vLEI
Introducing the vLEI Ecosystem Governance Framework
The Global Legal Entity Identifier Foundation (GLEIF) has published the verifiable LEI (vLEI) Ecosystem Governance Framework based on the Trust over IP Governance Metamodel. The vLEI Ecosystem Governance Framework, which has been designed from the ground up to complement GLEIF’s existing LEI governance, defines the vLEI operational model and describes how the new digital trust ecosystem’s range of vLEI issuing stakeholders will qualify for and perform their roles in the Global LEI System.
A year in the making, the Framework has been created in full accordance with standards and recommendations of the Trust over IP Foundation, hosted by the Linux Foundation. It is the most comprehensive Governance Framework developed based on the ToIP Governance Framework Meta-model.
The Framework provides essential detail on the governance structures and processes that will shape the development of the vLEI ecosystem together with the services that GLEIF will provide, including the vLEI Qualification Program, essential key and credential management services, and a communications platform for information sharing between GLEIF and its network of vLEI issuers.
The documents of an Ecosystem Governance Framework are comprised of a Primary Document, one or more Controlled Documents (separate supporting documents focusing on dedicated topics for the Framework), and the Identifier Governance and Credential Frameworks.
Summary of Change History of vLEI Ecosystem Governance Framework
| EGF Version | Document Name | Document Version | Document Version Date |
|---|---|---|---|
| 2.0 | Primary Document | 1.1 | August 30, 2023 |
| GLEIF Identifier Governance Framework | 1.0 | December 16, 2022 | |
| Qualified vLEI Issuer Identifier Governance Framework and vLEI Credential Framework | 1.4 | April 10, 2024 | |
| Legal Entity vLEI Credential Framework | 1.3 | April 10, 2024 | |
| Qualified vLEI Issuer Authorization vLEI Credential Framework | 1.2 | December 15, 2023 | |
| Legal Entity Official Organizational Role vLEI Credential Framework | 1.3 | April 10, 2024 | |
| Legal Entity Engagement Context Role vLEI Credential Framework | 1.3 | April 10, 2024 | |
| Technical Requirements Part 1: KERI Infrastructure | 1.2 | December 15, 2023 | |
| Technical Requirements Part 2: vLEI Credentials | 1.1 | December 15, 2023 | |
| Technical Requirements Part 3: vLEI Credential Schema Registry | 1.1 | December 15, 2023 | |
| Glossary | 1.3 | December 15, 2023 | |
| Business Requirements | 1.0 | December 16, 2022 | |
| Governance Requirements | 1.0 | December 16, 2022 | |
| Trust Assurance Framework | 1.4 | April 10, 2024 | |
| Risk Assessment | 1.2 | December 15, 2023 | |
| Information Trust Policies | 1.1 | December 15, 2023 | |
| vLEI Issuer Qualification Agreement | 1.1 | August 30, 2023 | |
| Appendix 1: Non-disclosure Agreement (NDA) | 1.2 | August 30, 2023 | |
| Appendix 2: vLEI Issuer Qualification Program Manual | 1.3 | December 15, 2023 | |
| Appendix 3: vLEI Issuer Qualification Program Checklist | 1.4 | December 15, 2023 | |
| Appendix 4: vLEI Issuer Contact Details | 1.2 | December 15, 2023 | |
| Appendix 5: Qualified vLEI Issuer Service Level Agreement | 1.3 | December 15, 2023 | |
| Appendix 6: Terms of Use Qualified vLEI Issuer Trustmark | 1.1 | August 30, 2023 | |
| Appendix 7: Qualified vLEI Issuer – Legal Entity Contract Terms | 1.1 | August 30, 2023 |
Primary Document
verifiable LEI (vLEI) Ecosystem Governance Framework Primary Document
The primary document is the master document for the Framework. GLEIF suggests that the Primary Document is an excellent place to start when reading the Framework.
Controlled Documents
Documents for the vLEI Issuer Qualification Program
There are several Controlled Documents that are dedicated to the roles and responsibilities of Qualified vLEI Issuers. These documents are part of the Legal Agreement section of the Framework. The main legal document is the vLEI Issuer Qualification Agreement, to which there are seven appendices.
