Abstract
Compliance to regulations is a critical problem for enterprises. Increasing regulation and need for reduced time-to-market has led enterprises to look to technology to scale and automate their compliance efforts. Automated compliance checking approaches proposed in research need human experts to formally encode rules, as well as to extract the relevant data from enterprise data stores. We present a model-driven architecture (MDA) and method to semi-automate generation of formal rules and extraction of relevant data for compliance checking, based on OMG’s MDA methodology. We demonstrate how building a fact-oriented model of the regulation is central to both relating it to the enterprise as well as deriving formal specification of rules. We illustrate our approach using a real-life case study of the MiFID-2 financial regulation.
Notes
- 1.
Top Ten Problems Faced by Business, http://www.bmgi.com/resources/articles/top-ten-problems-faced-business.
- 2.
MetricStream, http://www.metricstream.com/.
- 3.
OpenCalais, http://www.opencalais.com/.
- 4.
Stanford Encyclopedia of Philosophy: Model theory, http://plato.stanford.edu/entries/model-theory/.
- 5.
Model Driven Architecture - A Technical Perspective, http://www.omg.org/cgi-bin/doc?ormsc/2001-07-01.
- 6.
Model Driven Architecture - A Technical Perspective, http://www.omg.org/cgi-bin/doc?ormsc/2001-07-01.
- 7.
Meta Object Facility (MOF) 2.0 Query/View/Transformation Specification, http://www.omg.org/spec/QVT/1.2/.
- 8.
Production Rule Representation, http://www.omg.org/spec/PRR/.
- 9.
Semantics of Business Vocabulary and Business Rules: Annex A: SBVR Structured English, http://www.omg.org/spec/SBVR/1.2/.
- 10.
Semantics of Business Vocabulary and Business Rules, http://www.omg.org/spec/SBVR/1.2/.
- 11.
IBM Eclipse Modeling Framework, http://www.eclipse.org/modeling/emf/.
- 12.
Semantics of Business Vocabulary and Business Rules: Annex A: SBVR Structured English, http://www.omg.org/spec/SBVR/1.2/.
- 13.
References
Thomson Reuters: State of regulatory reform 2016 - a special report (2016)
Governatori, G., Rotolo, A.: A conceptually rich model of business process compliance. In: APCCM 2010, pp. 3–12 (2010)
Awad, A., Weidlich, M., Weske, M.: Consistency checking of compliance rules. In: Abramowicz, W., Tolksdorf, R. (eds.) BIS 2010. LNBIP, vol. 47, pp. 106–118. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12814-1_10
El Kharbili, M., de Medeiros, A.K.A., Stein, S., van der Aalst, W.M.P.: Business process compliance checking: current state and future challenges. In: Loos, P., Nuttgens, M., Turowski, K., Werth, D. (eds.) MobIS. LNI, vol. 141, pp. 107–113 (2008)
Governatori, G., Hoffmann, J., Sadiq, S., Weber, I.: Detecting regulatory compliance for business process models through semantic annotations. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM 2008. LNBIP, vol. 17, pp. 5–17. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00328-8_2
Governatori, G.: Representing business contracts in RuleML. Int. J. Cooper. Inf. Syst. 14(2–3), 181–216 (2005)
Governatori, G., Rotolo, A.: A conceptually rich model of business process compliance. In: APCCM 2010, pp. 3–12 (2013)
Dimaresis, N.: A system for modal and deontic defeasible reasoning. Int. J. Cooper. Inf. Syst. 14(2–3), 181–216 (2007)
Kholkar, D., Sunkle, S., Kulkarni, V.: From natural-language regulations to enterprise data using knowledge representation and model transformations. In: Proceedings of the 11th International Joint Conference on Software Technologies (ICSOFT 2016), vol. 2: ICSOFT-PT, Lisbon, Portugal, 24–26 July, pp. 60–71 (2016)
