CoReL: Policy-Based and Model-Driven Regulatory Compliance Management

Regulatory compliance management is now widely recognized as one of the main challenges still to be efficiently dealt with in information systems. In the discipline of business process management in particular, compliance is considered as an important driver of the efficiency, reliability and market value of companies. It consists of ensuring that enterprise systems behave according to some guidance provided in the form of regulations. This paper gives a definition of the research problem of regulatory compliance. We show why we expect a formal policy-based and model-driven approach to provide significant advantages in allowing enterprises to flexibly manage decision-making related to regulatory compliance. For this purpose, we contribute CoReL, a domain-specific modeling language for representing compliance requirements that has a graphical concrete syntax. Informal semantics of CoReL are introduced and its use is illustrated on an example. CoReL allows to leverage business process compliance modeling and checking, enhancing it with regard to, among other dimensions, user-friendliness, genericity, and traceability.