Corda Network Foundation Document history

Admission Criteria Policy

1 Introduction

Participants, including Business Network Operators, must request a certificate from the Operator to gain access to and join Corda Network. The requirements should be constrictive enough for Participants and Business Networks Operators to feel safe and secure in the network, but also not too onerous to deter Participants from seeking admission. The guiding principles of joining the network are neutral, objective and transparent.

The Operator’s validation and approval to the network should not be considered, nor treated as, a substitute for required “Know Your Customer” processes. Business Network Operators are obligated to escalate inappropriate business conduct or fraudulent identities to the Operator and relevant regulatory bodies or authorities.

2 Policy

A certificate will be provided to non-natural persons, i.e. organisations that are an incorporated legal entity. The following information should be provided by all Participants seeking access to Corda Network:

  • Entity name
  • Entity Address
  • Contact Name
  • Contact Email Address
  • Contact Phone Number
  • Unique ID – (GLEIF ID, EIN, CRN, etc.)
  • Website Domain (Optional)

Note: additional details may be required for Participation billing, but these requirements do not form part of this Policy.

The Operator must conduct a sanction review commensurate with jurisdictional laws and regulations on all entities and establish a process to clear false positives. Positive matches will not receive a certificate for the network. Business Network Operators must perform their own KYC check and should not rely on the Operator’s identification or sanction review. Business Network Operators are responsible for obtaining further documentation such as articles of incorporation, ultimate beneficial owners, etc. to verify identity and conduct appropriate due diligence checks (high risk industry analysis, high risk geographies, negative news checks) to ensure entities meet acceptable risk tolerance standards designed by the business network.

Certifications will be issued based on the information provided in the certification request. Any changes to information provided, including updating the entity name or contact information, will require a certification to be revoked and subsequently re-issued by the operator.

3 Rationale

The Corda Network should obtain minimum information required to confirm identity and for billing purposes. See below membership requirements for other foundations.

  • SWIFT: The country risk (e.g. FATF versus non-FATF countries), affiliation of SWIFT Users to current member base, intended use of SWIFT products and services (e.g. the use by the (applicant) SWIFT User of the SWIFT financial messaging services for necessary and legitimate business purposes), applicable sanctions regulations, and credit worthiness of the applicant SWIFT User. Other requests: A certificate of incorporation, a tax certificate, an operating license, a declaration of ownership, a list of shareholders, a list of authorised signatures, the composition of the board and/or executives and audited accounts.
    • These requirements are too onerous for the Corda network. SWIFT is similar to a business network operator and all SWIFT members have a common interest in a specific type of service. Corda users have vastly different interests and uses so membership criteria should not be so stringent. It is worth noting that individual Business Network Operators could choose to implement more stringent requirements, such as seen by SWIFT, if it so chooses.
  • OPEC: Any country with a substantial net export of crude petroleum, which has fundamentally similar interests to those of Member Countries, may become a Full Member of the Organization, if accepted by a majority constituting three-fourths of Full Members, including the concurring votes of all Founder Members.
    • Centralized approval process not feasible for Corda Network design.
  • ISO: When joining ISO, documents confirming the entity’s status as the organization most representative of standardization in the entity’s respective country, and that said country is recognized by the United Nations.
    • Corda network should only do business with UN recognized countries.
  • ICANN: The name and contact information (including email address, physical address and contact phone number) for the domain’s registrant, administrative and billing contacts.
    • This is practical for the Corda Network.

4 Addendum

For a US-based Operator, the following lists will be used:

  • United Kingdom Her Majesty’s Treasury Sanctions
  • Office of Foreign Assets Control Non-Specially Designated National Entities
  • Office of Foreign Assets Control Sanctions
  • Office of Foreign Assets Control Specially Designated Nationals
  • United Nations Consolidated List
  • Bureau of Industry and Security
  • Excluded Parties List System
  • FATF Financial Action Task Force
  • Office of the Superintendent of Financial Institutions Consolidated List—Canada