Advertisement

Applying MDA to Rule and Data Generation for Compliance Checking

  • Deepali KholkarEmail author
  • Sagar Sunkle
  • Vinay Kulkarni
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 743)

Abstract

Compliance to regulations is a critical problem for enterprises. Increasing regulation and need for reduced time-to-market has led enterprises to look to technology to scale and automate their compliance efforts. Automated compliance checking approaches proposed in research need human experts to formally encode rules, as well as to extract the relevant data from enterprise data stores. We present a model-driven architecture (MDA) and method to semi-automate generation of formal rules and extraction of relevant data for compliance checking, based on OMG’s MDA methodology. We demonstrate how building a fact-oriented model of the regulation is central to both relating it to the enterprise as well as deriving formal specification of rules. We illustrate our approach using a real-life case study of the MiFID-2 financial regulation.

Keywords

Model-driven engineering Model-Driven Architecture (MDA) Regulatory compliance Rule base Rule languages Production rule systems Formal logic SBVR CIM PIM PSM Data integration 

References

  1. 1.
    Thomson Reuters: State of regulatory reform 2016 - a special report (2016)Google Scholar
  2. 2.
    Governatori, G., Rotolo, A.: A conceptually rich model of business process compliance. In: APCCM 2010, pp. 3–12 (2010)Google Scholar
  3. 3.
    Awad, A., Weidlich, M., Weske, M.: Consistency checking of compliance rules. In: Abramowicz, W., Tolksdorf, R. (eds.) BIS 2010. LNBIP, vol. 47, pp. 106–118. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-12814-1_10CrossRefGoogle Scholar
  4. 4.
    El Kharbili, M., de Medeiros, A.K.A., Stein, S., van der Aalst, W.M.P.: Business process compliance checking: current state and future challenges. In: Loos, P., Nuttgens, M., Turowski, K., Werth, D. (eds.) MobIS. LNI, vol. 141, pp. 107–113 (2008)Google Scholar
  5. 5.
    Governatori, G., Hoffmann, J., Sadiq, S., Weber, I.: Detecting regulatory compliance for business process models through semantic annotations. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM 2008. LNBIP, vol. 17, pp. 5–17. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00328-8_2CrossRefGoogle Scholar
  6. 6.
    Governatori, G.: Representing business contracts in RuleML. Int. J. Cooper. Inf. Syst. 14(2–3), 181–216 (2005)CrossRefGoogle Scholar
  7. 7.
    Governatori, G., Rotolo, A.: A conceptually rich model of business process compliance. In: APCCM 2010, pp. 3–12 (2013)Google Scholar
  8. 8.
    Dimaresis, N.: A system for modal and deontic defeasible reasoning. Int. J. Cooper. Inf. Syst. 14(2–3), 181–216 (2007)Google Scholar
  9. 9.
    Kholkar, D., Sunkle, S., Kulkarni, V.: From natural-language regulations to enterprise data using knowledge representation and model transformations. In: Proceedings of the 11th International Joint Conference on Software Technologies (ICSOFT 2016), vol. 2: ICSOFT-PT, Lisbon, Portugal, 24–26 July, pp. 60–71 (2016)Google Scholar
  10. 10.
    English, S., Hammond, S.: Cost of Compliance 2014. Thomson Reuters Accelus, London (2014)Google Scholar
  11. 11.
    Kleppe, A., Warmer, J., Bast, W.: MDA Explained - The Model Driven Architecture: Practice and Promise. Addison Wesley Object Technology Series. Addison-Wesley, Boston (2003)Google Scholar
  12. 12.
    Kulkarni, V., Reddy, S.: Separation of concerns in model-driven development. IEEE Softw. 20(5), 64–69 (2003)CrossRefGoogle Scholar
  13. 13.
    Brachman, R.J., Levesque, H.J.: Knowledge Representation and Reasoning. Elsevier, Amsterdam (2004)zbMATHGoogle Scholar
  14. 14.
    Smith, B.C.: Reflection and Semantics in a Procedural Language. Massachusetts Institute of Technology, Cambridge (1982)Google Scholar
  15. 15.
    Nijssen, G.: SBVR: semantics for business. Bus. Rules J. 8(10) (2007). http://www.brcommunity.com/a2007/b367.html
  16. 16.
    Halpin, T.: Fact oriented modeling - past, present and future. In: Krogstie, J., Opdahl, A.L., Brinkkemper, S. (eds.) Conceptual Modelling in Information Systems Engineering, pp. 19–38. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-72677-7_2CrossRefGoogle Scholar
  17. 17.
    Alhir, S.S.: Understanding the model driven architecture. Methods and tools (2003). http://www.methodsandtools.com/archive/archive.php?id=5
  18. 18.
    Reddy, S.: A model driven approach to enterprise data integration. In: COMAD 2010, p. 202 (2010)Google Scholar
  19. 19.
    Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-75183-0_12CrossRefGoogle Scholar
  20. 20.
    Awad, A., Smirnov, S., Weske, M.: Resolution of compliance violation in business process models: a planning-based approach. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2009. LNCS, vol. 5870, pp. 6–23. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-05148-7_4CrossRefGoogle Scholar
  21. 21.
    Liu, Y., Müller, S., Xu, K.: A static compliance-checking framework for business process models. IBM Syst. J. 46(2), 335–362 (2007)CrossRefGoogle Scholar
