• Twitter
  • Linked IN
  • |rss
News & Media

Department of Mysteries or What is Compliance Department actually doing?

Date: 03/08/2017

The Compliance Department or holding a position of a Compliance Department does have a certain parallel with the functions of the Ministry of Magic from J.K. Rowling´s Harry Potter.  Their function is often misunderstood, equally mysterious, „secretly“ structured but at the same time needed, required and important. And just as processes and regulations of the Ministry of Magic are avoided, the processes and regulations of the Compliance rules are avoided, if these are already defined by respective companies. Each company has its Compliance department or function even if they think they have not.

In Slovak we could  use the term Conformity Department. This term expresses what Compliance actually does or should do.  It supervises functionality and compliance with regulations of the company, of operational or ethical nature.  Just as the Ministry of Magic  controls the observance of witchcraft duties, determines what is right and wrong, what is important (or is not important) from the regulatory, ethical or morality point of view, Compliance does the same, but from different – entrepreneurial and specific sector perspective, in which the business entity undertakes.

Ministry of Magic is a fictitious institution found in J. K. Rowling Harry Potter series. In the book it is described as a secret place underground in central   London. The entrance is through a red phone booth with a broken telephone.  After dialing 62442 a pleasant voice will be heard by a Ministry employee and after entering the name and reason of the visit, the booth turns into an elevator and you get   to the Atrium. The largest department of the Ministry is the Wizard´s Law Enforcement Division, which is supported by other 6 sub departments – except for the so called Department of Mysteries. The second largest department is the Department for the Regulation and Control of Magical Creatures. Owls have been used to communicate between departments, but that was rather dirty so they replaced it with a system of inter-department instant messaging (flying paper planes) [1]. Still asking how this is like Compliance Department?

Compliance Department (whether created with several sections or departments or whether all of its functions are on shoulders of one Compliance manager) is perceived on general level as a department in the company whose functions are often only formal, vaguely defined.  Where competencies and powers are clearly defined, they usually affect the competencies and powers of other departments without clearly stipulating the scope and nature of authority of each department involved.  

In the corporate structure (sophisticated structures of corporations, often crossing borders of one country),  Compliance has  5 basic and core sub-departments – Internal Audit, Policy Creation Group, Policy Enforcement Group, Regulatory Reporting Group (financial or regulatory) and Risk Management and its subdivisions.

In our legal environment, we see mainly Compliance departments which are more of a nature of the Mystery Department. If the Compliance Department is not formally established (i.e. there is no formally defined function/unit, because these already exist in Slovakia), the scope of its competencies and responsibilities is fragmented and divided between various existing departments. It is often the case, that people having in their competencies securing “compliance” either do not know or suspect that they are the Compliance Officer.  In short, they work for the Mystery Department, often they do not know about it and their powers and competencies are hidden under the name of another department. Sometimes it makes sense. Mostly however it is the case that the respective company has not yet implemented its organizational structure into a modern and effective form of management.

Transforming the Mystery Department into a Compliance Department is not difficult, but requires the time and space to think about management structure of the Company, and that may not be that easy.

Further to that, Compliance has a number of unreadable levels. On one hand, the Compliance Officer must be an inspector, supervisor or investigator (Business Compliance by any means), on the other hand,  should give the lead in ethics and morals, enforcing strategies of „one team“, „ethical and moral principles“ and take the lead by being open, trustworthy, having  integrity , and courage (Ethical Compliance).  Can this be combined? One day you are investigating, the other day you praise.  What is then the credibility of this position within the company? To remain (long term) in the position of Dolores Umbridge, 1st undersecretary to the Minister of Magic, whose favorite color is sweet pink and loves small kittens and who at the same time establishes an inquisition team with the power to control and to terminate (temporarily or permanently) employment of any Rockfort professor, having a pink ribbon in her head, this is impossible, maybe a miracle. And this is changing in the world. Setting up a new organizational structure is not impossible, but must be very well planned and the implementation must not be forceful. With increasing level of sanctions which may be imposed by the public authorities (based on turnover criterion), it is essential that compliance with legal regulation is enforced and establishment of compliance department is more than theoretically justified.

The Mystery Department may be created by a company knowingly or unknowingly. Provided a company wishes to transform the Mystery Department into a Compliance Department it has to answer the following basic questions:


  • Has the company adopted a Code of Ethics or a similar document which stipulates the basic principles of company´s operation and this Code is regularly evaluated and updated via a predetermined process?
  • Does the Company have a dedicated Compliance function directly identified in its organizational chart? If so, does the position in the structure correspond to the position in the structure of responsibilities, competencies and powers which the company associates with Compliance manager position?
  • Is there a process within the Company which ensures that principal regulatory and legislative requirements are cumulated at one department regardless of their specification (e.g. new GDPR legislation require obligations to be met at HR and IT and other – is the information from those departments centralized at a central level by some position and if yes, who is responsible for that? And has that person/department at central level the right to establish a process/mechanism, issue internal directive in order to ensure compliance at all levels?)
  • Is there a supervision/audit plan to monitor the compliance with internal obligations at central level which is regularly evaluated and amended based on suggestions from individual departments? Are these checks made in reality?
  • Is there a plan for regular revisions of processes to reflect results from the audits/controls/supervisions at corporate level?

There might be  more questions, but if you answer „no“ to any of the above questions or your answer is somehow blurry, not clearly defined or you cannot imagine precisely the process you should follow or know, it is very probable that you work or have a Department of Mystery (or maybe event whole Ministry of Magic) in your organization. And it is irrelevant whether you have the position of Compliance defined in the structure or not. It is even possible that you have no Compliance department defined clearly, but its position and roles are set. In every case your structure is then unreadable and therefore mysterious. Whether you decide to continue as is or you decide to change the system, it is up to you. However, no management style works as efficiently as it should, if it contains known unknown or even unknown unknowns. That´s a fact.

JUDr. Lucie Schweizer
Lucie deals with Compliance on long term basis,  in the beginning „under cover“ of Corporate Governance, later on  under the form of recognized  Corporate Designs and Strategies.  When asked why she is dealing with this issue, she replied: „I enjoy contributing to business environment cultivation, Compliance is one of the ways how to do it. “

[1] https://sk.wikipedia.org/wiki/Ministerstvo_m%C3%A1gie