Global Legal Entity Identifier Foundation publishes its vLEI Ecosystem Governance Framework

The Global Legal Entity Identifier Foundation (GLEIF) has announced the publication of its verifiable LEI (vLEI) Ecosystem Governance Framework. 

The Legal Entity Identifier (LEI) is a 20-character, alpha-numeric code based on the ISO 17442 standard developed by the International Organization for Standardization (ISO). 

The vLEI Ecosystem Governance Framework, which has been designed from the ground up to complement GLEIF’s existing LEI governance, defines the vLEI operational model and describes how the new ecosystem’s range of vLEI issuing stakeholders will qualify for and perform their roles in the Global LEI System.

The Framework has been created in full accordance with standards and recommendations of the Trust Over IP Foundation (ToIP), hosted by the Linux Foundation. It is the most comprehensive framework ever developed based on the ToIP Governance Metamodel. 

The Framework provides details on the governance structures and processes that will shape the development of the vLEI issuance ecosystem together with the services that GLEIF will provide, including the vLEI Issuer Qualification Program, essential key and credential management services, and a communications platform for information sharing between GLEIF and its network of vLEI issuers.

By wrapping new and existing LEIs in Verifiable Credentials, the vLEI offers a digitally trustworthy version of the LEI, allowing automated verification of legal entities and their authorized representatives, without the need for human intervention. The vLEI leverages the Global LEI System, which is the only open, standardized, and regulatory-endorsed system for legal entity identification. 

Verifiable Credentials are digitally signed credentials that are not only tamper-resistent but capable of being verified in decentralized manner. vLEIs are based on the Trust over IP Authentic Chained Data Container (ACDC) specification, based on the Key Event Receipt Infrastructure (KERI) protocol (an Internet Engineering Task Force (IETF) draft specification), which is a more secure, enhanced variant of the W3C Verifiable Credential specification.

Use of VCs began in the domain of self-sovereign identity through so-called ‘individual wallets,’ which contain digital versions of credentials issued to and carried by natural persons. Examples include driver's licenses, passports, store loyalty and membership cards. All of these exist as physical credentials today and will likely have both an analog and a digital version in the near future. Self-sovereign identity is based on the principle that natural persons should have control over the personal information contained in their credentials and can choose to prove their identity and certain facts about themselves in a controlled and safe manner.

GLEIF asserts that the LEI is the ideal foundation on which to establish a chain of trust for organizational identity.

The vLEI will give government organizations, companies and other legal entities worldwide the capacity to use non-repudiable identification data pertaining to their legal status, ownership structure, authorized representatives and employees in a growing number of digital business activities. This includes approving business transactions and contracts, onboarding customers, transaction within import/export and supply chain business networks and submitting regulatory filings and reports. GLEIF already is engaged in research partnerships and technical trials with stakeholders across the pharmaceutical, healthcare, telecom, automotive and financial services sectors.

The credentials in the vLEI Trust Chain are chained to each other as vLEIs are Authentic Chained Data Container (ACDC) credentials. This allow for the provenance of vLEIs to be traced back to GLEIF as both the Root of Trust for the vLEI Trust Chain as well as the entity that ensures that operational integrity of the Global LEI System.

The vLEI infrastructure will be a network-of-networks of true universality and portability, developed using the KERI (Key Event Receipt Infrastructure) protocol. It will support the full range of blockchain, self-sovereign identity and other decentralized key management platforms. vLEIs will be hostable on both ledgers and cloud infrastructure supporting both the decentralization of ledgers plus the control and performance of cloud. Portability will enable GLEIF’s vLEI ecosystem to unify all ledger-based ecosystems that support the vLEI.