Defining a Model for Content Requirements from the Law: an Experience Report

CECI, Marcello; BIANCULLI, Domenico; Briand, Lionel

doi:10.1109/RE59067.2024.00013

Download

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

Defining a Model for Content Requirements from the Law: an Experience Report

CECI, Marcello; BIANCULLI, Domenico; Briand, Lionel

2024 • In Proceedings of the IEEE 32nd International Requirements Engineering Conference (RE)

Peer reviewed

Permalink
https://hdl.handle.net/10993/60775

DOI
10.1109/RE59067.2024.00013

Files (2)Send to Details Statistics Bibliography Similar publications

Files

Full Text

content_model_experience_report_1.pdf

Author postprint (758.58 kB)

Download

Annexes

appendix_marcello_content_model_experience_report.pdf

(1.04 MB)

Download

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

conceptual modeling; legal compliance

Abstract :

[en] This paper reports on the experience of building a content model in collaboration with a national financial supervisory authority, with the goal of automating the compliance checking activity performed by the agents of the supervisory authority on fund documentation. The work is focused on modelling content requirements found in the law, i.e., deontic rules prescribing that some information is contained in an official document. For such requirements, the main modelling effort revolves around the required content and its information types. We therefore designed a process to build a content model, elaborating design criteria for the model which partly depend on the use case encompassing compliance checking. We built the content model through iterative interactions between a knowledge engineer and domain experts designed to ensure that the model is not limited to representing only the letter of the law, but rather represents the relevant distinctions in the practice of compliance checking. We drew lessons learned regarding the need for setting up classification criteria for information types and handling the trade-off between expressivity and maintainability of the model.

Research center :

Interdisciplinary Centre for Security, Reliability and Trust (SnT) > SVV - Software Verification and Validation
NCER-FT - FinTech National Centre of Excellence in Research

Disciplines :

Computer science

Author, co-author :

CECI, Marcello ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV

BIANCULLI, Domenico ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SVV

Briand, Lionel; University of Limerick > Lero SFI Centre for Software Research ; University of Ottawa > School of EECS

External co-authors :

yes

Language :

English

Title :

Defining a Model for Content Requirements from the Law: an Experience Report

Publication date :

2024

Event name :

32nd IEEE International Requirements Engineering 2024 conference

Event place :

Reykjavik, Iceland

Event date :

24-28 June 2024

Audience :

International

Main work title :

Proceedings of the IEEE 32nd International Requirements Engineering Conference (RE)

Publisher :

IEEE, United States

Peer reviewed :

Peer reviewed

FnR Project :

FNR16570468 - 2021 (01/07/2022-30/06/2030) - Yves Le Traon

Name of the research project :

U-AGR-7509 - NCER22/NCER-FT_ICCOFIDO_UL - BIANCULLI Domenico

Funders :

FNR - Luxembourg National Research Fund

Funding number :

NCER22/IS/16570468/NCER-FT

Available on ORBilu :

since 18 April 2024

Statistics

Number of views

115 (37 by Unilu)

