Office Action Predictor
Last updated: April 16, 2026
Application No. 18/597,505

SYSTEMS AND METHODS FOR AUTOMATICALLY DETERMINING CODE COMPLIANCE

Non-Final OA §101§112
Filed
Mar 06, 2024
Examiner
ST LEGER, GEOFFREY R
Art Unit
2192
Tech Center
2100 — Computer Architecture & Software
Assignee
Equifax INC.
OA Round
1 (Non-Final)
82%
Grant Probability
Favorable
1-2
OA Rounds
2y 7m
To Grant
93%
With Interview

Examiner Intelligence

Grants 82% — above average
82%
Career Allow Rate
524 granted / 635 resolved
+27.5% vs TC avg
Moderate +11% lift
Without
With
+10.8%
Interview Lift
resolved cases with interview
Typical timeline
2y 7m
Avg Prosecution
28 currently pending
Career history
663
Total Applications
across all art units

Statute-Specific Performance

§101
16.6%
-23.4% vs TC avg
§103
48.3%
+8.3% vs TC avg
§102
14.8%
-25.2% vs TC avg
§112
12.6%
-27.4% vs TC avg
Black line = Tech Center average estimate • Based on career data from 635 resolved cases

Office Action

§101 §112
DETAILED ACTION The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . Claims 1-20 have been submitted for examination and are pending further prosecution by the United States Patent & Trademark Office. Allowable Subject Matter With respect to independent claim 1, the prior art of record does not teach or suggest, either solely or in combination, the limitations "generating, by a compliance computing system, an evidence repository comprising evidence data received via an application programming interface (API) from one or more systems, wherein the evidence data is associated with one or more requirements and wherein generating the evidence repository comprises: receiving the evidence data and evidence metadata; and mapping the evidence data to one or more requirements based on the evidence metadata," when considered in combination with the other limitations of claim 1. With respect to independent claim 8, the prior art of record does not teach or suggest, either solely or in combination, the limitations "generating an evidence repository comprising evidence data received via an application programming interface (API) from one or more systems, wherein the evidence data is associated with one or more requirements and wherein generating the evidence repository comprises: receiving the evidence data and evidence metadata; and mapping the evidence data to one or more requirements based on the evidence metadata," when considered in combination with the other limitations of claim 8. With respect to independent claim 15, the prior art of record does not teach or suggest, either solely or in combination, the limitations "generating, by a compliance computing system, an evidence repository comprising evidence data received via an application programming interface (API) from one or more systems, wherein the evidence data is associated with one or more requirements and wherein generating the evidence repository comprises: receiving the evidence data and evidence metadata; and mapping the evidence data to one or more requirements based on the evidence metadata," when considered in combination with the other limitations of claim 15. Note, however, that claims 1-4, 6-11, 13-18 and 20 are rejected under 35 U.S.C. 101 as being directed to an abstract idea (see below). Claims 5, 12 and 19 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims. Specification The disclosure is objected to because in paragraphs [0046] and [0056], the element number "208" is associated both with "storage" and "connector". Appropriate correction is required. The abstract of the disclosure is objected to because the second sentence is redundant. It is suggested that Applicant amend the abstract as follows: -- In some aspects, a compliance computing system can generate an evidence repository including evidence data received via an application programming interface (API) from one or more external systems. Applicant is reminded of the proper language and format for an abstract of the disclosure. The abstract should be in narrative form and generally limited to a single paragraph on a separate sheet within the range of 50 to 150 words. It is important that the abstract not exceed 150 words in length since the space provided for the abstract on the computer tape used by the printer is limited. The form and legal phraseology often used in patent claims, such as "means" and "said," should be avoided. The abstract should describe the disclosure sufficiently to assist readers in deciding whether there is a need for consulting the full patent text for details. The language should be clear and concise and should not repeat information given in the title. It should avoid using phrases which can be implied, such as, "The disclosure concerns," "The disclosure defined by this invention," "The disclosure describes," etc. When re-submitted, the new abstract must be in a separate sheet, apart from other sheets. Correction is required. See MPEP § 608.01(b). Claim Rejections - 35 USC § 112 The following is a quotation of 35 U.S.C. 112(b): The following is a quotation of 35 U.S.C. 112(b): (b) CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention. The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph: The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention. Claims 1-20 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA 35 U.S.C. 112, the applicant), regards as the invention. Regarding claim 1, “the compliance computing system” in line 15 is unclear whether it refers to “a compliance computing system” in line 3 or 10 of the claim. For the examination purposes, “a compliance computing system” in line 10 will be treated as --the compliance system--. Regarding claim 8, “the compliance computing system” in line 17 lacks proper antecedent basis. For the examination purposes, it will be treated as --a compliance computing system --. Regarding claim 15, “the compliance computing system” in line 16 is unclear whether it refers to “a compliance computing system” in line 4 or 11 of the claim. For the examination purposes, “a compliance computing system” in line 11 will be treated as --the compliance system--. Claims 2-7, 9-14, and 16-20 depend on the rejected claims and inherit the same issues. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. Claims 1-4, 6-11, 13-18 and 20 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more. Claim 1 recites a method for providing evidence data associated with one or more requirements responsive to a request. Given its broadest reasonable interpretation, claim 1 would fall under the category of mental processes as the claim features limitations performable as mental steps, with the assistance of pen & paper, but without additional elements that integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. An analysis of claim 1 according to the 2019 Revised Patent Subject Matter Eligibility test follows: Step 1: Is the claim directed to a process, machine, manufacture or composition of matter? Yes, claim 1 is directed to a method and, therefore, a process. Step 2A Prong 1: Does the claim recite an Abstract Idea, Law of Nature, or Natural Phenomenon? Yes, claim 1 recites an abstract idea as the following limitations are performable as mental processes with the assistance of pen & paper: generating, : - a requirements engineer can maintain, in a notebook, written evidence of how a particular application satisfies one or more regulatory requirements; and wherein generating the evidence repository comprises: receiving the evidence data and evidence metadata; and mapping the evidence data to one or more requirements based on the evidence metadata, - the requirements engineer can create an evidence table in the notebook with columns for evidence data, evidence metadata and requirements, where each row of the table is filled with an instance of respective information corresponding to a given column; receiving, - the requirements engineer can verbally receive a request comprising a requirement identifier associated with a target requirement from an auditor; querying the evidence repository based on the requirement identifier to retrieve the evidence data associated with the target requirement; - the requirements engineer can consult the notebook using the requirement identifier as a key to looking up corresponding evidence data in the evidence table. Step 2A Prong 2: Does the Claim Recite Additional Elements That Integrate The Judicial Exception Into A Practical Application? Claim 1 recites the additional elements of one or more processing devices for performing the method's operations. However, using generically recited processing devices to perform the method's operations simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, does not integrate the abstract idea into a practical application. Claim 1 also recites the additional element of a compliance computing system for