English, S., Hammond, S.: Cost of Compliance 2014. Thomson Reuters Accelus, London (2014)
Kleppe, A., Warmer, J., Bast, W.: MDA Explained - The Model Driven Architecture: Practice and Promise. Addison Wesley Object Technology Series. Addison-Wesley, Boston (2003)
Kulkarni, V., Reddy, S.: Separation of concerns in model-driven development. IEEE Softw. 20(5), 64–69 (2003)
Brachman, R.J., Levesque, H.J.: Knowledge Representation and Reasoning. Elsevier, Amsterdam (2004)
Smith, B.C.: Reflection and Semantics in a Procedural Language. Massachusetts Institute of Technology, Cambridge (1982)
Nijssen, G.: SBVR: semantics for business. Bus. Rules J. 8(10) (2007). http://www.brcommunity.com/a2007/b367.html
Halpin, T.: Fact oriented modeling - past, present and future. In: Krogstie, J., Opdahl, A.L., Brinkkemper, S. (eds.) Conceptual Modelling in Information Systems Engineering, pp. 19–38. Springer, Heidelberg (2007). doi:10.1007/978-3-540-72677-7_2
Alhir, S.S.: Understanding the model driven architecture. Methods and tools (2003). http://www.methodsandtools.com/archive/archive.php?id=5
Reddy, S.: A model driven approach to enterprise data integration. In: COMAD 2010, p. 202 (2010)
Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007). doi:10.1007/978-3-540-75183-0_12
Awad, A., Smirnov, S., Weske, M.: Resolution of compliance violation in business process models: a planning-based approach. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2009. LNCS, vol. 5870, pp. 6–23. Springer, Heidelberg (2009). doi:10.1007/978-3-642-05148-7_4
Liu, Y., Müller, S., Xu, K.: A static compliance-checking framework for business process models. IBM Syst. J. 46(2), 335–362 (2007)
Sunkle, S., Kholkar, D., Kulkarni, V.: Solving semantic disparity and explanation problems in regulatory compliance - a research-in-progress report with design science research perspective. In: Gaaloul, K., Schmidt, R., Nurcan, S., Guerreiro, S., Ma, Q. (eds.) CAISE 2015. LNBIP, vol. 214, pp. 326–341. Springer, Cham (2015). doi:10.1007/978-3-319-19237-6_21
Sunkle, S., Kholkar, D., Kulkarni, V.: Toward better mapping between regulations and operations of enterprises using vocabularies and semantic similarity. CSIMQ 5, 39–60 (2015)
Sunkle, S., Kholkar, D., Kulkarni, V.: Explanation of proofs of regulatory (non-)compliance using semantic vocabularies. In: Bassiliades, N., Gottlob, G., Sadri, F., Paschke, A., Roman, D. (eds.) RuleML 2015. LNCS, vol. 9202, pp. 388–403. Springer, Cham (2015). doi:10.1007/978-3-319-21542-6_25
Sunkle, S., Kholkar, D., Kulkarni, V.: Model-driven regulatory compliance: a case study of know your customer regulations. In: MoDELS 2015, pp. 436–445 (2015)
Sunkle, S., Kholkar, D., Kulkarni, V.: Toward (semi-)automated end-to-end model-driven compliance framework. In: ModSym+SAAAS@ISEC 2016, pp. 33–38 (2016)
Breaux, T.D., Anton, A.I., Spafford, E.H.: A distributed requirements management framework for legal compliance and accountability. Comput. Secur. 28(1–2), 8–17 (2009)
Ingolfo, S., Siena, A., Susi, A., Perini, A., Mylopoulos, J.: Modeling laws with Nomos 2. In: Sixth International Workshop on Requirements Engineering and Law (RELAW), pp. 69–71, 16 July 2013
Ingolfo, S., Jureta, I., Siena, A., Perini, A., Susi, A.: Nòmos 3: legal compliance of roles and requirements. In: Yu, E., Dobbie, G., Jarke, M., Purao, S. (eds.) ER 2014. LNCS, vol. 8824, pp. 275–288. Springer, Cham (2014). doi:10.1007/978-3-319-12206-9_22
