Deepen beneficial ownership and registry identifier research; resolve canon questions

Add source notes on FinCEN CDD/BOI beneficial ownership and ISO 6523/ALEI
registry identifier subtypes. Resolve OpenQuestions: Beneficial Ownership
Relationship as dedicated type; Registry Identifier and Proxy Commercial
Identifier as Reference layer specializations. Update glossary, conceptual
model, terminology, downstream recommendations, and corpus index.

DownstreamRecommendations.md

@@ -108,7 +108,7 @@ later explicit package is extracted.
 | Entity resolution | Synonymity Assertion | — |
 | Stripe / CRM billing | Commercial Record, Commercial Relationship | Subscription state |
 | Auth0 / Stytch B2B | Organization, Customer role, Tenant, Membership | Account, Subscriber label |
-| KYC / AML / LEI / DUNS | Commercial Record, Beneficial Owner, Registry Identifier | Assurance, Evidence |
+| KYC / AML / LEI / DUNS | Commercial Record, Beneficial Ownership Relationship, Registry Identifier, Proxy Commercial Identifier | Assurance, Evidence |
 | Salesforce / CRM | Commercial Record, Contact as Natural Person | Account hierarchy |
 
 ## Commercial Binding
@@ -117,7 +117,13 @@ later explicit package is extracted.
   counterparty reliance exists.
 - On subscription, contract, or KYC acceptance, create Commercial Commitment with
   Evidence Source and lifecycle state.
-- Link registry identifiers (LEI, DUNS, UEI, company reg) to Organization/Legal Entity
-  via Synonymity Assertion when multiple registries describe one entity.
+- Model LEI, UEI, and company registration numbers as Registry Identifier with
+  `authority_class` and renewal lifecycle (LEI annual).
+- Model DUNS as Proxy Commercial Identifier (ICD 0060); do not treat as
+  incorporating-register authority.
+- Model KYC beneficial owners as Beneficial Ownership Relationship with
+  ownership_prong / control_prong metadata — not Ownership subtype or authz owner.
+- Link registry identifiers for the same entity via Synonymity Assertion when
+  multiple registries describe one Organization/Legal Entity.
 - Separate CRM Account and Stripe Customer as Commercial Records; never merge with login Account.
 - Use qualified credentials (eIDAS seal, VC) as Evidence for Commercial Commitment where applicable.

OpenQuestions.md

@@ -178,13 +178,26 @@ downstream-only.
 
 ### Beneficial Owner modeling
 
-**Status:** Open.
+**Status:** Resolved — **Beneficial Ownership Relationship** as dedicated type.
 
-KYC sources require natural persons behind legal entity customers. Candidate:
-Beneficial Owner as Natural Person + Ownership/Representation with Evidence.
+**Decision:** Model regulated beneficial ownership as **Beneficial Ownership
+Relationship** from **Natural Person** to **Organization** / **Legal Entity**
+customer. Use `ownership_prong`, `control_prong`, `equity_percentage`,
+`control_basis`, and `intermediary_chain` metadata. Keep **Beneficial Owner** as
+a glossary role label for the person, not a participation root.
 
-**Decision needed:** Dedicated relationship type vs. Ownership subtype with
-`beneficial` role metadata.
+**Rationale:** Distinct from corporate parent Ownership (LEI Level 2), operational
+resource ownership (Cerbos), and Representation (authorized signers). FinCEN CDD
+uses dual prongs with trust look-through; collapsing into Ownership subtype would
+collide with authorization and corporate-structure semantics.
+
+**Citations:**
+
+- `research/commercial-identity/beneficial-ownership-kyc-boi.md`
+- `research/commercial-identity/kyc-aml-commercial-identity-binding.md`
+
+**Remaining nuance:** Standard `control_basis` enum across jurisdictions; BOI
+reporting volatility vs. enduring CDD collection obligations.
 
 ### Reputation as canon concept
 
@@ -196,11 +209,23 @@ with temporal scope.
 
 ### Registry identifier subtype
 
-**Status:** Open.
+**Status:** Resolved — **Registry Identifier** subtype with authority classes.
 
