Team size: 39

What are the most significant cases, projects and/or transactions that you and/or your legal team have recently been involved in?

Among the various projects we have led over the past twelve months, it is worth highlighting the work carried out in the field of compliance.

On one hand, efforts have focused on the implementation of the new law on workplace harassment, sexual harassment, and violence (commonly referred to as the “Karin Law”), alongside the new Personal Data Protection Law.

To ensure proper implementation of the Karin Law, work began prior to its effective date, including risk assessment, risk management through mitigation measures, and the implementation of protocols.

During the first semester, several actions were implemented within the SAESA Group. E-learning courses on the Karin Law were made available on the internal platform for all employees. Specialised training plans for departments were implemented where alerts are raised regarding potential conflicts and/or complaints of workplace harassment, sexual harassment, or violence. A review of the risk matrix and review of the Protocol for Prevention, Investigation, and Sanctioning of Sexual Harassment, Workplace Harassment, and Violence in the Workplace were carried out. We also carried out clarification of inquiries submitted by the company’s labour unions, the dissemination of consultation and complaint channels, and the preparation of a manual of best practices for cases of workplace violence perpetrated by third parties outside the employment relationship.

The Personal Data Protection Law, Law No. 21.719 on the Protection of Personal Data, published on December 13, 2024, and entering into force on December 1, 2026, establishes a new regulatory framework for the protection of personal data in Chile. It raises the standard for safeguarding the rights of data subjects and creates a Personal Data Protection Agency to ensure effective enforcement of those rights.

To comply with this new law, we engaged the services of a legal and technical consulting firm with extensive experience in the field, with the aim of conducting a comprehensive assessment to ensure compliance with Chilean data protection regulations. This assessment uses the European Union’s General Data Protection Regulation (GDPR) as a reference and serves as a guide toward compliance with ISO 27701 standards.

The specific objectives of this initial advisory phase include:

Assessing the current maturity and capabilities of the SAESA Group in managing privacy and personal data protection.

Evaluating the security and privacy controls currently in place.

Identifying compliance gaps and proposing a roadmap with necessary measures and documentation.

Proposing a roadmap and the documentation required for regulatory compliance.

Developing a training and awareness program for SAESA Group personnel.

Developing the Record of Processing Activities (RPA).

Designing a Data Protection Risk Map and a Risk Treatment and Compliance Plan.

Conducting Data Protection Impact Assessments (DPIAs) where necessary.

Proposing privacy and data protection policies and procedures.

We are currently concluding this phase, after which we will begin the second phase, which consists of drafting and implementing privacy and data protection policies and procedures, as well as developing a comprehensive internal training program for the organisation.

How do you approach managing legal aspects during periods of instability or crisis to ensure the organisation’s resilience? 

Anticipation is key. However, this requires the involvement of the Legal Department from the very outset of the project and/or the inception of the business in order to better understand the needs of internal clients and provide accurate legal advice.

During the planning and monitoring stages of the project, it is essential to develop action plans and contingency plans (technical, financial, commercial, and, of course, legal) to effectively manage potential crises involving counterparties, clients, stakeholders, or external factors.

In addition, a highly recommended practice to foster organisational resilience after the completion of a project, business initiative, or challenge is to conduct an internal evaluation within the teams, focusing on lessons learned. This evaluation should place particular emphasis on the effectiveness of mitigation measures, contingency plans, and other actions, with the aim of modifying, supplementing, or strengthening them for future challenges.

What is a cause, business or otherwise, that you are passionate about? Why is this?  

Ethics and a culture of compliance: always doing the right thing.

I believe this is something that motivates and inspires me across all areas — not only in the workplace and within the company, but also in every activity and action throughout our lives. I am passionate about doing things well and being a compliance role model and reference within the company, and that the company itself is recognised not only within the electric power industry, but also among leading companies nationwide.

We are proud that SAESA has received, for the sixth consecutive year, the Recognition for Commitment to Integrity from the Fundación Generación Empresarial “FGE” (Empresarial Generation Foundation), as an outstanding company in the “Trajectory” category. Furthermore, for the first time, it received recognition in the new “Regional” category, which highlights companies that promote and uphold a culture of integrity from regional locations.

Considering SAESA’s results in the Organisational Values and Integrity Barometer, the FGE invited me and the SAESA’s Head of Compliance to participate as mentors in the FGE Mentoring Network (“RED Mentora FGE”), a program aimed at fostering the exchange of knowledge and experiences between executives of member organisations and “Mentees” — other professionals in the compliance field. This collaborative network seeks to promote the implementation of best practices through mentoring sessions that enhance mutual learning.

Currently, this program is being carried out through monthly sessions and, to date, has provided excellent learning opportunities for all parties involved.

What factors influence your team’s decision to use external legal services versus handling matters in-house, and what criteria are used to evaluate their performance?    

Nowadays, the practice of law has become highly specialised and demands extensive knowledge from legal professionals. For reasons of efficiency, corporate legal departments cannot maintain in-house specialists across all areas of law. Therefore, in more complex and high-impact matters, companies opt to engage external legal services that are recognised for their prestige, expertise, and experience.

The evaluation of external legal counsel involves several key considerations. First and foremost is the quality-to-price ratio, which is of great importance. To assess quality, it is not only the work delivered that matters, but also the empathy, accessibility, and commitment demonstrated by the external counsel. Personally, I consider it essential to hold follow-up meetings in which the requested legal advice is reviewed, alternatives are analysed, and a work plan is agreed upon — typically structured through a Gantt chart. These meetings aim to ensure that deliverables from external counsel are submitted with sufficient lead time to allow for interaction, enabling the internal team to acquire new knowledge, validate it, and confirm its applicability.

It is not only the outcome that matters, but also the process and the closeness developed between in-house counsel and external law firms, which fosters long-term relationships built on trust.