vLEI

Introducing the vLEI Ecosystem Governance Framework



The Global Legal Entity Identifier Foundation (GLEIF) has published the verifiable LEI (vLEI) Ecosystem Governance Framework based on the Trust over IP Governance Metamodel. The vLEI Ecosystem Governance Framework, which has been designed from the ground up to complement GLEIF’s existing LEI governance, defines the vLEI operational model and describes how the new digital trust ecosystem’s range of vLEI issuing stakeholders will qualify for and perform their roles in the Global LEI System.

Trust over IP Governance Metamodel

A year in the making, the Framework has been created in full accordance with standards and recommendations of the Trust over IP Foundation, hosted by the Linux Foundation. It is the most comprehensive Governance Framework developed based on the ToIP Governance Framework Meta-model.

The Framework provides essential detail on the governance structures and processes that will shape the development of the vLEI ecosystem together with the services that GLEIF will provide, including the vLEI Qualification Program, essential key and credential management services, and a communications platform for information sharing between GLEIF and its network of vLEI issuers.

The documents of an Ecosystem Governance Framework are comprised of a Primary Document, one or more Controlled Documents (separate supporting documents focusing on dedicated topics for the Framework), and the Identifier Governance and Credential Frameworks.

Summary of Change History of vLEI Ecosystem Governance Framework

EGF Version Document Name Document Version Document Version Date
2.0 Primary Document 1.1 August 30, 2023
GLEIF Identifier Governance Framework 1.0 December 16, 2022
Qualified vLEI Issuer Identifier Governance Framework and vLEI Credential Framework 1.3 December 15, 2023
Legal Entity vLEI Credential Framework 1.2 December 15, 2023
Qualified vLEI Issuer Authorization vLEI Credential Framework 1.2 December 15, 2023
Legal Entity Official Organizational Role vLEI Credential Framework 1.2 December 15, 2023
Legal Entity Engagement Context Role vLEI Credential Framework 1.2 December 15, 2023
Technical Requirements Part 1: KERI Infrastructure 1.2 December 15, 2023
Technical Requirements Part 2: vLEI Credentials 1.1 December 15, 2023
Technical Requirements Part 3: vLEI Credential Schema Registry 1.1 December 15, 2023
Glossary 1.3 December 15, 2023
Business Requirements 1.0 December 16, 2022
Governance Requirements 1.0 December 16, 2022
Trust Assurance Framework 1.3 December 15, 2023
Risk Assessment 1.2 December 15, 2023
Information Trust Policies 1.1 December 15, 2023
vLEI Issuer Qualification Agreement 1.1 August 30, 2023
Appendix 1: Non-disclosure Agreement (NDA) 1.2 August 30, 2023
Appendix 2: vLEI Issuer Qualification Program Manual 1.3 December 15, 2023
Appendix 3: vLEI Issuer Qualification Program Checklist 1.4 December 15, 2023
Appendix 4: vLEI Issuer Contact Details 1.2 December 15, 2023
Appendix 5: Qualified vLEI Issuer Service Level Agreement 1.3 December 15, 2023
Appendix 6: Terms of Use Qualified vLEI Issuer Trustmark 1.1 August 30, 2023
Appendix 7: Qualified vLEI Issuer – Legal Entity Contract Terms 1.1 August 30, 2023

Primary Document

verifiable LEI (vLEI) Ecosystem Governance Framework Primary Document

The primary document is the master document for the Framework. GLEIF suggests that the Primary Document is an excellent place to start when reading the Framework.

Controlled Documents

Documents for the vLEI Issuer Qualification Program

There are several Controlled Documents that are dedicated to the roles and responsibilities of Qualified vLEI Issuers. These documents are part of the Legal Agreement section of the Framework. The main legal document is the vLEI Issuer Qualification Agreement, to which there are seven appendices.

The complete set of documents for vLEI Issuer Qualification can be accessed through the following link.

