Applied Research

The GR3C welcomes research project proposals in the FS GRC space from Industry and has a rigorous process for evaluating suggestions that might add value to its existing applied R&D Programme.

To download the GR3C Project Proposal template please click here.  The template is intended to provide guidance to those interested in fashioning proposals to the Centre on the level of granularity required for submissions to be considered by the Centre’s Management and if appropriate, ultimately the Centre’s Steering Committee.

Please contact the Centre’s Director, Peter Cowap ( for further information.

Project 1 Regulatory Compliance Change Management System (RCMS) 

The objective of this project is to make sense of the wide and complex spectrum of legislation and regulations and to provide financial services organisations, GRC vendors and others with the ability to (1) query legislation, regulations and other texts in order to identify compliance imperatives; (2) identify changes to existing legislation and regulation introduced by amendments to existing law or new law; (3) enable regulatory compliance change management.  The primary platform components for this system are based on the Financial Industry Regulatory Ontology (FIRO) and related NLP algorithms.

Project 2 Regulatory Compliance Interpretation Methodology (RIM)

The GR3C has developed and applied a methodology using the Semantics of Business Vocabulary and business Rules (SBVR) to transform such text into a Regulatory Compliance Natural Language (RCNL). Thus, legislation and regulations described in RCNL are easily accessible by business users, such as finance professionals, GRC officers, and so on, while also being machine readable in OWL2.

Project 3: Regulatory Compliance Information System (RIS)

Development of this web-based application will enable users to create vocabularies and rules, in either a Business or Regulatory Compliance Natural Language, according to the Semantics of Business Vocabulary and business Rules specification. The application will output and store them as XML documents in an XML document store compliant to the Akoma Ntoso document format, to ensure legal precision in managing official regulatory documents as well as to improve document interchange capabilities. Our research indicates that application support for building SBVR-based XML documents for search and retrieval by SMEs is a clear business need.

Project 4: Regulatory Compliance Knowledge Base (RKB)

This project will take the regulatory compliance vocabularies and rules, developed in related projects, and store them in an XML-based Regulatory Compliance Knowledge Base (RKB). This Semantics Repository will be based on the SBVR-based Regulatory Compliance Natural Language, and implemented as an XML-based document store, which will also be used store FIRO and FIGO-based RDF/OWL documents. It is also planned to have the RKB export Universal Resource Indicators (URIs) for business, GRC, and regulatory compliance concepts and rules. The RKB model could also be exploited by financial institutions and GRC software vendors alike in providing semantics-based solutions for regulatory compliance.

Project 5: Regulatory Compliance Knowledge Management Systems (RKMS)

Software applications currently on the market from GRC vendors do not effectively address the many challenges and complexity of regulatory compliance knowledge management. This project aims to develop a suite of components that could be used by financial services organisations and GRC software vendors to develop Regulatory Compliance Knowledge Management Systems (RKMS).  The primary platform components are based on the Financial Industry GRC Ontology (FIGO) and semantically-defined process models.

Project 6: Regulatory Compliance Maturity Model (RMM)

The Regulatory Compliance Maturity Model provides a means for developing an evolutionary roadmap for planning process improvements across an enterprise. It incorporates business needs, objectives, context, structure, operations, processes, functions and products. The development of a Regulatory Compliance Maturity Model (RMM) for the AML sub-domain in the Operational Risk domain, an associated demonstrator, and its integration with semantic technology potentially provides the GR3C with a differentiated GRC value proposition within an increasingly commoditized Capability Maturity Model community.   There are clear business and regulatory needs for an independent model.