-LEI, DUNS, UEI, and company registration numbers share renewal, authority, and
-cross-registry linking needs. Candidate: authoritative **Registry Identifier**
-subtype with renewal Lifecycle State.
+**Decision:** Add **Registry Identifier** as an Identifier specialization in the
+Reference layer. Encode scheme via ISO/IEC 6523 ICD where applicable. Use
+`authority_class` (`government_registry`, `regulatory_global`, `commercial_proxy`,
+`tax`), `renewal_required`, and `lifecycle_state` (esp. LEI annual renewal).
+Add **Proxy Commercial Identifier** for vendor-operated keys (DUNS, ICD 0060).
+Link multiple registry IDs for one entity via **Synonymity Assertion**.
+
+**Citations:**
+
+- `research/commercial-identity/registry-identifier-subtypes.md`
+- `research/commercial-identity/lei-gleif-legal-entity-identifier.md`
+- `research/commercial-identity/duns-commercial-credit-identity.md`
+
+**Remaining nuance:** Synonymity strength bands for LEI ↔ DUNS crosswalks; branch
+OPI modeling under ISO 6523.
 
 ### Payment credential boundary
 

canon/CanonicalGlossary.md

@@ -67,6 +67,31 @@ A value or reference used to distinguish or refer to something within a scope.
 Examples: username, email address, LDAP DN, OIDC subject, SAML NameID, DID,
 employee number, external source ID.
 
+## Registry Identifier
+
+An **Identifier** issued under a registered organization-identification scheme
+with a known issuing authority, jurisdiction, and (when applicable) renewal
+lifecycle.
+
+Examples: LEI (ISO 17442 / ICD 0199), national company registration number,
+SAM.gov UEI, VAT number, ALEI (ISO 8000-116).
+
+Recommended fields: `scheme` (ICD or scheme URI), `authority`, `authority_class`,
+`jurisdiction`, `value`, `renewal_required`, `lifecycle_state`, `evidence_source`.
+
+Registry records (GLEIF entry, D&B profile, SAM registration) map to
+**Commercial Record** or **Identity Record**, not to the identifier itself.
+Link multiple Registry Identifiers for the same entity via **Synonymity
+Assertion** when evidenced.
+
+## Proxy Commercial Identifier
+
+A **Registry Identifier** with `authority_class: commercial_proxy` — issued by a
+vendor-operated registry that does not create legal entities.
+
+Examples: DUNS (D&B, ICD 0060). Used for credit, procurement, and trade
+verification. Distinct from government **ALEI** or incorporating-register IDs.
+
 ## Scoped Identifier
 
 An identifier whose meaning is intentionally limited to a relying party,
@@ -156,11 +181,33 @@ Organization when the distinction matters for modeling.
 ## Beneficial Owner
 
 A natural person who ultimately owns or controls a legal entity customer in
-regulated commercial contexts (KYC/AML).
+regulated commercial contexts (KYC/AML, FATF R24).
 
-Maps to **Natural Person** linked to **Organization** or **Legal Entity** via
-**Ownership Relationship** or **Representation Relationship**, with **Evidence
-Source** from CDD/EDD onboarding. Not a substitute for Organization actor.
+Beneficial Owner is a **role label** for the person, not a participation root.
+Model the regulatory linkage with **Beneficial Ownership Relationship** from
+the Natural Person to the Organization or Legal Entity customer. Attach
+**Evidence Source** from CDD/EDD onboarding, BOI filing, or transparency registry
+extract. Distinct from corporate parent **Ownership Relationship** (LEI Level 2)
+and from **Representation Relationship** (authorized signers).
+
+## Beneficial Ownership Relationship
+
+A regulated relationship asserting that a **Natural Person** is a beneficial
+owner of a **Legal Entity** or **Organization** customer under a stated
+jurisdictional scope (e.g., US FinCEN CDD, EU AMLD, FATF R24).
+
+Recommended metadata:
+
+- `ownership_prong` — meets equity threshold (e.g., 25%+).
+- `control_prong` — meets substantial control/management test.
+- `equity_percentage` — when ownership prong applies.
+- `control_basis` — role basis when control prong applies (e.g., CEO, managing member).
+- `intermediary_chain` — trust or entity look-through when required.
+- `regulatory_basis` — CDD Rule, national statute, or registry filing type.
+- `scope`, `evidence_reference`, `lifecycle_state`.
+
+Do not model as an Ownership subtype. Operational ownership (records, tenants,
+resources, corporate parents) uses **Ownership Relationship** separately.
 
