In one of its reports, GLEIF, the Swiss-based organisation which coordinates the management of the global Legal Identity Identifier (LEI-) system, suggested to use blockchain technology for identifying financial legal entities, as that would not only improve
transparency and security but may also lead to broader global acceptance of the LEI.
This however raises a number of questions such as: Why could blockchain be of use for LEI and its users?; What role could smart contracts thereby play? What benefits could blockchain bring for the LEI? And what does the most recent blockchain-based projects
for the LEI tell us?
What is the LEI?
But first, what is the LEI? According to their website definition, “the Legal Entity Identifier or LEI is a 20-digit, alpha numeric code based on the ISO 17442 standard. It connects to key reference information, allowing clear and unique identification of
legal entities participating in financial transactions. Each LEI contains information about an entity’s ownership structure and thus answers the questions of 'who is who’ and ‘who owns whom’”.
In other words a LEI is a uniform way of keeping track of financial legal entities. They are global and have no borders at all for accurate and trusted identification of companies around the world. Looking in that way, the publicly available LEI data pool
can be regarded as a global directory, which may greatly enhance transparency in the global marketplace.
The management of the LEI system is coordinated and supported by the above mentioned Global Legal Entity Identifier Foundation (GLEIF), while registrations are performed by so-called LOUs or Local Operating Units.
GLEIF and Blockchain
In their report on the LEI to the Financial Stability Board (FSB) in 2012, the GLEIF stated that “the design of the global LEI system would be premised on a ‘logically’ centralized (meaning not physically centralized) database that will appear to users to
be from a single seamless system”.
GLEIF however recently recognised that the organizationally federated operating model used for the LEI in 2012, could be upgraded to a technically federated operating model: the distributed ledger model (DLT). This upgrade could potentially provide the same
DLT platform for both the LEI and the UPI (Unified Payments Interface), of which the GLEIF is supposed to be the natural repository. This distributed design has always been a longer term goal for the global LEI system.
Present challenges for LEI
The LEI provides a global standard for the representation of identity as well as a standard validation rule set. Both elements however are subject of a very detailed compliance program in order to ensure proper issuance and maintenance of LEI and data quality.
Nowadays collection and storage of data is conducted in multiple country or regionally located operating units (LOUs). Each has their own databases (there are more than 30 at present in the LEI system and a large number of separate ones for each trade repository),
and send their data daily in batch overnight processes. LEI data is sent to the GLEIF. Trade repositories send their data to multiple regulators and to central collection facilities depending on the jurisdiction. All regulators and trade repositories maintain
their own data copies of identifiers for products and counterparties, and for trades.
This method bears in it a number of challenges, in terms of non-optimal transparency, security and risk issues where blockchain could be of help.
Blockchain and Identity Management
When it comes to use cases for blockchain, security is one of the serious items that comes in many minds. Identity management is one sector of industry that is supposed to provide high-level security to those who rely upon it to keep their data safe. But
in reality security is not always what they get. The digital age has introduced new challenges in terms of preventing identity fraud and other criminal abuses for private people but increasingly also for corporates.
Nowadays there is an increased need for strong, multi-step security that identity management services should bring. The widespread adoption of blockchain technology to ensure that any number of these centralised databases are ‘not compromised’, should give
enough arguments for the identity management industry to embrace this technology.
Some use cases for identity management
There are a number of interesting blockchain use cases in the identity management field. These include issues like identity verification, non-custodial login solutions, self-sovereign identity, secure identities for the decentralised web etc. These use cases
have all proved their usefulness in such an environment.
Identity verification
Blockchain’s multi-step, multi-factor identification processes have proven to work and are already implemented by a number of companies. Admittedly, it is hard to imagine why the blockchain authentication model has not (yet) gained more mainstream adoption,
especially considering the stakes of stolen identities and credentials.
Non-custodial login solutions
With non-custodial logins based on the blockchain, there is no longer need of a central entity who holds the power over user names, pass words, and the database that controls them. By removing the custodian of these credentials and replacing them with public
and private keychains for logins, the former centralised entity can still ensure that ‘those logging in are who they say they are’, without holding a central database that hackers can easily acquire and use as ransom money.
Reduce third parties’ involvement
Blockchains could also help reduce the number of third parties while still maintaining a user’s identity. One solution could be that a user would store their data and identifiers on a blockchain which they could use throughout the internet, instead of granting
each site or service their personal data and credential time. A second proposal is built on a similar blockchain containing the user’s data but allow third parties to access the data with their consent.
Smart contracts for Identification services
Using blockchain for the identification services including the LEI would preferably be in the form of so-called smart contracts. These contracts are ‘included and coded’ applications and data representing the life-cycle processes of a trade. It is stored
and activated across a networked database - the distributed ledger - which itself is networked across the Internet.
In other words, a smart contract is self-actuating, based on standardized contract terms that is translated into standard trade life-cycle processes imbedded in coded applications. The smart contract acts on standardized data sets, setting its outputs in
conformity to each participant’s processing requirements.
A smart contract requires data standards, including the LEI and its reference data for each participant in the supply chain; the UPI (Unified Payments Interface) and its reference data; and the UTI (Unique Transaction Identifier). It also requires process
standards for each event in the life-cycle of a trade.
How could smart contracts be used for the LEI?
But how can smart contracts be used for the LEI? The central point of using smart contracts for the LEI is to treat a single record for any entity to be identified by some key as ‘atomic’. This in the sense of being administered as a single unit of data,
by the authority that assigns the keys. Then the representation of a single ‘atomic’ record can be considered as a state for a single smart contract.
Each such contract would offer a method for accessing the representation, and a dynamic data structure that holds ‘revisions’ of the representation. That is, when the record changes globally, its new representation would be added to the state of the contract.
