ISO 5009 – Identifying organizational roles

---

ISO 5009

The Global Legal Entity Identifier Foundation (GLEIF) first proposed the idea of ISO 5009 to bring clarity and structure to the information held in the two LEI-based digital tools.

The standard, ISO 5009, is used to verify the identity and position of individuals representing an organization (like a business or company) and is intended for inclusion in current and future digital assets. This will be achieved through the global uniformity of two digital assets under the Legal Entity Identifier (LEI) digital ID umbrella: verified LEI (vLEI) and digital certificates embedded with LEIs.

An LEI is a 20-character, alpha-numerical code based on ISO 17442 that links to reference information that identifies legal entities participating in financial transactions. It is a universal identifier that answers the entity’s ownership structure,  ‘who is who’ and ‘who owns whom.’

Since an individual cannot obtain an LEI, the vLEI can fill in some gaps. When an entity receives a vLEI, ISO 5009 can issue credentials to authorized members of the organization, which covers the LEI, the individual’s name, and official organizational roles. ISO 5009 will specify the optional role extension contained in an X.509 public-key certificate (a digital certificate used in many internet protocols) with embedded LEIs as outlined in ISO 17442 for digital certificates embedded with LEIs.

ISO says the 5009 standards can be used as an effective and universal way to authenticate people who act on behalf of organizations. This includes signing documents that need verification with absolute certainty, such as sensitive business deals, company agreements, etc.