The impact of the pandemic has made admin-based tasks and activities harder to do remotely, or when they are, more susceptible to abuse and risk. Many organisations are now prioritising digital transformation projects to address some of these inefficiencies and risks.
One of the most significant factors prohibiting the full digitalisation of these processes is something we take for granted in the real world – managing the right of an individual to represent an organisation.
Because few individuals inherently have a right to represent an organisation (i.e. initially only Directors and Board Members), to run a business, those individuals delegate their authority to others. In the real world these rights are managed inefficiently through paper-based mandates and recording of approvals stored by HR or in the CFO’s office.
Enterprises need the ability to manage this ‘representation governance’ digitally. The individuals associated with an organisation should have defined representation rights, and be able to assert and verify these rights to relying parties. Representation governance should be highly automated and frictionless and use the same proven identity standards and concepts IGA (Identity Governance & Administration) and IAM (Identity & Access Management) solutions use for enterprise or customer identity management.
For example, activities such as submission of corporate statements to the Government, the enforcement of corporate spending limits, the assertion of signature/submission rights, or even building or network access for both employees and external service providers could be well defined and digitally governed. Digital representation governance can then improve security, increase efficiency, and reduce administration costs for the enterprise.
Introducing digital representation governance
Ubisecure provides representation governance solutions throughout the Nordics, including Government and Telecoms. Such solutions are closed communities, applicable to particular business use cases for specific interactions. For example, when completing tax returns, the Finnish Government uses the Ubisecure Identity Platform to establish a digital identity for the company director. That digital identity can then delegate submission of the tax returns to other individuals within the organisation, or individuals at third party service providers like an accountancy firm. Digitising this closed community use-case has resulted in a 99% reduction in cost by moving to digital vs physical point of service, equating to millions of Euros of taxpayer savings.
Expanding CIAM-based representation governance with Legal Entity Identifiers (LEI)
As a leader in the European identity management space, we firmly believe that representation governance offers significant workflow improvements as well as cost savings for many organisations. However, we believe its full potential can only be met by expanding beyond closed communities and taking the business benefits to a global, open community. To accomplish this Ubisecure became an accredited Legal Entity Identifier (LEI) issuer in 2018.
The LEI is a verifiable 20-digit code that identifies legal entities in the publicly accessible Global LEI Index. The LEI is globally unique, standardised, and G20 & FSB endorsed – making it the ideal highly assured organisation identifier to enable the representation governance solution. By adding LEI support the platform, our next-generation ‘right to represent’ solution uniquely ties the digital identity of an individual to the organisation’s open community LEI.
‘Sign in with RapidLEI’ to assert LEI-based representation rights
Ubisecure issues LEIs through its RapidLEI service. During the LEI registration process, the service establishes who has the right to legally represent the organisation, i.e. a Director. It then establishes that this authoritative individual can define who else should have representation rights, and what those representation rights mean in real terms (i.e. attributes concerning financial transactions, legal authority, delegatory rights, and so on). Essentially any administrative process requiring representation governance can be mandated and digitised. The LEI then becomes the trust anchor, enforcing approved representation assertions and verifications permitted for the individual.
As a result, Ubisecure has now become a universal ‘right to represent’ Identity Provider (IdP). Our role is to associate an individual with a legal entity, and then via the ‘Sign in with RapidLEI’ service authenticate and assert their identity and representation attributes to relying parties. The service can be used either via API or by adding a ‘Sign in with RapidLEI’ login button to the workflow. The ‘Sign in with RapidLEI’ is simple to add and is based on the same technology that enables social media logins like ‘Sign in with Apple’ or ‘Log in with Google’.
Establishing representation governance using LEIs rather than single use-case identifiers found in closed communities can support an almost endless number of global, interoperable business applications. The use case potential has wide applicability and can stimulate viral adoption of LEI and trust services. The service will improve process efficiency dramatically, enable transactions, and reduce fraud for the enterprise, and provide a secure, privacy-enabled, and convenient solution to employees, contractors and other organisation representatives.
Video Demo – enforcing and delegating corporate spending limits
Get involved with Right to Represent
We are actively engaging with application developers and software vendors that can integrate representation governance into their solutions. Ubisecure will preview the ‘Sign in with RapidLEI’ service later this year, to register early interest visit https://rapidlei.com/representation-governance/.