Confidential Transforming Laws, Regulations and Policies into
Ontologies and Business Rules: A Real Life PoC with Regulation-W
(Reg-w) June 26, 2014 Slide 2 Confidential Michael Atkin Managing
Director EDM Council 2Copyright 2014 EDM Council Inc. Welcome Slide
3 Confidential Dennis Wisnosky Senior Advisor and Consultant EDM
Council 3Copyright 2014 EDM Council Inc. Background Slide 4
Confidential Background 4Copyright 2014 EDM Council Inc. The 2013
FIBO Technology Summit Challenge: There is a need to convert
requirements (e.g. regulatory rules) into executable semantic rule
statements. We need an efficient mechanism to turn government
regulations into a standards based rules language. Are tools such
as the Rules Interchange Framework (RIF) Rulelog dialect and the
Web Ontology Language (OWL) sufficient? Reg-W was chosen as a PoC
and successfully demonstrated Slide 5 Confidential David Newman
Strategic Planning Manager, Senior Vice President Wells Fargo
Chair, EDM Council Semantic Technology Program 5Copyright 2014 EDM
Council Inc. Introduction Slide 6 Confidential6Copyright 2014 EDM
Council Inc. David Newman Strategic Planning Manager, Senior Vice
President, Wells Fargo and Chair, EDM Council Semantic Technology
Program Wesley Moore MD, Compliance Controls and Infrastructure,
Wells Fargo Securities Dr. Elie Abi-Lahoud Research Fellow, GRC
Technology Centre, University College Cork Dr. Grit Denker Senior
Computer Scientist, SRI International Benjamin Grosof Co-Founder,
Coherent Knowledge Systems Presenters Slide 7 Confidential Reg-W
POC Goals and Methodology Mission: Demonstrate how semantic
technologies (using FIBO/OWL and FLORA2/ Rulelog) can define and
execute regulatory compliance rules using open data standards and
automation Goal: Identify entities as Reg-W Affiliates Identify
Reg-W Covered Transactions Identify Reg-W Prohibited Transactions
Display logic used that describes how Reg-W compliance is achieved
Participants: Wells Fargo POC leadership, subject matter expertise
and sample test data GRC Technology Centre - Methodology to
interpret regulation SRI Sunflower platform and technical expertise
Coherent Knowledge Systems Episto platform and technical expertise
Methodology: Incorporate FIBO Business Entities ontology into
execution platforms Ingest Reg-W test cases spreadsheet Perform
Reg-W rules execution to automatically determine compliance Execute
audit trail queries that prove how compliance is achieved 7 Slide 8
Confidential Wesley Moore MD, Compliance Controls and
Infrastructure Wells Fargo Securities 8Copyright 2014 EDM Council
Inc. Compliance and Regulation W Slide 9 Confidential What
Compliance Does Comprehensively describe how rules apply and how
our businesses comply: Policies and procedures, rule interpretation
Communication of standards, Training Day-to day consultation,
strategy development Decision rationale Audits and regulatory exam
management Internal compliance control reviews Surveillance and
monitoring Compliance Program documentation Find regulatory and
policy compliance problems Oversight and controls Attestations and
evaluations Exception resolution Program sufficiency and
maintenance Issues research and management Help correct regulatory
and policy non-compliance Investigations Project support Validation
Escalation Describe Find Help Correct... Regulatory and Policy
Non-Compliance 9Copyright 2014 EDM Council Inc. Slide 10
Confidential Regulation W The Federal Reserve Boards (FRB)
Regulation W (Transactions Between Member Banks and their
Affiliates) implements Sections 23A and 23B of the Federal Reserve
Act (FRA). Protects the financial integrity of banks: Bank
affiliate includes any company that controls the bank, any company
under common control with the bank, and certain investment funds
that are advised by the bank or an affiliate of the bank. Limits
covered transactions with affiliates that are not subsidiaries of
banks (Reg W affiliates). Imposing collateral requirements on
extensions of credit Prohibiting the purchase of low-quality assets