El Kharbili, M., Stein, S., Markovic, I., Pulvermüller, E.: Towards a framework for semantic business process compliance management. The impact of governance, risk, and compliance on information systems (GRCIS). CEUR Workshop Proceedings, Montpellier, France, 17 June 2008, vol. 339, pp. 1–15 (2008)
El Kharbili, M.: Business process regulatory compliance management solution frameworks: a comparative evaluation. In: Ghose, A., Ferrarotti, F. (eds.) Asia-Pacific Conference on Conceptual Modelling (APCCM 2012), CRPIT, Melbourne, Australia, vol. 130, pp. 23–32. ACS (2012)
Becker, J., Delfmann, P., Eggert, M., Schwittay, S.: Generalizability and applicability of model-based business process compliance-checking approaches - a state-of-the-art analysis and research roadmap. BuR Bus. Res. J. 5(2), 221–247 (2012)
Bajwa, I.S., Lee, M.G., Bordbar, B.: SBVR business rules generation from natural language specification. In: AAAI Spring Symposium: AI for Business Agility, pp. 2–8. AIII (2011)
Lévy, F., Nazarenko, A.: Formalization of natural language regulations through SBVR structured English. In: Morgenstern, L., Stefaneas, P., Lévy, F., Wyner, A., Paschke, A. (eds.) RuleML 2013. LNCS, vol. 8035, pp. 19–33. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39617-5_5
Njonko, P.B.F., El Abed, W.: From natural language business requirements to executable models via SBVR. In: 2012 International Conference on Systems and Informatics (ICSAI). IEEE (2012)
Abi-Lahoud, E., Butler, T., Chapin, D., Hall, J.: Interpreting regulations with SBVR. In: Fodor, P., Roman, D., Anicic, D., Wyner, A., Palmirani, M., Sottara, D., Lévy, F. (eds.) Joint Proceedings of the 7th International Rule Challenge, The Special Track on Human Language Technology and the 3rd RuleML Doctoral Consortium, Seattle, USA, 11–13 July 2013. CEUR Workshop Proceedings, vol. 1004 (2013). CEUR-WS.org
Johnsen, A.S., Berre, A.J.R.: A bridge between legislator and technologist - formalization in SBVR for improved quality and understanding of legal rules. In: International Workshop on Business Models, Business Rules and Ontologies, Bressanone, Brixen, Italy (2010)
Kamada, A., Governatori, G., Sadiq, S.: Transformation of SBVR compliant business rules to executable FCL rules. In: Dean, M., Hall, J., Rotolo, A., Tabet, S. (eds.) RuleML 2010. LNCS, vol. 6403, pp. 153–161. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16289-3_14
Diouf, M., Maabout, S., Musumbu, K.: Merging model driven architecture and semantic web for business rules generation. In: Proceedings of the First International Conference on Web Reasoning and Rule Systems, Innsbruck, Austria, 7–8 June 2007, pp. 118–132 (2007)
Bauer, E.: The Business Rules Approach (2009). http://is.uni-paderborn.de/fileadmin/Informatik/AG-Engels/Lehre/WS0809/SE/Sonstiges/Seminar/Version1.0/Seminar.NAQ.Eduard.Bauer.v1.0.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kholkar, D., Sunkle, S., Kulkarni, V. (2017). Applying MDA to Rule and Data Generation for Compliance Checking. In: Cabello, E., Cardoso, J., Ludwig, A., Maciaszek, L., van Sinderen, M. (eds) Software Technologies. ICSOFT 2016. Communications in Computer and Information Science, vol 743. Springer, Cham. https://doi.org/10.1007/978-3-319-62569-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-62569-0_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-62568-3
Online ISBN: 978-3-319-62569-0
eBook Packages: Computer ScienceComputer Science (R0)