The vLEI system uses several advanced technologies to ensure secure and verifiable digital identities:
• Key Event Receipt Infrastructure (KERI) for decentralized key management.
• Authentic Chained Data Container (ACDC) for creating tamper-resistant digital credentials.
• Composable Event Streaming Representation (CESR) for secure digital signing.
• Distributed Ledger Technologies (DLT) and Self-Sovereign Identity (SSI) frameworks to support decentralized identity verification.
Only Qualified vLEI Issuers (QVIs) are able to issue vLEIs to users. Nord vLEI is a QVI. All QVIs must meet strict standards and complete a qualification program established by the Global Legal Entity Identifier Foundation (GLEIF).
Qualified vLEI Issuers (QVIs) are organizations that have been certified by GLEIF to issue vLEIs. All QVIs must adhere to strict standards and undergo a rigorous qualification process to ensure they meet the necessary performance and quality requirements. Once qualified, QVIs can issue vLEIs to legal entities and their representatives.
To date, the only European QVI is Nord vLEI.
The vLEI system uses the Key Event Receipt Infrastructure (KERI) to manage cryptographic keys in a decentralized manner. KERI enables the generation, rotation, and revocation of cryptographic keys, ensuring that each party involved (GLEIF, QVIs, and vLEI holders) maintains full independent control and portability across different systems. This enhances the security and flexibility of the vLEI system.
The Global Legal Entity Identifier Foundation (GLEIF) plays a central role in the vLEI system by:
• Acting as the Root of Trust for the vLEI ecosystem.
• Overseeing the qualification and performance of Qualified vLEI Issuers (QVIs).
• Ensuring the operational integrity and compliance of the vLEI system with international standards.
• Providing the necessary infrastructure and governance framework for the vLEI ecosystem.
The Trust over IP (ToIP) Governance Metamodel is a comprehensive framework developed by the Trust over IP Foundation, which is hosted by the Linux Foundation. It provides guidelines and standards for creating digital trust ecosystems. The vLEI Ecosystem Governance Framework is based on the ToIP Governance Metamodel, and defines the operational model, roles, and responsibilities within the vLEI ecosystem.
The Authentic Chained Data Container (ACDC) specification is a set of standards used in the vLEI system to create tamper-resistant digital credentials. These credentials are capable of decentralized verification, ensuring that the data they contain remains secure and verifiable. The ACDC specification is a key component in establishing the trustworthiness of vLEI credentials.
The Composable Event Streaming Representation (CESR) in the vLEI system supports secure digital signing. CESR allows for the creation of digital signatures that can be used to sign specific parts of documents, entire documents, or other digital assets. This ensures that the content is verifiable and has not been tampered with, enhancing the security of digital transactions and interactions.
Use cases for vLEI in financial transactions include:
• Signing corporate documents and contracts.
• Cross border transactions & financing
• Onboarding customers.
• Managing supply chain transactions.
• Submitting regulatory filings and reports.
• Ensuring compliance with anti-money laundering (AML) and Know Your Customer (KYC) regulations.
• Approving business transactions and financial statements.
The advantages of using vLEI for regulatory filings include:
• Automated and secure verification of the identities of Legal Entities and their representatives.
• Reduced manual overhead and increased efficiency in data submissions.
• Enhanced accuracy and reliability of regulatory filings.
• Improved compliance with regulatory requirements.
• Streamlined processes for submitting and verifying reports to regulatory authorities.
The steps involved in obtaining a vLEI are as follows:
•Application: An organization applies to a Qualified vLEI Issuer (QVI) like Nord vLEI.
•Verification: The QVI verifies the organization's identity and the identities of its representatives.
•Issuance: Once verified, the QVI issues the vLEI to the organization and its representatives.
•Credential Management: The organization and its representatives manage their vLEI credentials via Nord vLEI, which can be used for various digital interactions and transactions.