Abstract
Organizations, be it public or private, have to ensure that their operations are complying with various governmental regulations, otherwise they may suffer from law suits and financial losses, or they may even not be allowed to operate (e.g., in case of repeated violations). Therefore, organizations need to have a clear understanding of all the relevant regulations and verify that their business processes are designed and performed in a desired way. However, regulations can be fairly complex in terms of the conditions, targets, and scopes they refer to. Moreover, when considering a set of regulations, the possibility of interrelationships between them brings added complexity to compliance checking. Thus, ensuring regulatory compliance is not only labor and time consuming but also complex. In this paper, we propose a consistency and compliance checker framework (CCCF) that considers sets of interrelated regulations and aims at providing automated supports for organizations to analyze and verify their regulatory compliance. More specifically, CCCF takes legal regulations and business processes as inputs and provides the results of whether the regulations are consistent, whether the business processes are compliant with the regulations, and which business operations need to be adjusted in case of non-compliance. To validate our approach, we use a case study of customs declaration in international trade .
Similar content being viewed by others
Notes
The AEO is a European-wide customs initiative that aims to secure the supply chain while at the same time reducing the administrative burden for actors through the use of self-regulation.
References
Allweyer T (2010) BPMN 2.0: introduction to the standard for business process modeling. Books on Demand GmbH, Norderstedt
Andrighetto G, Governatori G, Noriega P, van der Torre L (2012) Normative multi-agent systems. Schloss Dagstuhl, Wadern
Awad A, Goré R, Hou Z, Thomson J, Weidlich M (2012) An iterative approach to synthesize business process templates from compliance rules. Inf Syst 37(8):714–736
Binder Dijker Otte Co (2011) The consequences of non-compliance in global business. Tech Rep, Binder Dijker Otte & Co, United Kingdom
Boella G, Janssen M, Hulstijn J, Humphreys L, van der Torre L (2013) Managing legal interpretation in regulatory compliance. In: International conference on artificial intelligence and law, pp 23–32
D’prile D, Giordano L, Gliozzi V, Martelli A, Pozzato GL, Dupré DT (2010) Verifying business process compliance by reasoning about actions. In: International workshop on computational logic in multi-agent systems XI, pp 99–116
EI Kharbili M, Alves de Medeiros AK, Stein S, van der Aalst WMP (2008) Business process compliance checking: current state and future challenges. In: Modellierung Betrieblicher Informationssysteme, pp 107–113
European Commission (2013a) Authorised economic operator. http://ec.europa.eu/taxation_customs/customs/policy_issues/customs_security/aeo/
European Commission (2013b) The community customs code, implementing provisions and guidelines. http://ec.europa.eu/taxation_customs/customs/procedural_aspects/general/community_code/
European Commission (2013c) Customs declaration. http://ec.europa.eu/taxation_customs/customs/procedural_aspects/general/declaration/index_en.htm
Governatori G, Milosevic Z (2006) A formal analysis of a business contract language. Int J Coop Inf Syst 15(4):659–685
Governatori G, Rotolo A (2010) Norm compliance in business process modeling. In: The 4th international web rule symposium, pp 194–209
Jensen K (1997) Coloured petri nets: basic concepts, analysis methods and practical uses. Springer, Berlin
Jensen K, Kristensen LM, Wells L (2007) Coloured petri nets and cpn tools for modelling and validation of concurrent systems. Int J Softw Tools Technol Transf 9(3-4):213–254
Jiang J, Aldewereld H, Dignum V, Tan YH (2013a) Norm contextualization. In: Coordination, organizations, institutions, and norms in agent systems VIII, pp 141–157
Jiang J, Dignum V, Aldwereld H, Dignum F, Tan YH (2013b) Norm compliance checking. In: International conference on autonomous agents and multiagent systems, pp 1121–1122
Keller G, Nüttgens M, Scheer AW (1992) Semantische Prozeßmodellierung auf der Grundlage Ereignisgesteuerter Prozeßketten (EPK). Tech. rep., Universität des Saarlandes, Germany
Lau GT (2004) A comparative analysis framework for semi-structured documents, with applications to government regulations. PhD thesis
Lohmann N (2013) Compliance by design for artifact-centric business processes. Inf Syst 38(4):606–618
Meyer J-JCh, Wieringa R (eds) (1993) Deontic logic in computer science: normative system specification. Wiley, London
Mohamed EKA, Lashine SH (2003) Accounting knowledge and skills and the challenges of a global business environment. Manag Fin 29(7):3–16
Ramezani E, Fahland D, van der Aalst WMP (2012) Where did I misbehave? diagnostic information in compliance checking. In: International conference on business process management, pp 262–278
Sadiq SW, Governatori G, Namiri K (2007) Modeling control objectives for business process compliance. In: International conference on business process management, pp 149–164
van der Aalst WMP (2011) Process mining: discovery, conformance and enhancement of business processes. Springer, Berlin
van der Aalst WMP, ter Hostede AHM (2004) YAWL: yet another workflow language. Inf Syst 30(4):245–275
van der Aalst WMP, van Hee KM, van der Werf JM, Kumar A, Verdonk M (2011) Conceptual model for online auditing. Decis Support Syst 50(3):636–647
van der Aalst WMP, Adriansyah A, van Dongen BF (2012) Replaying history on process models for conformance checking and performance analysis. Data Min Knowl Discov 2(2):182–192
Weske M (2007) Business process management: concepts, languages, architecture. Springer, Berlin
zur Muehlen M, Indulska M, Kamp G (2007) Business process and business rule modeling languages for compliance management: a representational analysis. In: International conference on conceptual modeling, pp 127–132
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Jiang, J., Aldewereld, H., Dignum, V. et al. Regulatory compliance of business processes. AI & Soc 30, 393–402 (2015). https://doi.org/10.1007/s00146-014-0536-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00146-014-0536-9