FIRO as a Standard
The Financial Industry Regulatory Ontology (FIRO) is a family of ontologies that enable efficient access to the wide and complex spectrum of regulations through formal semantics. As the semantic expression of the regulations governing financial services has not been the subject of comprehensive scientific investigation, this element of the GRC research initiative is essentially highly innovative. The financial services regulatory domain is being modelled in FIRO through an innovative approach that includes the semantic analysis of legal texts and rules by legal and financial subject matter experts (SMEs), their translation into a structured natural language, and the mapping of this regulatory natural language and rules this into machine language by ontology engineers. Regulatory ontology development is a non-trivial and challenging task. It is, in particular, a much more complex undertaking than developing ontologies for other domains, such as the Life Sciences’ biomedicine ontology. Part of this complexity stems from the fact that regulators define their policies independently of each other using different semantics for legal and business terms.
Thus, a regulatory ontology such as FIRO can help:
- Financial services companies to monitor, assess, and apply a multitude of regulations within and across regulatory domains to business processes and data;
- Model the regulations to help simplify their consumption;
- Make it simpler for enterprises to map GRC policies onto regulations and perform Regulatory Change Management;
- Help organisations keep abreast of the ramifications of complex interacting regulatory rules and policies;
- Reason over regulations to identify risks and compliance issues;
- Contribute to the emergence of SMART Regulation.
In order to achieve the multiple use scenarios, we propose FIRO in two layers—conceptual and operational. This follows the EDM Council’s schema for FIBO.
FIRO in GR3C
The Financial Industry Regulatory Ontology (FIRO) was developed by the Governance, Risk and Compliance Technology Centre to support the knowledge extraction and enhance the knowledge base for its research projects focused on knowledge management systems for regulatory compliance in the financial industry.
FIRO is a series of interlinked Ontologies based on industry standards to capture regulatory imperatives and rules in formal semantics. It will enable efficient access to, and smarter consumption of, the wide and complex spectrum of financial services industry regulations.
It also expresses the abstract model followed by the other GR3C projects:
- The parser (Hermes)
- The Methodology (RIM)
- The XML Schema (Mercury)
- The Tool (Ganesha)
- The Risk Management ontology (FiORO)
FIRO-HighLevel (FIRO-H) is a core legal ontology about regulatory compliance. It is centred around the concept of Requirement (Rule Statement) and the concept of Action, and defined in OWL.
FIRO-Structure (FIRO-S) deals with the structure and the semantics of the source document. It accounts for legal and non-legal documents alike. The purpose of FIRO-S is to integrate information from the source text part of Mercury to allow querying, Regulatory Change Management, and reasoning. FIRO-S relies on LegalDocML for the representation of the structure and the semantics of the legal document. FIRO-S is not formalized in OWL.
FIRO-Domain (FIRO-D) identifies the domain ontologies based on FIRO-H. Each contains one rulebook and the related vocabulary. This means that different rulebooks result in different instances of FIRO-Domain, and any common rule (or vocabulary entry) will be present in all relevant instances. Its possible applications include:
- Extract the rules valid for a particular point in time (exploiting RCM of FIRO-S);
- Classify instances of RegulatoryStatements as exceptions to other RegulatoryStatements;
- Classify BusinessRules as ensuring compliance with LegalRules.
FIRO-PurposeSpecific (FIRO-PS) is the ontology used for performing reasoning towards a specific application. It is a specialization of one or more FIRO-Ds. It may contain Factor instances to represent (either real or fictional) data. Its possible applications include:
- Classify Events (instances of Actions) on the basis of their relation to RegulatoryStatements, as either “relevant”, “complying”, “allowed”, “breaching”, “exempted”.