Using business process compliance approaches for compliance management with regard to digitization: Evidence from a systematic literature review

Abstract

Business Process Compliance (BPC) means ensuring that business processes are in accordance with relevant compliance requirements. Thus, BPC is an essential part of both business process management (BPM) and compliance management (CM). Digitization has also been referred to as a “digital revolution” that describes a technological change that has extended to many organizational areas and tasks, including compliance. Current efforts to digitize, e.g., by realizing cyber-physical systems, rely on the automation and interoperability of systems. In order for CM not to hamper these efforts, it becomes an increasingly relevant issue to digitize compliance as well. The managerial perspective of compliance comprises several phases, which together represent a CM life-cycle. Efforts to digitize compliance require bundling interoperable BPC technologies, methods, and tools supporting this life-cycle in a consolidated manner. Several approaches addressing the field of BPC have already been developed and explored. Based on a systematic literature review, we examined these approaches in terms of their suitability for supporting the CM life-cycle phases in support of the digitization of compliance. The results of our literature review show which CM life-cycle phases are supported by BPC approaches and which phases are the focus of research. Moreover, the results show that a purely sequential clustering, as specified in a CM life-cycle, is not always suitable for the bundling of BPC approaches in support of the digitization of compliance. Consequently, we propose a novel, task-oriented clustering of BPC approaches that is particularly oriented toward interoperability.