The complete set of documents for vLEI Issuer Qualification can be accessed through the following link.
Identifier Governance Frameworks and Credential Frameworks
The Identifier Governance Frameworks focuses on GLEIF’s Autonomic Identifiers (AIDs) and the QVI Delegated AIDs. Each vLEI Credential has a Credential Framework, for each of the five types of vLEI Credentials. These Frameworks include policies and requirements for the issuance, verification, and revocation of each vLEI Credential, as well as the fields contained in each Credential, with a link to the technical schema.
GLEIF Identifier Governance Framework
A document that details the purpose, principles, policies, and specifications that apply to the use of the GLEIF Root Autonomic Identifier (AID) and its GLEIF Delegated AIDs in the vLEI Ecosystem.
Qualified vLEI Issuer Identifier Governance Framework and vLEI Credential Framework
The document is the authoritative Governance Framework for the Qualified vLEI Issuer Delegated AIDs and the Credential Framework for Qualified vLEI Issuer vLEI Credential. It specifies the purpose, principles, policies, and specifications that apply to the use of the Qualified vLEI Issuer Delegated AIDs and the QVI vLEI Credential in the vLEI Ecosystem.
Legal Entity vLEI Credential Framework
A document that details the requirements for a vLEI Credential, the entity level vLEI Credential issued by a Qualified vLEI Issuer to a Legal Entity.
Qualified vLEI Issuer Authorization vLEI Credential Framework
A document that details the requirements for the Qualified vLEI Issuer Authorization vLEI Credential which enables simple, safe, secure instruction and authorization by a Legal Entity Authorized Representative (LAR) sent to a QVI for the issuance and revocation of vLEI Role Credentials.
Legal Entity Official Organizational Role vLEI Credential Framework
A document that details the requirements for vLEI Role Credentials issued by a Qualified vLEI Issuer to official representatives of a Legal Entity.
Legal Entity Engagement Context Role vLEI Credential Framework
A document that details the requirements for vLEI Role Credentials issued to representatives of a Legal Entity in other than official roles but in functional or other context of engagement. These vLEI Role Credentials can be issued and revoked by a Legal Entity itself, or a Qualified vLEI Issuer can provide these value-added services to a Legal Entity.
Remaining Controlled Documents
Glossary
verifiable LEI (vLEI) Ecosystem Governance Framework Glossary
A document that lists all defined terms have been referenced in the Framework documents.
Risk Assessment
verifiable LEI (vLEI) Ecosystem Governance Framework Risk Assessment
A document that assesses certain risk categories regarding the operation of the vLEI Ecosystem and Infrastructure. Although for purposes of the Framework, the Risk Assessment is a separate document, responsible managers within GLEIF will manage these risks as part of the GLEIF risk register.
Trust Assurance and Certification
verifiable LEI (vLEI) Ecosystem Governance Framework Trust Assurance Framework
This document focuses on the ‘MUST’ statements within the other Framework documents and specifies the services/processes that will be used to evaluate compliance with these statements.
Governance Requirements
verifiable LEI (vLEI) Ecosystem Governance Framework Governance Requirements
This document specifies the governance of GLEIF in its role in the Global LEI System including the the regulatory oversight of GLEIF by the Regulatory Oversight Committee. Every LEI must be managed according to this governance which places GLEIF in the management role for the Global LEI System.
Business Requirements
verifiable LEI (vLEI) Ecosystem Governance Framework Business Requirements
This document specifies certain business requirements for the vLEI services of GLEIF and Qualified vLEI Issuers (QVIs).
Technical Requirements
There are three separate Controlled Documents for the Framework’s Technical Requirements, with self-explanatory titles.
verifiable LEI (vLEI) Ecosystem Governance Framework Technical Requirements Part 2: vLEI Credentials
Information Trust Policies
verifiable LEI (vLEI) Ecosystem Governance Framework Information Trust Policies
This document defines the information security, privacy, availability, confidentiality, and processing integrity policies for the Framework.
The Ecosystem Governance Framework will be maintained by GLEIF and reviewed for revision at least once a year.