The vLEI builds on the established Legal Entity Identifier (LEI) system, which GLEIF operates and maintains as the Global LEI System (GLEIS).
The vLEI provides a secure and instant foundation for organizational identification through cryptographic verification. This significantly reduces verification time, cuts costs, and strengthens compliance processes for financial institutions and companies, enhancing overall efficiency.
The vLEI is in essence a cryptographically verifiable digital credential containing an organization’s LEI. Acting as a digital passport, it facilitates secure and immediate identity verification for organizations and their representatives. GLEIF, as the Governing Authority of the vLEI Ecosystem, oversees the qualification of Qualified vLEI Issuers (QVIs) who issue and maintain vLEIs.
The vLEI system enables the verification of both organizational identity and the roles within it, including their authority. This makes the vLEI more secure and reliable than traditional identification methods, providing clear, verifiable information for trusted organizational interactions.
Key vLEI Concept Summary
- Cryptographically verifiable digital identity for organizations globally
- Interoperability through open standards and royalty-free protocols
- Direct organizational control over digital credentials and identity data
- Enhancement of the existing LEI system with cryptographic verification
- Scalable through credential delegation while maintaining security
The Trust Chain
The vLEI ecosystem operates through a cryptographic trust structure. GLEIF’s Root Autonomic Identifier (AID) serves as the cryptographic root of trust. QVIs, qualified by GLEIF, receive credentials enabling them to issue vLEIs to Legal Entities. These Legal Entities can then authorize the issuance of role credentials to their representatives. This creates a verifiable chain of trust where every credential can be cryptographically traced to GLEIF’s root of trust.
Types of vLEI Credentials
The vLEI ecosystem includes four primary credential types:
- Legal Entity vLEI Credential: The foundational organizational identifier.
- Official Organizational Role (OOR) vLEI Credential: Verifies individuals in official organizational roles.
- Engagement Context Role (ECR) vLEI Credential: Validates individuals in functional roles.
- QVI Authorization vLEI Credential: Enables QVIs to issue credentials as authorized by Legal Entities.
Technical Infrastructure
The vLEI ecosystem relies on three core technical components:
- KERI (Key Event Receipt Infrastructure): Provides the identifier and key management architecture for the vLEI ecosystem. KERI uses self-certifying identifiers and features “pre-rotation,” a mechanism that protects against key compromise and quantum computing threats by pre-committing to future key changes.
- ACDC (Authentic Chained Data Containers): The standardized credential format that enables:
- Cryptographic proof of authenticity
- Credential chaining for verifiable relationships
- Privacy-preserving selective disclosure
- Cross-platform compatibility
- Validators: The ecosystem employs two types of validators:
- Witnesses: Distributed verifiers of key events that form part of the ambient verification environment.
- Watchers: Holders of Key Event Receipt Logs (KERLs) that provide consensus on verification status.
The Issuance Process
Legal Entities must contract with a GLEIF-qualified QVI like Nord vLEI to obtain vLEI credentials. QVIs verify the entity’s identity and confirm their active LEI status. Legal Entity Authorized Representatives (LARs) can then authorize the issuance of role credentials to individuals within their organization. All credentials maintain a cryptographically verifiable chain back to GLEIF’s root of trust.
Benefits of vLEI
The vLEI (verifiable Legal Entity Identifier) ecosystem brings significant improvements to business operations and compliance, focusing on key areas that benefit from enhanced efficiency and security.
Regulatory Compliance: Organizations can use vLEI to provide cryptographically verifiable documents and maintain thorough audit trails. This system simplifies regulatory filings and strengthens audit processes, reducing both time and resources previously spent on compliance activities.
Business Verification: Traditional business verification methods often involve long manual checks and multiple intermediaries. With vLEI, these steps become streamlined cryptographic validations. Organizations can verify potential business partners instantly, reducing fraud risk while speeding up operations. Financial institutions, in particular, benefit by expediting due diligence processes and building trusted relationships more efficiently.
Supply Chain Management: In supply chain management, vLEI provides new levels of trust and operational efficiency. Organizations can quickly verify trading partners’ credentials, manage e-invoicing seamlessly, and expedite customs documentation. This strengthens supply chain networks, enhances trust, and reduces delays that are typical in international trade and logistics.
Digital Business Operations: The impact of vLEI on digital operations is notable. Organizations can automate Know Your Customer (KYC) processes, establish secure channels for communication, and ensure payment instructions come from verified sources. The integration of vLEI with digital wallets and decentralized finance platforms also allows companies to operate more effectively within the digital economy.
Privacy and Security
The vLEI ecosystem implements privacy through the ACDC specification, enabling selective disclosure of credential information while maintaining cryptographic verifiability. This allows organizations to comply with data protection regulations while controlling their sensitive information.
The Future of Organizational Identity
The vLEI ecosystem represents a fundamental advancement in organizational identity verification. By combining cryptographic security, distributed verification, standardized credentials, and global accessibility, it provides a foundation for trusted digital interactions. Its design ensures adaptability to emerging technologies while maintaining strong security and verification standards through the KERI protocol’s resistant features and the ACDC specification’s privacy capabilities.