by banks from their Reg W affiliates or sister banks Limits:
Covered transactions with an affiliate cannot exceed 10 percent of
a bank's capital stock and surplus, and transactions with all
affiliates combined cannot exceed 20 percent of the bank's capital
stock and surplus. 10Copyright 2014 EDM Council Inc. Slide 11
Confidential Covered Transactions and Exemptions Type of Covered
Transaction Asset Purchase from an Affiliate Purchase of, or an
investment in securities issued by an affiliate Attribution Rule -
via extension of credit Extension of Credit Exemptions Intraday
Credit to Affiliates Riskless Principal Transactions Municipal
securities purchases Transactions secured by cash or U.S. govt
securities Purchasing assets, other than securities issued by
affiliates, that have ready, liquid markets. Copyright 2014 EDM
Council Inc.11 Slide 12 Confidential Expected Benefits to
Compliance Performance Compliance Duty Expected performance benefit
Identifying and reporting covered transactions Linking technology
specifications to rule logic improves accuracy and accountability
Ensuring adequate collateral for credit transactions Clarity of
rules leads to more accurate analysis and efficient capital usage
Request the appropriate allocations of capital and/or collateral
for any covered transaction Improve understanding, reduce drama and
time in managing remediation of errors. Maintaining documentation
needed to certify Regulation W compliance Audit trail from regs to
specs to results to actions. Real time info. Retain institutional
knowledge. Reporting the daily commitment balance of all covered
transactions for the business group Automation of daily manual
research and input Developing and performing testing to ensure
Regulation W compliance Validated logic and continuous monitoring
replaces manual detective controls Train team members Improved
preventative controls. Consistency in message. Improved feedback
loop 12Copyright 2014 EDM Council Inc. Slide 13 Confidential Elie
Abi-Lahoud PhD, Research Fellow, GRC Technology Centre, University
College Cork, Ireland 13Copyright GRCTC- UCC Technical Approach
Slide 14 Confidential Main Concepts in Regulation W Objective of
this PoC: Am I in compliance with RegW? Yes/No Why? / Why not?
Start with understanding Reg W Objective of this PoC: Am I in
compliance with RegW? Yes/No Why? / Why not? Start with
understanding Reg W 14 Counterparty Bank 1) Is counterparty an
Affiliate ? 2) Is transaction Covered? 3) Is Amount permitted?
Copyright GRCTC- UCC Slide 15 Confidential Challenges in
understanding Regulation W 15 Unstructured Text size Federal
Reserve System Final Rule 12 CFR Part 223 - 143 pages of text in
natural language Summary: 19 pages (comprehensive review) Reference
chains Definitions to identify, delimit and flesh out Complex
sentences: Legalese and NL ambiguities Exceptions/ exemptions
Copyright GRCTC- UCC Slide 16 Confidential Current Techniques SMEs
(both Business and Legal) Handcraft guidance Partial Coverage often
limited to recurrent activities Based on non-documented/
non-formalised process Accuracy, Thoroughness, Diligence at the
discretion of the SMEs Lacks transparency, disconnected
reusability? More problems when the rule is complex Lack of
structure i.e. vocabulary of transaction types, exemptions,
collaterals, etc. Link to other regulations, new spreadsheets? Link
to regulation (unreliable, difficult to maintain, hard to navigate)
Arbitrary categories, lack structure and accurate definitions SMEs
understanding of the regulation Traceability? Reusability? Can
share? 16Copyright GRCTC- UCC Slide 17 Confidential Use Structured
Natural Language Following GRCTC methodology to interpret
regulation in SBVR SBVR OMG Specification for business Vocabularies
and Rules Vocabulary: Captures the business domain Terms referring
to business concepts, links/relationships between concepts,
definitional constraints on these relationships Rules: Capture the
business behavioural constraints Obligations, prohibitions, etc.
