Business Rules, Business Process, and Compliance

Articles

Author(s)

James Taylor
Faculty Member, BPMInstitute.org and CEO and Principal Consultant, Decision Management Solutions
James is a Faculty Member of BPMInstitute.org and the CEO and a Principal Consultant of Decision Management Solutions. He is the leading expert in how to use business rules and analytic technology to build Decision Management Systems. James is passionate about using Decision Management Systems to help companies improve decision making and develop an agile, analytic and adaptive business. He provides strategic consulting to companies of all sizes, working with clients in all sectors to adopt decision making technology. James has spent the last 20 years developing approaches, tools, and platforms that others can use to build more effective information systems. He has led Decision Management efforts for leading companies in insurance, banking, health management, manufacturing, travel and telecommunications. James is the author of “Decision Management Systems: A practical guide to using business rules and predictive analytics” (IBM Press, 2011). He previously wrote Smart (Enough) Systems: How to Deliver Competitive Advantage by Automating Hidden Decisions (Prentice Hall) with Neil Raden, and has contributed chapters on Decision Management to multiple books as well as many articles to magazines. He is currently working on a book projects related to decision modeling. Decision Management Solutions work with clients to improve their business by applying analytics and analytic technology to automate and improve decisions. Decision Management Solutions is a submitter of the Decision Model and Notation standard.

One of the key uses of business rule management systems (BRMS) and business process management systems (BPMS), is to help with issues of compliance. The growth of regulations such as Sarbanes-Oxley and HIPAA, as well as long standing regulation in areas such as Insurance and banking means that more companies have to deal with compliance than ever before. Many companies are turning to technology to address the issues this growth of regulation brings.

There are many challenges that come with compliance, but three are particularly relevant when considering how technology might help.

One of the key uses of business rule management systems (BRMS) and business process management systems (BPMS), is to help with issues of compliance. The growth of regulations such as Sarbanes-Oxley and HIPAA, as well as long standing regulation in areas such as Insurance and banking means that more companies have to deal with compliance than ever before. Many companies are turning to technology to address the issues this growth of regulation brings.

There are many challenges that come with compliance, but three are particularly relevant when considering how technology might help. These are how to demonstrate compliance, not just be compliant; how to respond to new and changing requirements; and how to retain a level of business agility when one is regulated.

One of the changes between “traditional” regulation and more recent legislation is the change in the burden of proof – companies are now faced with demonstrating compliance, not just being compliant. This means that policy/procedure manuals, audits and training are no longer enough. Now companies must be able to show how they took a decision or carried out a procedure and that the approach they took was compliant. This is something that is clearly much easier to do if processes and rules are automated however not if they are automated using impenetrable code.

New and changing requirements for compliance seem to crop up every day. With more activist legislatures and regular court rulings, companies must deal with moving targets when it comes to compliance. With tolerance for corporate malfeasance at a historic low there is little room for maneuver – no-one is going to be believed if they say “well we would have implemented this but it was too hard to change our systems”, especially if it is to their financial advantage not to change. This leads to the last problem, that of retaining business agility in the face of compliance. If you must demonstrate compliance with complex regulations and so must codify your processes and rules, how can you retain any kind of business agility?

Fortunately, a combination of BRMS and BPMS can help you address all these issues. They can help you make your processes and rules explicit, help you manage them and enable you to show that you followed the rules. They can do all this without locking you in to a single approach and so let you retain some business agility.

So why do you need both technologies – surely one or the other would be enough? The fact is that some compliance is about processes – do you follow certain steps, keep certain data – and some is about rules – did you enforce certain rules, take only allowed actions. Often both are required – in a healthcare claims process you might have to show how the claim was reviewed, referred for a second opinion etc and show when you saved information and what information you saved. You might also have to show that the rules you followed for deciding to decline a claim were legitimate and appropriate. You cannot get compliance correct without the right mix of flexible process automation and effective decision automation.

Approaching the automation of processes and rules to assist in compliance involves a number of steps. First, you need to identify the decisions and processes that will be checked – those that are regulated. For process-centric regulations – show that you always did this before doing that etc – identify the impacted processes and think about how to automate them using a BPMS. Depending on the details of the process, different products may be more or less suitable. For more decision-centric regulations – show that you followed this approach to approving/denying someone or to calculating a price etc. – identify the processes in which such a decision is required, externalize that decision in a BRMS and hook it up to the relevant processes. Often these processes will overlap with those that must be compliant processes in their own right. Using good source rule management to track which regulations impact which process/rule definitions is key to ongoing management as you will need to change the process and rule definitions as the regulations adapt or are impacted by court rulings.

