ISO 5009 – Identifying organizational roles

---

ISO 5009

The Global Legal Entity Identifier Foundation (GLEIF) first proposed the idea of ISO 5009 with the aim to bring clarity and structure to the information held in the two LEI-based digital tools.

The standard, ISO 5009, is used to verify the identity and position of individuals who represent an organization (like a business or company) and is intended for inclusion in current and future digital assets. This will be achieved through the global uniformity of two kinds of digital assets under the Legal Entity Identifier (LEI) digital ID umbrella: verified LEI (vLEI) and digital certificates embedded with LEIs.

An LEI is a 20-character, alpha-numerical code based on ISO 17442 that links to reference information that identifies legal entities participating in financial transactions. It is a universal identifier that provides answers about the entity’s ownership structure, “who is who” and “who owns whom”.

Since an individual cannot obtain an LEI, the vLEI will be able to fill in some gaps. The moment an entity receives a vLEI, ISO 5009 can issue credentials to authorized members of the organization which covers the LEI, the individual’s name, and official organizational roles. ISO 5009 will specify the optional role extension contained in an X.509 public-key certificate (a digital certificate used in many internet protocols) with embedded LEIs as outlined in ISO 17442 for digital certificates embedded with LEIs.

ISO says the 5009 standard can be used as an effective and universal way to authenticate people who act on behalf of organizations. This includes signing documents that need verification with absolute certainty, such as sensitive business deals, agreements between companies, etc.