17Copyright GRCTC- UCC Slide 18 Confidential GRCTC methodology to
interpret regulation in SBVR 18 Follow reference chains and produce
self-contained sentences Define terms iteratively until all
confusions are clarified Identify, Describe and Constrain links
between terms Capture regulatory requirements using the interlinked
vocabulary elements Regulations & related documents Clear,
consolidated and transparent articulation of Regulatory
requirements Copyright GRCTC- UCC Slide 19 Confidential Limiting
PoC Scope using SBVR SE 19 12 CFR II 223.2 Source: 12 CFR II 223.2
Each is defined Body Corporate FIBO Concept Copyright GRCTC- UCC
Slide 20 Confidential Limiting PoC Scope using SBVR SE 20Copyright
GRCTC- UCC Slide 21 Confidential Limiting PoC Scope using SBVR SE
Not only terms but relationships too: Fleshing out the links
between concepts 21Copyright GRCTC- UCC Slide 22 Confidential
Limiting PoC Scope using SBVR SE Reconstruct the rule from
previously defined building blocks to ensure confusion is removed
22Copyright GRCTC- UCC Slide 23 Confidential Limiting PoC Scope
using SBVR SE Other examples of regulatory requirements captured in
SBVR 23Copyright GRCTC- UCC Slide 24 Confidential Benefits of this
Approach 24Copyright GRCTC- UCC Elie Abi-Lahoud, Leona OBrien, Tom
Butler (2013) On the Road to Regulatory Ontologies: Interpreting
Regulation with SBVR, AICOL, Bologna, Italy, Dec. 2013 Slide 25
Confidential Dr. Grit Denker Senior Computer Scientist SRI
International 25 Presentation Demonstration Advanced Compliance
Controls: Controls Automation Using Sunflower Copyright 2014 SRI
International Slide 26 Confidential Approach Overvie w A software
solution called Sunflower implementing compliance programs running
on your hardware machine reasoning over government regulations and
your data captured in machine-understandable representation
Regulations, related laws, P&Ps, etc. Production data from IT
systems, spread sheets, databases etc. Compliance, Business and IT
Supports Compliance Program Lifecycle CreateImplementExecute/Audit
Monitoring & surveillance reports Understand and formalize
regulation Create policies Identify relevant data Understand and
formalize regulation Create policies Identify relevant data
Implement controls and analytics Validate and share across
enterprise Automated data ingestion Implement controls and
analytics Validate and share across enterprise Automated data
ingestion Check results of automated analysis Escalate and act
Defend to auditors Check results of automated analysis Escalate and
act Defend to auditors Copyright 2014 SRI International26 Slide 27
Confidential Reg-W Covered Transaction Scen arios Spreadsheet with
17 Reg-W scenarios Copyright 2014 SRI International27 Slide 28
Confidential Reg-W Rule Development Translate each row into a
formal, machine-readable Flora-2 rule Copyright 2014 SRI
International28 Slide 29 Confidential Transaction Trade Data
Automatic ingestion of production data into Sunflower Spreadsheet
importer SQL database importer Copyright 2014 SRI International29
Slide 30 Confidential Sunflower Overview List of loaded projects
and ontologies and Knowledge Bases (KBs) Various integrated views
(e.g., ontology and knowledge browser and editor, graphical views
of rule dependencies and KBs, test queries and results) Textual
view of rules, ontologies and KBs (Flora-2) Current tool interfaces
are for people with some training in semantic technologies.
End-user interfaces will be provided according to needs Copyright
2014 SRI International30 Slide 31 Confidential Translating FIBO to
F lora-2 FIBO OWL ontologies and SWRL Rules translated (within
seconds) into Flora. Copyright 2014 SRI International31 Slide 32
Confidential Reg-W Transaction (in Ontology Editor) These
transaction instances were automatically generated using Sunflowers
spreadsheet ingestion tool Note that the individual transactions do
not have permitted, reportable, or reportableReason values (because
those will be inferred). Transaction instances Copyright 2014 SRI
International32 Slide 33 Confidential Which Transactions are
Permitted or Reportable? This test query applies Reg-W rules to
every transaction and determines whether the transaction is
permitted or not is reportable or not Executing this query results
in the following table Reasoning time is about a second per
transaction Copyright 2014 SRI International33 Slide 34
Confidential Which Transactions are Permitted or Reportabl e?
