This study obtains a set of guidelines with which IS designers can achieve regulatory compliance with data retention requirements. Previous work has explored how to assess compliance threats and to visualize the outcome of policies enforcement but has failed to address how regulatory compliance involves multiple agents seeking to optimize their individual payoffs. We propose a typology that acknowledges in the enterprise business model the return on investment of agents affected by the new controls. Such agents are assumed to be co-opeting, i.e. they gain by cooperating, even if they have different goals. Grounded in control theory and the technology acceptance model, our conceptual design and its implementation represent an economically viable way to align business, legal and IT requirements concerning regulatory compliance with data retention requirements.