Additionally, more and more regulators are starting to consider the impact of behavior in an analytic sense. Not only for regulations like BASEL II, which explicitly requires analytic modeling to be part of showing you are compliant, but more generally as courts rule that the statistically likely impact of something must be considered. You cannot write rules or automate processes in a way statistically likely to cause discrimination, for example. Moving beyond rules and process management to decision management by bringing analytic models to bear will become increasingly important.

Similar Resources

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Enhancing Your Team's BPM Capabilities: The Value of External Expertise In today’s dynamic business environment, managing and improving business processes is critical for any organization aiming to maintain a competitive edge. Many companies consider handling Business...

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+ Introduction In the evolving landscape of Business Process Management (BPM), the introduction of Shared Data Model Notation (SDMN) marks a significant advancement. As businesses increasingly seek to...

Embracing the Future: Low-Code and No-Code Platforms in BPM+

Embracing the Future: Low-Code and No-Code Platforms in BPM+

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Embracing the Future: Low-Code and No-Code Platforms in BPM+ Introduction In the realm of business process management (BPM), low-code and no-code platforms have emerged as transformative tools, reshaping how organizations develop applications and manage workflows....

Featured Certificate: BPM Specialist

Everyone starts here.

You're looking for a way to improve your process improvement skills, but you're not sure where to start.

Earning your Business Process Management Specialist (BPMS) Certificate will give you the competitive advantage you need in today's world. Our courses help you deliver faster and makes projects easier.

Your skills will include building hierarchical process models, using tools to analyze and assess process performance, defining critical process metrics, using best practice principles to redesign processes, developing process improvement project plans, building a center of excellence, and establishing process governance.

The BPMS Certificate is the perfect way to show employers that you are serious about business process management. With in-depth knowledge of process improvement and management, you'll be able to take your business career to the next level.

Learn more about the BPM Specialist Certificate

Courses

  •  

 
Certificates

  • Business Process Management Specialist
  • Earning your Business Process Management Specialist (BPMS) Certificate will provide you with a distinct competitive advantage in today’s rapidly evolving business landscape. With in-depth knowledge of process improvement and management, you’ll be able to take your business career to the next level.
  • BPM Professional Certificate
    Business Process Management Professional
  • Earning your Business Process Management Professional (BPMP) Certificate will elevate your expertise and professional standing in the field of business process management. Our BPMP Certificate is a tangible symbol of your achievement, demonstrating your in-depth knowledge of process improvement and management.

Certification

BPM Certification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Process Management Certification from the industry's top BPM educational organization.

Courses

 
Certificates

  • Operational Excellence Specialist
  • Earning your Operational Excellence Specialist Certificate will provide you with a distinct advantage in driving organizational excellence and achieving sustainable improvements in performance.
 

 

OpEx Professional Certificate

  • Operational Excellence Professional
  • Earn your Operational Excellence Professional Certificate and gain a competitive edge in driving organizational excellence and achieving sustainable improvements in performance.

Courses
Certificate
  •  

  • Agile BPM Specialist
  • Earn your Agile BPM Specialist Certificate and gain a competitive edge in driving business process management (BPM) with agile methodologies. You’ll gain a strong understanding of how to apply agile principles and concepts to business process management initiatives.  
 

Business Architecture

 
Certificates

  • Business Architecture Specialist
  • The Business Architecture Specialist (BAIS) Certificate is proof that you’ve begun your business architecture journey by committing to the industry’s most meaningful and credible business architecture training program.

  • Business Architecture Professional
  • When you earn your Business Architecture Professional (BAIP) Certificate, you will be able to design and implement a governance structure for your organization, develop and optimize business processes, and manage business information effectively.

BA CertificationCertification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Architecture Certification from the industry's top BPM educational organization.

Courses

 
Certificates

  • Digital Transformation Specialist
  • Earning your Digital Transformation Specialist Certificate will provide you with a distinct advantage in today’s rapidly evolving business landscape. 
 

 

  • Digital Transformation Professional
  • The Digital Transformation Professional Certificate is the first program in the industry to cover all the key pillars of Digital Transformation holistically with practical recommendations and exercises.

Courses
Certificate

  • Agile Business Analysis Specialist
  • Earning your Agile Business Analysis Specialist Certificate will provide you with a distinct advantage in the world of agile software development.

Courses
Certificate
  • DAS Certificate
  • Decision Automation Specialist
  • Earning your Decision Automation Certificate will empower you to excel in the dynamic field of automated decision-making, where data-driven insights are pivotal to driving business innovation and efficiency.