  22. 22.
    Sunkle, S., Kholkar, D., Kulkarni, V.: Solving semantic disparity and explanation problems in regulatory compliance - a research-in-progress report with design science research perspective. In: Gaaloul, K., Schmidt, R., Nurcan, S., Guerreiro, S., Ma, Q. (eds.) CAISE 2015. LNBIP, vol. 214, pp. 326–341. Springer, Cham (2015). doi: 10.1007/978-3-319-19237-6_21CrossRefGoogle Scholar
  23. 23.
    Sunkle, S., Kholkar, D., Kulkarni, V.: Toward better mapping between regulations and operations of enterprises using vocabularies and semantic similarity. CSIMQ 5, 39–60 (2015)Google Scholar
  24. 24.
    Sunkle, S., Kholkar, D., Kulkarni, V.: Explanation of proofs of regulatory (non-)compliance using semantic vocabularies. In: Bassiliades, N., Gottlob, G., Sadri, F., Paschke, A., Roman, D. (eds.) RuleML 2015. LNCS, vol. 9202, pp. 388–403. Springer, Cham (2015). doi: 10.1007/978-3-319-21542-6_25CrossRefGoogle Scholar
  25. 25.
    Sunkle, S., Kholkar, D., Kulkarni, V.: Model-driven regulatory compliance: a case study of know your customer regulations. In: MoDELS 2015, pp. 436–445 (2015)Google Scholar
  26. 26.
    Sunkle, S., Kholkar, D., Kulkarni, V.: Toward (semi-)automated end-to-end model-driven compliance framework. In: ModSym+SAAAS@ISEC 2016, pp. 33–38 (2016)Google Scholar
  27. 27.
    Breaux, T.D., Anton, A.I., Spafford, E.H.: A distributed requirements management framework for legal compliance and accountability. Comput. Secur. 28(1–2), 8–17 (2009)CrossRefGoogle Scholar
  28. 28.
    Ingolfo, S., Siena, A., Susi, A., Perini, A., Mylopoulos, J.: Modeling laws with Nomos 2. In: Sixth International Workshop on Requirements Engineering and Law (RELAW), pp. 69–71, 16 July 2013Google Scholar
  29. 29.
    Ingolfo, S., Jureta, I., Siena, A., Perini, A., Susi, A.: Nòmos 3: legal compliance of roles and requirements. In: Yu, E., Dobbie, G., Jarke, M., Purao, S. (eds.) ER 2014. LNCS, vol. 8824, pp. 275–288. Springer, Cham (2014). doi: 10.1007/978-3-319-12206-9_22CrossRefGoogle Scholar
  30. 30.
    El Kharbili, M., Stein, S., Markovic, I., Pulvermüller, E.: Towards a framework for semantic business process compliance management. The impact of governance, risk, and compliance on information systems (GRCIS). CEUR Workshop Proceedings, Montpellier, France, 17 June 2008, vol. 339, pp. 1–15 (2008)Google Scholar
  31. 31.
    El Kharbili, M.: Business process regulatory compliance management solution frameworks: a comparative evaluation. In: Ghose, A., Ferrarotti, F. (eds.) Asia-Pacific Conference on Conceptual Modelling (APCCM 2012), CRPIT, Melbourne, Australia, vol. 130, pp. 23–32. ACS (2012)Google Scholar
  32. 32.
    Becker, J., Delfmann, P., Eggert, M., Schwittay, S.: Generalizability and applicability of model-based business process compliance-checking approaches - a state-of-the-art analysis and research roadmap. BuR Bus. Res. J. 5(2), 221–247 (2012)CrossRefGoogle Scholar
  33. 33.
    Bajwa, I.S., Lee, M.G., Bordbar, B.: SBVR business rules generation from natural language specification. In: AAAI Spring Symposium: AI for Business Agility, pp. 2–8. AIII (2011)Google Scholar
  34. 34.
    Lévy, F., Nazarenko, A.: Formalization of natural language regulations through SBVR structured English. In: Morgenstern, L., Stefaneas, P., Lévy, F., Wyner, A., Paschke, A. (eds.) RuleML 2013. LNCS, vol. 8035, pp. 19–33. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39617-5_5CrossRefGoogle Scholar
  35. 35.
    Njonko, P.B.F., El Abed, W.: From natural language business requirements to executable models via SBVR. In: 2012 International Conference on Systems and Informatics (ICSAI). IEEE (2012)Google Scholar
  36. 36.
    Abi-Lahoud, E., Butler, T., Chapin, D., Hall, J.: Interpreting regulations with SBVR. In: Fodor, P., Roman, D., Anicic, D., Wyner, A., Palmirani, M., Sottara, D., Lévy, F. (eds.) Joint Proceedings of the 7th International Rule Challenge, The Special Track on Human Language Technology and the 3rd RuleML Doctoral Consortium, Seattle, USA, 11–13 July 2013. CEUR Workshop Proceedings, vol. 1004 (2013). CEUR-WS.org
  37. 37.
    Johnsen, A.S., Berre, A.J.R.: A bridge between legislator and technologist - formalization in SBVR for improved quality and understanding of legal rules. In: International Workshop on Business Models, Business Rules and Ontologies, Bressanone, Brixen, Italy (2010)Google Scholar
  38. 38.
    Kamada, A., Governatori, G., Sadiq, S.: Transformation of SBVR compliant business rules to executable FCL rules. In: Dean, M., Hall, J., Rotolo, A., Tabet, S. (eds.) RuleML 2010. LNCS, vol. 6403, pp. 153–161. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-16289-3_14CrossRefGoogle Scholar
  39. 39.
    Diouf, M., Maabout, S., Musumbu, K.: Merging model driven architecture and semantic web for business rules generation. In: Proceedings of the First International Conference on Web Reasoning and Rule Systems, Innsbruck, Austria, 7–8 June 2007, pp. 118–132 (2007)Google Scholar
  40. 40.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Tata Consultancy ServicesPuneIndia

Personalised recommendations