Copyright 2014 SRI International34 Slide 35 Confidential Comparing
Results Analysis results can be stored and compared to previous
analysis results (e.g., data changes, hypothetical scenarios)
1.Save analysis results 2.Change the capitalStockAndSurplus value
of ABCBANK from $8M to $4M using the ontology editor Copyright 2014
SRI International35 Slide 36 Confidential Comparing Results Cont.
3.Re-execute query and compare the results New results in boldface,
old results italicized and grayed out Copyright 2014 SRI
International36 Slide 37 Confidential Why is a Transaction
Permitted or Reportable? Understanding why certain analysis results
were given is often just as important as getting results themselves
E.g., determination of false positive and possible mitigation
Copyright 2014 SRI International37 Pressing ? button yields English
explanation Slide 38 Confidential Understanding and Tracing
Analysis Results English paraphrase of rule can help with
understanding analysis results For further inspection, automatic
navigation: to rule definition (double-click rule name) to
graphical representation of rule structure Copyright 2014 SRI
International38 Slide 39 Confidential Summary: Sunflower Software
Interpretations of regulations shared across the enterprise
Provenance of controls Transparent compliance decision making
Automatic ingestion of data from IT systems, spreadsheets, etc.
Rationale behind compliance analysis results in English Evidence
chain of results Copyright 2014 SRI International39 www.sri.com
Slide 40 Confidential Benjamin Grosof Co-Founder, CTO & CEO
Coherent Knowledge Systems 40 Presentation Demonstration Copyright
2014, Coherent Knowledge Systems, LLC Automating Compliance with
Regulation W via Rulelog with Explanations in English, using
Coherents Episto Technology Slide 41 Confidential Automated
Decision Support for Financial Regulatory/Policy Compliance
41Copyright 2014, Coherent Knowledge Systems, LLC Problem: Current
methods are expensive and unwieldy, often inaccurate Solution
Approach using Textual Rulelog software technology: Encode
regulations and related info as semantic rules and ontologies
Fully, robustly automate run-time decisions and related querying
Provide understandable full explanations in English Proof:
Electronic audit trail, with provenance Handles increasing
complexity of real-world challenges Data integration, system
integration Conflicting policies, special cases, exceptions What-if
scenarios to analyze impact of new regulations and policies
Advantages compared to currently deployed methods: More Accurate
More Cost Effective less labor; subject matter experts in closer
loop More Agile faster to update More Overall Effectiveness: less
exposure to risk of non-compliance Slide 42 Confidential Coherents
Episto Platform 42Copyright 2014, Coherent Knowledge Systems, LLC
XSB Prolog (open source) Engine User Interface Knowledge Base
Optionally: Custom Apps - E.g., devd by Coherent Java WS C External
Services/ Components DBMS Other SIMS Apps External Structured Info
Users actions events Episto queries, assertions, edits answers,
view updates, decisions, explanations KB = Knowledge Base. WS = Web
Services. SIMS = Structured Info Mgmt. Sys., e.g., sem tech for OWL
or Horn rules. Complex Info - English Text - Policy Docs,... Data
Views Rules Schemas & Ontologies Slide 43 Confidential Query is
Asked 43Copyright 2014, Coherent Knowledge Systems, LLC Slide 44
Confidential User Clicks the Handles to Expand the Explanation
44Copyright 2014, Coherent Knowledge Systems, LLC Slide 45
Confidential Why is the Proposed Transaction Prohibited by Reg W?
