AI & SOCIETY

, Volume 30, Issue 3, pp 393–402 | Cite as

Regulatory compliance of business processes

  • Jie Jiang
  • Huib Aldewereld
  • Virginia Dignum
  • Shuzheng Wang
  • Ziv Baida
Original Article

Abstract

Organizations, be it public or private, have to ensure that their operations are complying with various governmental regulations, otherwise they may suffer from law suits and financial losses, or they may even not be allowed to operate (e.g., in case of repeated violations). Therefore, organizations need to have a clear understanding of all the relevant regulations and verify that their business processes are designed and performed in a desired way. However, regulations can be fairly complex in terms of the conditions, targets, and scopes they refer to. Moreover, when considering a set of regulations, the possibility of interrelationships between them brings added complexity to compliance checking. Thus, ensuring regulatory compliance is not only labor and time consuming but also complex. In this paper, we propose a consistency and compliance checker framework (CCCF) that considers sets of interrelated regulations and aims at providing automated supports for organizations to analyze and verify their regulatory compliance. More specifically, CCCF takes legal regulations and business processes as inputs and provides the results of whether the regulations are consistent, whether the business processes are compliant with the regulations, and which business operations need to be adjusted in case of non-compliance. To validate our approach, we use a case study of customs declaration in international trade .

Keywords

Regulatory compliance Business processes Normative structure 

References

  1. Allweyer T (2010) BPMN 2.0: introduction to the standard for business process modeling. Books on Demand GmbH, NorderstedtGoogle Scholar
  2. Andrighetto G, Governatori G, Noriega P, van der Torre L (2012) Normative multi-agent systems. Schloss Dagstuhl, WadernGoogle Scholar
  3. Awad A, Goré R, Hou Z, Thomson J, Weidlich M (2012) An iterative approach to synthesize business process templates from compliance rules. Inf Syst 37(8):714–736CrossRefGoogle Scholar
  4. Binder Dijker Otte Co (2011) The consequences of non-compliance in global business. Tech Rep, Binder Dijker Otte & Co, United KingdomGoogle Scholar
  5. Boella G, Janssen M, Hulstijn J, Humphreys L, van der Torre L (2013) Managing legal interpretation in regulatory compliance. In: International conference on artificial intelligence and law, pp 23–32Google Scholar
  6. D’prile D, Giordano L, Gliozzi V, Martelli A, Pozzato GL, Dupré DT (2010) Verifying business process compliance by reasoning about actions. In: International workshop on computational logic in multi-agent systems XI, pp 99–116Google Scholar
  7. EI Kharbili M, Alves de Medeiros AK, Stein S, van der Aalst WMP (2008) Business process compliance checking: current state and future challenges. In: Modellierung Betrieblicher Informationssysteme, pp 107–113Google Scholar
  8. European Commission (2013a) Authorised economic operator. http://ec.europa.eu/taxation_customs/customs/policy_issues/customs_security/aeo/
  9. European Commission (2013b) The community customs code, implementing provisions and guidelines. http://ec.europa.eu/taxation_customs/customs/procedural_aspects/general/community_code/
  10. Governatori G, Milosevic Z (2006) A formal analysis of a business contract language. Int J Coop Inf Syst 15(4):659–685CrossRefGoogle Scholar
  11. Governatori G, Rotolo A (2010) Norm compliance in business process modeling. In: The 4th international web rule symposium, pp 194–209Google Scholar
  12. Jensen K (1997) Coloured petri nets: basic concepts, analysis methods and practical uses. Springer, BerlinCrossRefGoogle Scholar
  13. Jensen K, Kristensen LM, Wells L (2007) Coloured petri nets and cpn tools for modelling and validation of concurrent systems. Int J Softw Tools Technol Transf 9(3-4):213–254CrossRefGoogle Scholar
  14. Jiang J, Aldewereld H, Dignum V, Tan YH (2013a) Norm contextualization. In: Coordination, organizations, institutions, and norms in agent systems VIII, pp 141–157Google Scholar
  15. Jiang J, Dignum V, Aldwereld H, Dignum F, Tan YH (2013b) Norm compliance checking. In: International conference on autonomous agents and multiagent systems, pp 1121–1122Google Scholar
  16. Keller G, Nüttgens M, Scheer AW (1992) Semantische Prozeßmodellierung auf der Grundlage Ereignisgesteuerter Prozeßketten (EPK). Tech. rep., Universität des Saarlandes, GermanyGoogle Scholar
  17. Lau GT (2004) A comparative analysis framework for semi-structured documents, with applications to government regulations. PhD thesisGoogle Scholar
  18. Lohmann N (2013) Compliance by design for artifact-centric business processes. Inf Syst 38(4):606–618CrossRefGoogle Scholar
  19. Meyer J-JCh, Wieringa R (eds) (1993) Deontic logic in computer science: normative system specification. Wiley, LondonGoogle Scholar
  20. Mohamed EKA, Lashine SH (2003) Accounting knowledge and skills and the challenges of a global business environment. Manag Fin 29(7):3–16Google Scholar
  21. Ramezani E, Fahland D, van der Aalst WMP (2012) Where did I misbehave? diagnostic information in compliance checking. In: International conference on business process management, pp 262–278Google Scholar
  22. Sadiq SW, Governatori G, Namiri K (2007) Modeling control objectives for business process compliance. In: International conference on business process management, pp 149–164Google Scholar
  23. van der Aalst WMP (2011) Process mining: discovery, conformance and enhancement of business processes. Springer, BerlinCrossRefGoogle Scholar
  24. van der Aalst WMP, ter Hostede AHM (2004) YAWL: yet another workflow language. Inf Syst 30(4):245–275CrossRefGoogle Scholar
  25. van der Aalst WMP, van Hee KM, van der Werf JM, Kumar A, Verdonk M (2011) Conceptual model for online auditing. Decis Support Syst 50(3):636–647CrossRefGoogle Scholar
  26. van der Aalst WMP, Adriansyah A, van Dongen BF (2012) Replaying history on process models for conformance checking and performance analysis. Data Min Knowl Discov 2(2):182–192CrossRefGoogle Scholar
  27. Weske M (2007) Business process management: concepts, languages, architecture. Springer, BerlinGoogle Scholar
  28. zur Muehlen M, Indulska M, Kamp G (2007) Business process and business rule modeling languages for compliance management: a representational analysis. In: International conference on conceptual modeling, pp 127–132Google Scholar

Copyright information

© Springer-Verlag London 2014

Authors and Affiliations

  • Jie Jiang
    • 1
  • Huib Aldewereld
    • 1
  • Virginia Dignum
    • 1
  • Shuzheng Wang
    • 1
  • Ziv Baida
    • 2
  1. 1.DelftThe Netherlands
  2. 2.IBM Center of Competence for the GovernmentAmsterdamThe Netherlands

Personalised recommendations