Modern enterprises operate in an unprecedented regulatory environment with the possibility of heavy penalties for non-compliance. Previous research in the field of compliance has established that the manual specification/tagging of the regulations not only fails to ensure their proper coverage but also negatively affects the turnaround time both in proving and maintaining the compliance. The contribution in this chapter is a framework that aids the domain experts in the transformation of regulations present in legal natural language text (English) to a model form via authoring and validation of structured English rules. This generated regulatory model is eventually translated to formal logic that enables formal compliance checking contrary to current industry practice, that provides content management-based, document-driven, and expert-dependent ways of managing regulatory compliance. The authors draw statistics from a real-world case study of money market statistical reporting (MMSR) regulations for a large European bank to demonstrate the benefits of aided authoring and validation.
TopIntroduction
Regulatory compliance is a major concern for modern enterprises. Heavy penalties may be imposed on them due to non-compliance to a battery of regulations. Regulatory compliance therefore has become a top priority for the modern enterprises. To avoid unnecessary penalties and remain compliant with respect to newer regulations, enterprises are increasingly looking towards technologies that may assist them in their overall compliance checking process. The cost of building compliance systems from scratch is both effort intensive and time consuming due to enormous and complex collection of legal/compliance documents (Sunkle et. al, 2015a).
Prevalent solutions to regulatory compliance do not offer intelligent aids through the process of authoring and validating regulations. Typical solutions like the governance, risk, and compliance (GRC) offerings, rely on taxonomies, which are collection of predefined tags that can be affixed to data pertinent to the regulations (Sunkle et. al, 2015b). Taxonomy tagging tools used separately or from within the GRC frameworks, enables auto-population of, and in some cases, user definition of taxonomies (Racz et al., 2011). However, GRC based offerings do not support either validation or formal compliance checking of regulatory rules. Towards the other end of the spectrum, academic solutions to the compliance problem rely on using a formal specification of the regulatory rules (Becker et al., 2012). Such formal representation and subsequent checking of legal rules offers significant merit over existing GRC based frameworks in which compliance checking is manual (Roychoudhury et. al, 2017). Instead, we approach automated regulatory compliance checking with a focus on using targeted processing of legal texts to aid rule authoring in formal languages that would make both validation and checking possible.
We think that a high-level representation of regulatory rules in a domain-specific language is more suitable for adoption by domain experts (Roychoudhury et. al, 2017), since formal languages may present steep learning curve for the legal or domain experts. The high-level controlled natural language (CNL) acts as an abstraction layer on top of the formal specifications to hide the underlying complexities and provide a business friendly English like notation to express regulations. This language is adapted from Structured English (SE) compliant to OMG’s Semantic of Business Vocabulary and Rules (SBVR)1. To help domain experts in authoring regulatory rules using our CNL seamlessly, we provide a machine-learning / natural-language processing (ML-NLP) based front-end engine that aids in constructing what we refer to as a domain model and dictionary (i.e., core concepts, relations, and mentions) from the regulatory text (Sunkle et al., 2016). We use the domain model and the dictionary to provide suggestions to domain experts in their authoring process.
Figure 1 motivates the above hypothesis and describes our end-to-end semi-automated compliance framework that has specific human touchpoints (i.e., manual intervention) (M) with tool support (T). Using machine-learning / distributional semantics techniques, a domain model (refer to number 1 in Figure 1) is first obtained by processing the given text with active participation by the domain expert (Sunkle et al., 2016). The domain model primarily captures the key concepts, relations and their mentions (i.e., ontology) in the given domain and serves as a core artefact for model authoring. For model authoring, the domain expert expresses the desired regulations in a controlled natural language (refer to number 2 in Figure 1) using the domain model / dictionary and rule suggestions originating from the ML-NLP engine (Roychoudhury et al., 2018). In our case, this language was built from scratch using the XText language engineering workbench2 and adapted from OMG’s SBVR Structured English (SE) specification. Once regulatory rules are authored in SE, a model of the regulation in SBVR is automatically generated (refer tonumber 3 in Figure 1). This model can be used as an intermediate representation for translating to low-level logical specifications (e.g., DROOLs, refer to number 4 in Figure 1) (Roychoudhury et al., 2018).