Information Technology Artifacts in the Regulatory Compliance of Business Processes: A Meta-Analysis

To address recent calls for better regulatory compliance of business processes (electronic or not), this study synthesizes research findings of nine peer-reviewed systematic literature reviews and state-of-the-art studies on business process compliance to examine Information Technology artifacts used in the compliance of business processes to laws and regulations. Results from the 342 unique studies covered by these reviews demonstrate that eight types of Information Technology artifacts are used in the design, execution and after-execution lifecycle phases of regulatory compliance to perform compliance modeling, checking, analysis and enactment tasks. The results also demonstrate with statistical evidence that compliance enactment (which involves putting mechanisms in place to address changes in the compliance representations, business processes or regulatory requirements) has received the least attention. This is a worrisome situation given the dynamic environment in which businesses operate. We argue that the findings in this work are relevant toward understanding the current state of the domain, providing insights on what phases and tasks need improvement.