From Legislation to Potential Compliance Violations in Business Processes - Simplicity Matters

Höhenberger Steffen, Riehle Dennis M, Delfmann Patrick

Abstract

The compliance of businesses is a highly relevant topic for companies of all sectors. Compliance comprises all necessities for obeying legal regulations as well as mandatory norms, and violations can entail painful penalties. Since nearly all companies base their daily business on the execution of business processes (consciously or unconsciously), these business processes also have to be compliant. Hence, as part of business process management, business process compliance becomes increasingly important for companies. However, the checking of business processes for their compliance is - against the backdrop of many existing business processes and incessantly changing regulations - not an easy task. Several research approaches have been developed for supporting compliance checking. A common way is to examine the models of the business processes automatically to detect compliance violations with predefined patterns that represent possible violations. Unfortunately, only the fewest approaches are actually applied by companies due to high technical restrictions or difficult handling. The presented graph-theoretic approach strives to overcome this with a high level of simplicity and the applicability to real-world process models. For that, a real legislative passage is gradually transformed into an automatically searchable compliance pattern and applied to real process models.