Such contract can hold many revisions of the representation, bound only by the capabilities of the network’s global storage, called ‘entity contract’. Together with entity contracts, someone can devise one or more ‘master contracts’, that keep track of individual
entity contracts and make accessing an easier process.
What approach for the LEI?
The use of permissioned and private blockchains or distributed ledgers for identity management purposes such as the LEI will require mapping between real world entities. This is hosted via cryptographic algorithms creating public/private keys pairs linked
to reference data. The owner of the private key can write into the chain.
This however raises a number of major issues: Firstly, are we going to see multiple digital IDs depending on the application or are we going to use one ID to access all applications. And second, what is the appropriate management for all these IDs.
There are a number of possible scenarios:
One could use identity labels i.e. unique keys in the blockchain/DLT application. That means using the LEI in a distributed ledger system for tracking financial instruments. This is de facto the standard approach due to legal and regulatory requirements.
Another scenario is using blockchain/DLT for managing the LEI creation and management itself. This however should be seen as a longer term project. There are still many open questions but this approach bears interesting aspects for the further evolution
of the LEI system.
MakoLab LEI.INFO and Graphchain Proof of Concept
An interesting project that should be taken seriously for further development is the MakoLab LEI.INFO system. Polish-based MakoLab, a Digital Solution Agency for the industry, last June announced the deployment of their production grade Blockchain-based
LEI system.
This was the result of two Proof of Concepts (PoCs) for a radically new blockchain LEI system, based on the private Hyperledger Indy blockchain, using the innovative GraphChain database that is much more flexible than any standard existing system available
today. These PoCs allowed MakoLab to investigate deeply the possibility to construct a system which represents the ‘highest level of both technological and organisational security’ and is completely decentralised.
Hyperledger Indy Framework
Given the vulnerability of the data, the suggested architecture for LEI is that of a so-called consortium type of blockchain that works on Hyperledger Indy. This is a blockchain model where the consensus process is controlled by a pre-selected set of nodes.
The network of Hyperledger Indy nodes thereby runs as a private, permissioned blockchain for the Global LEI System.
In this model different nodes are used. User nodes that participate in the global blockchain as passive users. They can see all the data stored in it, but cannot create or edit anything. Registration nodes having all the properties of the User nodes plus
the ability to provisionally add new LEIs to the system. However, such newly added LEIs are not visible on the system until the LOU nodes confirm them through the ‘Proof of Authority’ mechanism. And LOU nodes that have all the properties of the Registration
nodes plus the capacity to confirm the new or modified LEIs as valid. Application of the blockchain technology with LOUs running their own nodes, would make the LEI system much safer and more reliable.
GraphChain
End June MakoLab announced the full production version of the innovative GraphChain for the LEI.INFO infrastructure. They thereby created a conceptual proposal how the entire LEI system could run on GraphChain. GraphChain should be seen as a new innovation
of creating a blockchain compliant distributed database. The main idea behind GraphChain is to use blockchain mechanisms on top of an abstract RDP (Resource Description Framework) graph data model, that is used for data publishing and interchange on the web.
GraphChain is thereby defined as a linked chain of named graphs specified by the GraphChain ontology and an ontology for data graph part of the GraphChain; a set of general mechanism for calculating a digest of the named RDF graphs; and as a set of network
mechanisms that are responsible for the distribution of the named RDF graphs among the distributed peers and for achieving the consensus.
The data graph model describes the semantics, or meaning of information and stores these data as a network of objects with materialised links between them, thereby managing highly interconnected data. It thereby uses graph structures with nodes, edges and
properties to represent and store data.
LEI.INFO system
The new functionality allows cryptographic verification of the accuracy or usefulness of the underlying LEI data. The LEI.INFO system uses the RDF graph data model to express LEI reference data as semantic data, that can be verified against the network
of Hyperledger Indy Blockchain. This LEI.INFO platform allows to get instant access to the database of entities holding LEI’s and as a result to find a reliable supplier, partner or customer.
LEI.INFO offers a wide range of LEI-related services including a new LEI registration process, resolution of the LEI codes for both humans and software agents, Data Analytics Solutions and integration services for KYC and financial information consolidation
applications.
What may blockchain bring for the LEI?
From what is said before, it should not be difficult to see how blockchain and a single database that could be updated in real-time, securely maintained through encryption technology, distributed and shared by all of the participants could benefit those organisations
who use the LEI. The reconciliation of the various copies of what is intended to be identical data sets could be done in real-time.
Managing LEI on blockchain delivers transparency and ensures the necessary trust and certainty optimal for combatting financial crimes, streamlining various administrative processes like onboarding, and truly knowing corporate customers, partners, and other
businesses. This could ‘revolutionise’ the oversight of the financial industry. As a result of this all, it may lead to firmly reduced resources and costs of the validation process required for conducting due diligence about those entities.
McKinsey, the global consultancy estimates that the largest financial institutions alone can each save $1 billion in costs through a simplified portfolio of data repositories. ISDA members, many being the largest of financial institutions, are envisioned as
direct beneficiaries of such savings.
Going forward
Blockchain technology could be of great help for the Global LEI system. The MakoLab project is thereby a very interesting one that deserves further investigation.
This LEI.INFO project however is just a first step in their research and development process with this technology. Taking into consideration the growing potential of the solution, MakoLab is “working on further-enhancing the LEI resolver with other top-class
solutions – semantics particularly – as well as translating blockchain into other business areas” .
In the end such an architecture of the new LEI system will enable ‘thousands of registration authorities from multiple countries to participate in the new LEI creation’, thereby opening the path for the true global adoption of the system.