extended

The way to neutralise this risk is to extend the criminal-prevention model with a layer of algorithmic governance. In practice, that means a set of documented controls:

• System inventory: identify every AI system in use, its purpose and its risk level under the EU AI Act.
• Risk assessment: analyse, for each system, which unlawful results it could cause and which legal interests it affects.
• Human oversight: ensure no sensitive decision is executed fully automatically without the possibility of human control and review.
• Traceability and logging: keep the technical documentation, the datasets, the model versions and the record of who validated each deployment.
• Periodic audit: review how the systems actually behave, detect bias and correct it, recording the measures taken.

This layer is not cosmetic: it is what allows the company to demonstrate, if needed, that its prevention model was adequate and effectively implemented. The corporate AI criminal-risk page sets out how this governance integrates into the organisation's criminal-compliance programme.

What Happens if an Investigation Begins

Once a harmful result has occurred and an investigation opens, the defence work focuses on reconstructing the decision chain. The criminal question is never "did the algorithm fail?" but "who was meant to control it, and what did they do or fail to do?".

Corporate defence then works along several lines: showing that an adequate prevention model existed and was implemented; delimiting the role of each participant —the system's provider, the person responsible for its deployment, the human supervisor—; challenging the objective attribution of the result to the company's conduct where there was misuse or unforeseeable use of the system; and producing technical expert evidence explaining how the system really worked and which controls were in place. The settled case law of the Supreme Court on corporate criminal liability requires a case-by-case analysis of the reality and effectiveness of the compliance programme, not its mere formal existence.

This is also where the records built in advance become evidence. The system inventory, the risk assessments, the audit logs and the trail of who validated each deployment are not paperwork for its own sake: in an investigation they are what lets the company show that the model was lived, not merely written. A programme that exists only on paper, that was never updated when the AI systems changed, or that no one actually applied, tends to collapse under scrutiny. Conversely, contemporaneous documentation that a risk was identified, escalated and addressed is often the most persuasive material a defence can put forward —and the clearest line between a control failure attributable to the company and an isolated act that falls outside it.

Economic Criminal Defence and AI Compliance in Madrid and Across Spain

The criminal-defence firm Alonso Sala, based at Calle Velázquez 27 in Madrid and acting across Spain, advises companies on preventing and defending the criminal risk arising from the use of artificial intelligence. We work on integrating algorithmic governance into the compliance model of Article 31 bis CP, analysing high-risk systems under the EU AI Act, and corporate defence when an automated decision leads to a criminal investigation.