Compliance gaps / legal analysis is a pretty common theme in my community (meaning - it was mentioned 3-4 times by different teams). Here is how the approach usually looks like:
0. (the most painful step) Carefully parse all relevant documents into a structural representation that could be walked like a graph.
1. Extract relevant regulatory requirements using ontology-based classification and hybrid searches.
2. Break regulatory requirements into actionable analytical steps (turning a requirement into checklist/mini-pipeline)
3. Dynamically fetch and filter relevant company documents for each analytical step.
4. Analyze documents to generate intermediate compliance conclusions.
5. Iteratively validate and adjust analysis approach as needed.