generating the evidence repository comprising evidence data. However, using a generically recited computing system to generate a repository simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, does not integrate the abstract idea into a practical application. Claim 1 also recites the additional element of the evidence data received via an application programming interface (API) from one or more systems. However, receiving evidence data via an API from one or more systems amounts to an insignificant pre-solution activity in the form of data gathering and, therefore, does not integrate the abstract idea into a practical application. Claim 1 also recites the additional element of a compliance computing system for receiving a compliance request comprising a compliance query. However, using a generically recited computing system to receive a compliance request simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, does not integrate the abstract idea into a practical application. Finally, claim 1 recites the additional element of transmitting, via a firewall of the compliance computing system, a response message to an external computing system, wherein the response message comprises the retrieved evidence data. However, transmitting a response message containing retrieved data via a firewall amounts to an insignificant post-solution activity in the form of data outputting and, therefore, does not integrate the abstract idea into a practical application. Step 2B: Does the Claim Recite Additional Elements That Amount To Significantly More Than The Judicial Exception? Claim 1 recites the additional elements of one or more processing devices for performing the method's operations. However, using a generically recited processing device to perform the method's operations simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, is not significantly more than the abstract idea. Claim 1 also recites the additional element of a compliance computing system for generating the evidence repository comprising evidence data. However, using a generically recited computing system to generate a repository simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, is not significantly more than the abstract idea. Claim 1 also recites the additional element of the evidence data received via an application programming interface (API) from one or more systems. However, receiving data via an API from one or more systems is a well-understood, routine, conventional activity (see [0029] in US 20240061725 A1, for example) and, therefore, is not significantly more than the abstract idea. Claim 1 also recites the additional element of a compliance computing system for receiving a compliance request comprising a compliance query. However, using a generically recited computing system to receive a compliance request simply amounts to using a generic computer as a tool to perform the abstract idea and, therefore, is not significantly more than the abstract idea. Finally, claim 1 recites the additional element of transmitting, via a firewall of the compliance computing system, a response message to an external computing system, wherein the response message comprises the retrieved evidence data. However, transmitting a response message containing retrieved data via a firewall is a well-understood, routine, conventional activity (see page 4, paragraph 4 in KR 100647274 B1, for example) and, therefore, is not significantly more than the abstract idea. Claim 8, a system claim, is rejected for the same reasons given for analogous claim 1. While claim 8 recites the further additional elements of a processing device, a memory device and executable instructions for performing the method of claim 1, as recited, said further additional elements simply amount to using a generic computer as a tool to perform the abstract idea and, therefore, do not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claim 15, a medium claim, is rejected for the same reasons given for analogous claim 1. While claim 15 recites the further additional elements of a non-transitory computer-readable storage medium, program code, a processor device and a computing device for performing the method of claim 1, as recited, said further additional elements simply amount to using a generic computer as a tool to perform the abstract idea and, therefore, do not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claims 2, 9 and 16 recite the additional elements of "wherein the evidence repository is a cloud-based data repository in communication with a connector configured to index the evidence data in the evidence repository." which amounts to generally linking use of the judicial exception to a particular technological environment or field of use and, therefore, does not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claims 3, 10 and 17 recite the additional elements of "receiving the compliance query from the external computing system at a query engine of the compliance computing system;" and "executing the compliance query on the evidence repository using the connector configured to enable the external computing system to read data from the evidence repository." which amounts to using generic computing technology to implement the abstract idea and, therefore, does not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claims 4, 11 and 18 recite the additional element of "wherein querying the evidence repository further comprises querying, via the firewall, a database external to the compliance computing system." which amounts to using generic computing technology to implement the abstract idea and, therefore, does not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claims 6, 13 and 20 recite the additional element of "encrypting, by the compliance computing system, the response message prior to transmitting the response message to the external computing system via the firewall." which amounts to using generic computing technology to implement the abstract idea and, therefore, does not integrate the abstract idea into a practical application or amount to significantly more than the abstract idea. Claims 7 and 14 are also directed to the abstract idea as the limitation "determining that the external computing system is non-compliant with the target requirement based on a comparison of the evidence data with the target requirement;" can be performed by the requirements engineer determining non-compliance by consulting the notebook. The limitation "restricting access of the external computing system to an interactive computing environment based on the determination." can be performed as a mental step by the requirements engineer verbally barring employees from using an external computing system to access an interactive computing environment." Since the claims lack additional elements indicative of integration into a practical application or amounting to significantly more than the abstract idea, the claims are ineligible. Conclusion The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. US 20230144362 A1 discloses methods, non-transitory computer readable media, and systems for managing computing systems to detect and correct configuration gaps within specific system requirements frameworks. US 20250139639 A1 discloses a system for fielding user requests for evidence satisfying requirements of a standard by using a mapping table to associate evidence with a requirement and a repository to store the evidence. US 20160071113 A1 discloses an evidence assessment system for enabling a user to evaluate and update the status of the ability of evidence to satisfy a particular requirement of an agency. WO 2019113630 A1 discloses a compliance tool for populating with evidence standard libraries that demonstrate compliance against a standard, the compliance tool including a search tool for locating evidence in the libraries. US 10769379 B1 discloses an evidence table used by a facility to store evidence of compliance provided in connection with a control, the evidence table comprising a control ID column corresponding to a control to which the evidence relates, an evidence document ID column for retrieving a document containing the evidence, and an evidence description column describing the evidence provided by the document. The NPL document "World Best Requirements Management Tools & Software" is a review of the requirements management tool Doc Sheets. Any inquiry concerning this communication or earlier communications from the examiner should be directed to GEOFFREY R ST LEGER whose telephone number is (571)270-7720. The examiner can normally be reached M-F (IFP) ~9:00-5:00 pm. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Hyung S Sough can be reached at 571-272-6799. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /GEOFFREY R ST LEGER/Primary Examiner, Art Unit 2192
Read full office action

