Companies continuously need to transmit corporate or personnel data to public authorities. In Germany, for example, national legislation currently stipulates over 10,000 reporting duties, resulting in annual bureaucracy costs of approximately 50 billion Euros. Often, similar or identical data have to be submitted for different purposes to different government agencies. As of today, these reportings are often paper-based processes which belong to different workflows and are spread over different organizational units. Besides, the legal framework changes regularly, which results in high expenses for adapting to the new reporting rules.
P23R aims at developing methods and tools to identify overlapping reporting processes and to implement organizational and technological concepts to efficiently transfer reporting data from business information systems to formally correct and secure reports to government.
In the course of the P23R project mainly two approaches were followed to achieve these aims:
- Reporting processes, which are characterized by an overlap of data, are bundled and executed within one single IT infrastructure, accessing one shared information base. Companies, thus, need to determine, maintain, and archive reporting data only once. Administrative authorities, on the other hand, receive electronic data with a high level of quality. As a prerequisite, reporting processes using the same information basis need to be identified. In the following, we will describe methods to analyse reporting duties on a meta level. The process meta analysis characterizes reporting duties by applying a set of criteria, which describe process features like process actors, reporting content, type of reporting duty, etc. The reporting duties analysed accordingly are collected in a process library which supports filtering and grouping similar reporting duties.
- Official regulations and laws prescribe how businesses have to fulfill their reporting duties. As of today, these regulations are issued as textual collections, which need to be “translated” into machine readable code as the basis for the automation of reporting tasks. This translation is mostly done decentrally by software companies providing solutions for specific reporting areas. In this paper, we propose a rule-based approach: laws are mapped onto a standardized formal, executable representation und made available in a so-called “rule repository”. Companies access this central repository provided by government to obtain up-to-date “notification rules”, which provide all information needed to compute and compose legally correct reportings and submit them to the appropriate government agency at the right date and in the prescribed format. If there are changes in law, companies only need to download the latest version of notification rules, but do not need to adapt their business software.
The chair for information systems mainly focused on the following work packages:
- Development and transfer of methods for identifying applicable reporting processes and reorganizing them according to the p23r principle
- Cost-benefit analysis for the project
- Communication/ marketing strategy for the project
- Pilot project focusing on emission reporting.
After developing the methodological and technical foundations of the P23R principle, a pilot project was conducted to prove its applicability. The piloting was done with partners from businesses and public administration located in the Rhine-Neckar metropolitan region, which extends over three German federal states and thus places high demands on interoperability. For the piloting, the domain-independent reference implementation of the P23R framework and security architecture was used as a technical basis. To determine candidates for process integration and to analyse them, the methods of process meta-analysis and domain modelling described above were employed.
On the basis of the P23R reference implementation, it was possible to generate valid notifications and reports in two domains: only the rules had to be domain-specific, but no changes to the P23R reference implementation itself had to be made. The transferability of the P23R rule-based approach was thus confirmed.
The formal language for notification rules (T-BRS) had enough expressive power to model rules for generating environmental reports, which required complex selection, aggregation, and transformation operations. In addition, it allowed for the definition of context-specific constraints so that the content of the reports reflected state-specific requirements.
The loose coupling of the framework and security architecture and our open approach made it possible to integrate the P23R reference implementation without great difficulty into the IT infrastructure of the piloting companies by using their own infrastructure and security components. On the one hand, the company thus remains the owner of its enterprise data, and on the other hand, it can still use its own trusted infrastructure.
After successfully completing the pilot test, we can safely assume that the P23R principle with its approach to process integration and its rule-based architecture is applicable in different reporting domains and can be applied to compose context-specific and complex reports. The pilot project also showed that by applying the P23R principle, bureaucracy costs can be reduced in two ways: by reducing the actual notification and report generation effort and by cutting on IT costs incurred by changing laws. On a more global scale, it has to be noted that the P23R principle promotes the harmonization of reporting duties (e.g., concerning terminology and content) by making the relations between different duties transparent and by putting them in relation to each other.
Technische Universität München, Chair for Information Systems (Prof. Dr. Krcmar)
Universität Kassel, provet