45Copyright 2014, Coherent Knowledge Systems, LLC 1.Is the
transactions counterparty an affiliate of the bank? YES. And heres
why Slide 46 Confidential46Copyright 2014, Coherent Knowledge
Systems, LLC Why is the Proposed Transaction Prohibited by Reg W?
2.Is the transaction contemplated a covered transaction? YES. And
heres why Slide 47 Confidential47Copyright 2014, Coherent Knowledge
Systems, LLC Why is the Proposed Transaction Prohibited by Reg W?
3.Is the amount of the transaction permitted? NO. It went over the
limit. And heres why Slide 48 Confidential48Copyright 2014,
Coherent Knowledge Systems, LLC Why is the Proposed Transaction
Prohibited by Reg W? 3.(continued) How was the limit calculated,
using the banks capital, to determine whether the covered
transaction was permitted Heres how the aggregate-affiliates limit
was determined Slide 49 Confidential49Copyright 2014, Coherent
Knowledge Systems, LLC FIBO-OWL Import to Episto Knowledge in
OWL/RDF is translated automatically into Rulelog Slide 50
Confidential Inferencing Fully Supports & Integrates FIBO OWL
Info 50Copyright 2014, Coherent Knowledge Systems, LLC Sample Query
FIBO data Fuller screenshot of the above: Slide 51 Confidential
.and so does Explanation 51Copyright 2014, Coherent Knowledge
Systems, LLC Slide 52 Confidential FIBO OWL as a Step in the
Explanation 52Copyright 2014, Coherent Knowledge Systems, LLC Slide
53 Confidential Summary: Coherents Episto for Compliance
53Copyright 2014, Coherent Knowledge Systems, LLC Overall
Advantages compared to currently deployed compliance methods: More
Accurate More Cost-effective More Agile Core Technical Advantages
over previous semantic tech / AI / biz rules / DBMS: Powerful
rule-based AI combined with natural language, extends FIBO OWL
Proof / audit trail: Understandable full explanations in English,
step-by-step Subject matter experts in closer loop
http://coherentknowledge.com Slide 54 Confidential Michael Atkin
Managing Director EDM Council 54Copyright 2014 EDM Council Inc.
Wrap Up & Questions Slide 55 Confidential55Copyright 2014 EDM
Council Inc. Mike Atkin [email protected]@edmcouncil.org
Dennis Wisnosky [email protected]@edmcouncil.org
David Newman [email protected]@wellsfargo.com
Wesley Moore [email protected]@wellsfargo.com
Grit Denker [email protected]@sri.com Elie Abi-Lahoud
[email protected]@ucc.ie Benjamin Grosof
[email protected]@gmail.com Thank You! Slide
56 Confidential Regulation W Becomes Coherent Logic 56Copyright
2014, Coherent Knowledge Systems, LLC Using Coherent tools:
Regulation W is translated from English into logic, rapidly. A
knowledge base is created, ready to make decisions and provide
detailed explanations. Any company that is advised on a contractual
basis by the bank or an affiliate of the bank is considered an
affiliate of the bank. Sample English Text: Logical representation:
Slide 57 Confidential Example Scenario (fictional) 57Copyright
2014, Coherent Knowledge Systems, LLC A Loan to the Maui Sunset
Hotel Group Pacific Bank is considering a loan of $23 million
dollars to the Maui Sunset hotel group to open a new location on
the island. Is this transaction allowed under Regulation W? As part
of that, one must ascertain if Maui Sunset could be considered an
affiliate under Regulation W. Slide 58 Confidential Example
Scenario (fictional) 58Copyright 2014, Coherent Knowledge Systems,
LLC Relationships and Other Data Americas Bank Subsidiaries Hawaii
Bank Advises Maui Sunset Pacific Bank Kotzebue Bank Alaska Bank
Pacific BankHawaii Bank$145 million Pacific BankAlaska Bank$245
million Pacific BankKotzebue Bank$100 million Previous Loans
Pacific Bank $2500 million Capital Stock and Surplus