Prosecution Timeline

Mar 06, 2024
Application Filed
Jan 22, 2026
Non-Final Rejection — §101, §112
Mar 12, 2026
Examiner Interview Summary
Mar 12, 2026
Applicant Interview (Telephonic)
Mar 24, 2026
Response Filed

Precedent Cases

Applications granted by this same examiner with similar technology

Patent 12602214
DYNAMIC EVALUATION AND IMPROVEMENT OF ENERGY EFFICIENCY OF COMPUTER CODE
2y 5m to grant Granted Apr 14, 2026
Patent 12596939
AUTOMATIC LABELING OF DATA BY AN ENTITY GATHERING THE DATA
2y 5m to grant Granted Apr 07, 2026
Patent 12591716
METHODS AND APPARATUS FOR SECURE EXECUTION ON SMART NETWORK INTERFACE CARDS
2y 5m to grant Granted Mar 31, 2026
Patent 12572829
MONITORING MACHINE LEARNING MODELS IN RESOURCE CONSTRAINED SETTINGS
2y 5m to grant Granted Mar 10, 2026
Patent 12572628
SYSTEMS AND METHODS FOR EXECUTABLE GRAPH-BASED MODEL OWNERSHIP
2y 5m to grant Granted Mar 10, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

1-2
Expected OA Rounds
82%
Grant Probability
93%
With Interview (+10.8%)
2y 7m
Median Time to Grant
Low
PTA Risk
Based on 635 resolved cases by this examiner. Grant probability derived from career allow rate.

Sign in for Full Analysis

Enter your email to receive a magic link. No password needed.

Free tier: 3 strategy analyses per month