business contracts

Abstract. Business process design is primarily driven by process improvement objectives. However, the role of control objectives stemming from regulations and standards is becoming increasingly important for businesses in light of recent events that led to some of the largest scandals in corporate history. As organizations strive to meet compliance agendas, there is an evident need to provide systematic approaches that assist in the understanding of the interplay between (often conflicting) business and control objectives during business process design. In this paper, our objective is twofold. We will firstly present a research agenda in the space of business process compliance, identifying major technical and organizational challenges. We then tackle a part of the overall problem space, which deals with the effective modeling of control objectives and subsequently their propagation onto business process models. Control objective modeling is proposed through a specialized modal logic based on normative systems theory, and the visualization of control objectives on business process models is achieved procedurally. The proposed approach is demonstrated in the context of a purchase-to-pay scenario.

This paper presents a formal system for reasoning about violations of obligations in contracts. The system is based on the formalism for the representation of contrary-to-duty obligations. These are the obligations that take place when other obligations are violated as typically applied to penalties in contracts. The paper shows how this formalism can be mapped onto the key policy concepts of a contract specification language, called Business Contract Language (BCL), previously developed to express contract conditions for run time contract monitoring. The aim of this mapping is to establish a formal underpinning for this key subset of BCL.

Abstract. We introduce the DR-CONTRACT architecture to represent and reason on e-Contracts. The architecture extends the DR-device architecture by a deontic defeasible logic of violation. We motivate the choice for the logic and we show how to extend RuleML to capture the notions relevant to describe e-contracts for a monitoring perspective in Defeasible Logic. 1

Abstract. A given business process may face a large number of regulatory obligations the process may or comply with. Providing tools and techniques through which an evaluation of the compliance degree of a given process can be undertaken is seen as a key objective in emerging business process platforms. We address this problem through a diagnostic framework that provides the ability to assess the compliance gaps present in a given process. Checking whether a process is compliant with the rules involves enumerating all reachable states and is hence, in general, a hard search problem. The approach taken here allows to provide useful diagnostic information in polynomial time. The approach is based on two underlying techniques. A conceptually faithful representation for regulatory obligations is firstly provided by a formal rule language based on a non-monotonic deontic logic of violations. Secondly, processes are formalized through semantic annotations that allow a logical state space to be created. The intersection of the two allows us to devise an efficient method to detect compliance gaps; the method guarantees to detect all obligations that will necessarily arise during execution, but that will not necessarily be fulfilled.

It is a typical scenario that many organisations have their business processes specified independently of their business obligations (which includes contractual obligations to business partners, as well as obligations a business has to fulfil against regulations and industry standards). This is because of the lack of guidelines and tools that facilitate derivation of processes from contracts but also because of the traditional mindset of treating contracts separately from business processes. This chapter will provide a solution to one specific problem that arises from this situation, namely the lack of mechanisms to check whether business processes are compliant with business contracts. The chapter begins by defining the space for business process compliance and the eco-system for ensuring that process are compliant. The key point is that compliance is a relationship between two sets of specifications: the specifications for executing a business process and the specifications regulating a business. The central part of the chapter focuses on a logic based formalism for describing both the semantics of normative specifications and the semantics of compliance checking procedures. 1

We continue the study, started in [5], on the formal relationships between a domain specific contract language (BCL) and the logic of violation (FCL) proposed in [6, 7]. We discuss the use of logical methods for the representation and analysis of business contracts. The proposed analysis is based on the notions of normal and canonical forms of contracts expressed in FCL. Finally we present a mapping from FCL to BCL that can be used to provide an executable model of a formal representation of a contract. 1.

Abstract: The ever increasing obligations of regulatory compliance are presenting a new breed of challenges for organizations across several industry sectors. Aligning control objectives that stem from regulations and legislation, with business objectives devised for improved business performance, is a foremost challenge. The organizational as well as IT structures for the two classes of objectives are often distinct and potentially in conflict. In this chapter, we present an overarching methodology for aligning business and control objectives. The various phases of the methodology are then used as a basis for discussing state of the art in compliance management. Contributions from research and academia as well as industry solutions are discussed. The chapter concludes with a discussion on the role of BPM as a driver for regulatory compliance and a presentation of Compliance is defined as ensuring that business processes, operations and practice are in accordance with a prescribed and/or agreed set of

Abstract. The import of the notion of institution in the design of MASs requires to develop formal and efficient methods for modeling the interaction between agents ’ behaviour and normative systems. This paper discusses how to check whether agents ’ behaviour is compliant with the rules regulating them. The key point of our approach is that compliance is a relationship between two sets of specifications: the specifications for executing a process and the specifications regulating it. We propose a logic-based formalism for describing both the semantics of normative specifications and the semantics of compliance checking procedures. 1

Abstract: We introduce the DR-CONTRACT architecture to represent and reason on e-Contracts. The architecture extends the DR-device architecture by a deontic defeasible logic of violation. We motivate the choice for the logic and we show how to extend RuleML to capture the notions relevant to describe e-contracts for a monitoring perspective in Defeasible Logic.