Identifier Governance Frameworks and Credential Frameworks

The Identifier Governance Frameworks focuses on GLEIF’s Autonomic Identifiers (AIDs) and the QVI Delegated AIDs. Each vLEI Credential has a Credential Framework, for each of the five types of vLEI Credentials. These Frameworks include policies and requirements for the issuance, verification, and revocation of each vLEI Credential, as well as the fields contained in each Credential, with a link to the technical schema.

GLEIF Identifier Governance Framework

A document that details the purpose, principles, policies, and specifications that apply to the use of the GLEIF Root Autonomic Identifier (AID) and its GLEIF Delegated AIDs in the vLEI Ecosystem.

Qualified vLEI Issuer Identifier Governance Framework and vLEI Credential Framework

The document is the authoritative Governance Framework for the Qualified vLEI Issuer Delegated AIDs and the Credential Framework for Qualified vLEI Issuer vLEI Credential. It specifies the purpose, principles, policies, and specifications that apply to the use of the Qualified vLEI Issuer Delegated AIDs and the QVI vLEI Credential in the vLEI Ecosystem.

Legal Entity vLEI Credential Framework

A document that details the requirements for a vLEI Credential, the entity level vLEI Credential issued by a Qualified vLEI Issuer to a Legal Entity.

Qualified vLEI Issuer Authorization vLEI Credential Framework

A document that details the requirements for the Qualified vLEI Issuer Authorization vLEI Credential which enables simple, safe, secure instruction and authorization by a Legal Entity Authorized Representative (LAR) sent to a QVI for the issuance and revocation of vLEI Role Credentials.

Legal Entity Official Organizational Role vLEI Credential Framework

A document that details the requirements for vLEI Role Credentials issued by a Qualified vLEI Issuer to official representatives of a Legal Entity.

Legal Entity Engagement Context Role vLEI Credential Framework

A document that details the requirements for vLEI Role Credentials issued to representatives of a Legal Entity in other than official roles but in functional or other context of engagement. These vLEI Role Credentials can be issued and revoked by a Legal Entity itself, or a Qualified vLEI Issuer can provide these value-added services to a Legal Entity.

Remaining Controlled Documents

Glossary

verifiable LEI (vLEI) Ecosystem Governance Framework Glossary

A document that lists all defined terms have been referenced in the Framework documents.

Risk Assessment

verifiable LEI (vLEI) Ecosystem Governance Framework Risk Assessment

A document that assesses certain risk categories regarding the operation of the vLEI Ecosystem and Infrastructure. Although for purposes of the Framework, the Risk Assessment is a separate document, responsible managers within GLEIF will manage these risks as part of the GLEIF risk register.

Trust Assurance and Certification

verifiable LEI (vLEI) Ecosystem Governance Framework Trust Assurance Framework

This document focuses on the ‘MUST’ statements within the other Framework documents and specifies the services/processes that will be used to evaluate compliance with these statements.

Governance Requirements

verifiable LEI (vLEI) Ecosystem Governance Framework Governance Requirements

This document specifies the governance of GLEIF in its role in the Global LEI System including the the regulatory oversight of GLEIF by the Regulatory Oversight Committee. Every LEI must be managed according to this governance which places GLEIF in the management role for the Global LEI System.

Business Requirements

verifiable LEI (vLEI) Ecosystem Governance Framework Business Requirements

This document specifies certain business requirements for the vLEI services of GLEIF and Qualified vLEI Issuers (QVIs).

Technical Requirements

There are three separate Controlled Documents for the Framework’s Technical Requirements, with self-explanatory titles.

verifiable LEI (vLEI) Ecosystem Governance Framework Technical Requirements Part 1: KERI Infrastructure

verifiable LEI (vLEI) Ecosystem Governance Framework Technical Requirements Part 2: vLEI Credentials

verifiable LEI (vLEI) Ecosystem Governance Framework Technical Requirements Part 3: vLEI Credential Schema Registry

Information Trust Policies

verifiable LEI (vLEI) Ecosystem Governance Framework Information Trust Policies

This document defines the information security, privacy, availability, confidentiality, and processing integrity policies for the Framework.

The Ecosystem Governance Framework will be maintained by GLEIF and reviewed for revision at least once a year.