Number of downloads

118 (8 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenAlex citations

Bibliography

K. A. Bamberger, "Technologies of compliance: Risk and regulation in a digital age," Texas Law Review, vol. 88, p. 669, 2009.
H. A. López, S. Debois, T. Slaats, and T. T. Hildebrandt, "Business process compliance using reference models of law," in Fundamental Approaches to Software Engineering. Cham: Springer International Publishing, 2020, pp. 378-399.
H. M. Hart and A. M. Sacks, The legal process: basic problems in the making and application of law. Foundation Press, 1994.
European Parliament and Council, "Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS)," 2009. [Online]. Available: http://data.europa.eu/eli/dir/2009/65/oj.
M. Ceci, D. Bianculli, and L. Briand, "Defining a model for content requirements from the law: an experience report-online appendix," https://hdl.handle.net/10993/ 60775, 2024.
E. Johansson, K. Sutinen, J. Lassila, V. Lang, M. Martikainen, and O. Lehner, "Regtech-a necessary tool to keep up with compliance and regulatory changes," ACRN Journal of Finance and Risk Perspectives, Special Issue Digital Accounting, vol. 8, pp. 71-85, 2019.
G. H. von Wright, "Deontic logic," Mind, vol. 60, no. 237, pp. 1-15, 1951. [Online]. Available: http: //www.jstor.org/stable/2251395.
K. Peffers, T. Tuunanen, M. A. Rothenberger, and S. Chatterjee, "A design science research methodology for information systems research," Journal of Management Information Systems, vol. 24, no. 3, pp. 45-77, 2007.
A. Awad, M. Weidlich, and M. Weske, "Visually specifying compliance rules and explaining their violations for business processes," Journal of Visual Languages & Computing, vol. 22, no. 1, pp. 30-55, 2011, special Issue on Visual Languages and Logic. [Online]. Available: https://www.sciencedirect. com/science/article/pii/S1045926X10000716.
W. Tesfay, P. Hofmann, T. Nakamura, S. Kiyomoto, and J. Serna, "PrivacyGuide: towards an implementation of the EU GDPR on internet privacy policy evaluation," in Proc. 4th ACM Int. Workshop on Security and Privacy Analytics, 2018, pp. 15-21.
D. Torre, S. Abualhaija, M. Sabetzadeh, L. C. Briand, K. Baetens, P. Goes, and S. Forastier, "An AI-assisted Approach for Checking the Completeness of Privacy Policies Against GDPR," in 28th RE Conf., 2020.
N. Guntamukkala, R. Dara, and G. Grewal, "A machinelearning based approach for measuring the completeness of online privacy policies," in 14th ICMLA Conference, 2015, pp. 289-294.
B. Mar, "Requirements for development of software requirements," INCOSE International Symposium, pp. 34-39, 1994.
B. Fawei, J. Z. Pan, M. Kollingbaum, and A. Z. Wyner, "A methodology for a criminal law and procedure ontology for legal question answering," in Semantic Technology, R. Ichise, F. Lecue, T. Kawamura, D. Zhao, S. Muggleton, and K. Kozaki, Eds. Springer, 2018.
G. G. Petrova, A. F. Tuzovsky, and N. V. Aksenova, "Application of the financial industry business ontology (FIBO) for development of a financial organization ontology," Journal of Physics: Conference Series, vol. 803, p. 012116, 2017.
G. Governatori and A. Rotolo, "A conceptually rich model of business process compliance," in Proc. 7th Asia-Pacific Conf. on Conceptual Modelling, 2010, Conference Proceedings, pp. 3-12.
M. Hashmi and G. Governatori, "Norms modeling constructs of business process compliance management frameworks: a conceptual evaluation," Artificial Intelligence and Law, vol. 26, pp. 251-305, 2017.
R. Hoekstra, J. Breuker, M. Di Bello, and A. Boer, "The LKIF core ontology of basic legal concepts," International Journal of High Performance Computing Applications-IJHPCA, vol. 1, pp. 43-63, 2007.
M. Palmirani, G. Governatori, A. Rotolo, S. Tabet, H. Boley, and A. Paschke, "LegalRuleML: XML-Based Rules and Norms," in Rule-Based Modeling and Computing on the Semantic Web. Springer, 2011, pp. 298-312.
C. Arora, M. Sabetzadeh, L. C. Briand, and F. Zimmer, "Extracting domain models from natural-language requirements: approach and industrial evaluation," in Proceedings of MODELS'16, 2016, pp. 250-260.
N. Zeni, E. A. Seid, P. Engiel, S. Ingolfo, and J. Mylopoulos, "Building Large Models of Law with NómosT," in Conceptual Modeling. Cham: Springer International Publishing, 2016, pp. 233-247.
I. Blums and H. Weigand, "Consolidating economic exchange ontologies for financial reporting standard setting," Data & Knowledge Engineering, vol. 145, p. 102148, 2023. [Online]. Available: https://www.sciencedirect.com/science/article/ pii/S0169023X23000083.
S. Abualhaija, C. Arora, A. Sleimi, and L. C. Briand, "Automated question answering for improved understanding of compliance requirements: A multi-document study," in 2022 IEEE 30th International Requirements Engineering Conference (RE), 2022, pp. 39-50.
E. Francesconi and G. Governatori, "Patterns for legal compliance checking in a decidable framework of linked open data," Artificial Intelligence and Law, 2022.
J. F. Maier, C. M. Eckert, and P. John Clarkson, "Model granularity in engineering design-concepts and framework," Design Science, vol. 3, p. e1, 2017.
N. Moloney, EU securities and financial markets regulation. Oxford University Press, 2014.
K. Sengupta and P. Hitzler, Web Ontology Language (OWL), 01 2014, pp. 2374-2378.
T. Brown, B. Mann, N. Ryder, M. Subbiah, J. D. Kaplan, P. Dhariwal, A. Neelakantan, P. Shyam, G. Sastry, A. Askell et al., "Language models are few-shot learners," Advances in neural information processing systems, vol. 33, pp. 1877-1901, 2020.
J. Yang, H. Jin, R. Tang, X. Han, Q. Feng, H. Jiang, S. Zhong, B. Yin, and X. Hu, "Harnessing the power of llms in practice: A survey on chatgpt and beyond," ACM Trans. Knowl. Discov. Data, feb 2024, just Accepted. [Online]. Available: https://doi.org/10.1145/3649506.
E. Francesconi and G. Governatori, "Patterns for legal compliance checking in a decidable framework of linked open data," Artificial Intelligence and Law, vol. 31, no. 3, pp. 445-464, Sep. 2023.
O. Amaral, M. I. Azeem, S. Abualhaija, and L. C. Briand, "Nlp-based automated compliance checking of data processing agreements against gdpr," 2022.
R. Pound, "Sources and forms of law," Notre Dame Law., vol. 21, p. 247, 1945.
G. Soltana, E. Fourneret, M. Adedjouma, M. Sabetzadeh, and L. Briand, "Using uml for modeling procedural legal rules: Approach and a study of luxembourg's tax law," in Model-Driven Engineering Languages and Systems, J. Dingel, W. Schulte, I. Ramos, S. Abrahão, and E. Insfran, Eds. Cham: Springer International Publishing, 2014, pp. 450-466.
L. Robaldo, F. Pacenza, J. Zangari, R. Calegari, F. Calimeri, and G. Siragusa, "Efficient compliance checking of RDF data," J. Log. Comput., vol. 33, no. 8, pp. 1753-1776, 2023. [Online]. Available: https://doi.org/10.1093/logcom/exad034.
X. Li, D. Bianculli, and L. C. Briand, "An ai-based approach for tracing content requirements in financial documents," CoRR, vol. abs/2110.14960, 2021. [Online]. Available: https://arxiv.org/abs/2110.14960.