Inside IBM: SOA-Enabled Business Transformation
How IBM does it
May. 9, 2007 04:30 PM
Case Study 4: Export Validation - Regulatory Compliance
IBM must comply with
U.S. export regulations for product deliveries within the U.S. and
abroad. This requirement is met by multiple applications performing
export checks on customer demographic data and product purchases and
Each month the U.S. Export Regulations Office publishes a new version
of its Denied Parties List. When a new list is distributed we have to
check existing customer data against the new list to ensure none of the
additions match existing customers.
Multiple applications support
U.S. export regulations compliance. Existing brittle legacy
architecture made modifications and extensions cumbersome. Each time an
application needed export checks integration work was required to
incorporate the existing common export code. It was custom work each
time and very specific to the application. The IBM Software Delivery
and Fulfillment organization, responsible for implementing the U.S.
Export Regulations Procedures, wanted a solution that would be easy to
integrate and was highly reusable without rework.
The Export Validation
Service (EVS) was first deployed in December of 2003. Implemented as a
Web Service, it's easily used by multiple business applications
requiring export validation functionality.
The solution, includes externalized business rules that allow for
real-time updates of U.S. government-driven compliance lists. The EVS
fits perfectly with what service-orientation is intended for - use by
multiple applications on different platforms since no specific
integration is required.
EVS does export checks with the provisions for override capability.
Requests and responses are sent in XML format using SOAP over HTTPS.
Once a consumer application has set up an interface to access the EVC
no additional changes are required.
Updates to the Denied Parties List or other export regulation checks
are contained in the service. The consuming application sends customer
demographic data via the defined interface implemented as XML
documents. Export checks are run using this data and the results are
returned via the defined interface. When there is an export failure the
customer's data is added to an override administrator's queue for
review via the Override Administration service.
Through this solution IBM was able to improve responsiveness
to frequently changing U.S. government export regulations. For new
applications requiring export validation functionality, dramatic development cost and cycle time reductions were realized. In addition, measurable cost savings were achieved in ongoing support of compliance with changes in U.S. government Denial Parties List and other business rules.
Best Practices/Lessons Learned
implementation of this solution, we once again saw the importance of
externalizing business rules. Besides providing more flexibility,
externalized business rules allowed delegation of decision-making authority, accountability
on rules interpretation, and support of a single team of experts.
Identifying what decisions have to be made and who needs to make them
is an important step in overall SOA governance.
The team has also used incremental onboarding of legacy applications that provided a non-disruptive transition path.
The parallel evolutions of businesses
and IT raised the new challenge of establishing a tighter link between
business strategy and enabling technologies. SOA finds increasingly
broad acceptance and is emerging as the dominant technology to support
business transformation as a significant step in bridging this
The four SOA initiatives described in this article have helped IBM
reach new levels of business efficiency through the faster introduction
of new business capabilities and optimized business processes. As these
case studies demonstrate, SOA enables historically isolated data and
functionality to interoperate throughout enterprises and greatly
improves collaboration with customers and business partners. It uses
existing resources to improve productivity and the enterprise's ability
to react quickly to changing business needs, regulatory demands and
market conditions. SOA-enabled solutions help achieve desired business
flexibility by providing increased visibility into business operations
and making changing to processes and business rules faster, broader,
and less expensive, even across organizational boundaries.
SOA could be one of the most significant technological advances helping
enterprise achieve business agility required in 21st century.
I would like to thank my colleagues Carl Osipov, Geoffrey Meissner,
and Lance Walker for their insight and their contributions by providing
cases study experience reports. I would also like to thank many of my
other IBM colleagues, consultants, architects, development and project
managers, who developed innovative solutions and took their time to
document and share their experiences and lessons learned (both best
practices and anti-patterns). There are too many of them to mention.
Cited References and Notes
• L. Cherbakov, G. Galambos, R. Harishankar, S. Kalyana, and G.
Rackham, "Impact of service orientation at the Business Level." IBM
Systems Journal. Volume 44, Number 4, 2005. www.research.ibm.com/journal/sj/444/cherbakov.html.
• Ron Schmelzer and Jason Bloomberg. ZapThink. April, 2006. www.zapthink.com/.
• IBM Press release. www-03.ibm.com/press/us/en/pressrelease/7491.wss.
• "Patterns: Service-Oriented Architecture and Web Service." IBM Red Books. www.redbooks.ibm.com/redbooks/SG246303/wwhelp/wwhimpl/java/html/wwhelp.htm.
• developerWorks series On demand business process life cycle www-128.ibm.com/developerworks/ibm/ws-odbp/.
• Jenny Ang, Luba Cherbakov, and Mamdouh Ibrahim. "SOA Anti-patterns." developerWorks www-128.ibm.com/developerworks/webservices/library/ws-antipatterns/.