 ## Customer
 

model/ConceptualModel.md

@@ -37,6 +37,12 @@ collapsing into `user`, `group`, or `tenant`.
 ### Reference Layer
 
 - Identifier: value or reference within a scope.
+- Registry Identifier: organization identifier from a registered scheme with
+  known authority, jurisdiction, and optional renewal lifecycle (LEI, UEI, company
+  reg, ALEI, VAT). ISO/IEC 6523 ICD + organization identifier is the preferred
+  interchange encoding.
+- Proxy Commercial Identifier: Registry Identifier with commercial-proxy
+  authority (e.g., DUNS).
 - Scoped Identifier: identifier designed for limited correlation.
 - Credential: proof or control material.
 - Claim: statement made by a source or issuer.
@@ -78,8 +84,9 @@ Core relationship classes:
 - Trust: actor, issuer, verifier, or system relies on another for a purpose.
 - Commercial: vendor actor provides services to customer actor; may reference a
   Commercial Record and one or more Commercial Commitments.
-- Ownership (beneficial): natural person owns or controls organization customer
-  (KYC beneficial owner pattern).
+- Beneficial Ownership: natural person is a regulated beneficial owner of a legal
+  entity or organization customer (KYC/CDD/BOI). Carries ownership_prong and
+  control_prong metadata; distinct from corporate parent Ownership.
 - Synonymity: records or identifiers are asserted to refer to the same target
   under stated evidence and scope.
 
@@ -203,7 +210,9 @@ revocation/supersession path via `Lifecycle State`.
 
 `Organization` actor → `Legal Entity` relationship or specialization → one or
 more `Tenant` scopes → `Representation Relationship` for authorized persons or
-agents.
+agents → `Registry Identifier`(s) (LEI, company reg, UEI) with renewal lifecycle
+→ optional `Beneficial Ownership Relationship`(s) to `Natural Person`(s) when
+KYC/CDD applies → cross-registry `Synonymity Assertion` when multiple IDs exist.
 
 ## Commercial Binding Gradient
 
@@ -223,8 +232,7 @@ No scenario requires glossary or principle changes that the current model
 cannot satisfy. Remaining ambiguities are documented in `OpenQuestions.md`:
 
 - mandatory Synonymity Assertion field set;
-- Realm vs. Tenant promotion for Keycloak-heavy mappings;
-- Beneficial Owner as dedicated relationship type vs. Ownership subtype.
+- Realm vs. Tenant promotion for Keycloak-heavy mappings.
 
 ## Invariants
 

research/CorpusIndex.md

@@ -64,6 +64,8 @@ The repository is focused on research and terminology. The corpus should collect
 - `kyc-aml-commercial-identity-binding.md`
 - `eidas-eudi-legal-person-wallet.md`
 - `salesforce-crm-commercial-record.md`
+- `beneficial-ownership-kyc-boi.md`
+- `registry-identifier-subtypes.md`
 
 ## Source Note Template
 

research/commercial-identity/beneficial-ownership-kyc-boi.md

@@ -0,0 +1,179 @@
+# Beneficial Ownership — CDD, BOI, and KYC Modeling
+
+## Source Type
+
+Regulatory framework synthesis. FinCEN CDD Rule (31 CFR 1010.230), Corporate
+Transparency Act / BOI reporting, FATF Recommendation 24, and KYC industry
+practice.
+
+## Domain
+
+Beneficial ownership identification for legal entity customers — financial
+institution due diligence, government transparency registries, and regulated
+commercial onboarding.
+
+## Why This Source Matters
+
+Beneficial ownership is the regulatory answer to "who really controls this
+legal entity customer?" It is **not** the same as corporate parent ownership
+(LEI Level 2), operational resource ownership (Cerbos), or CRM account hierarchy.
+Regulators impose **two independent prongs** (equity and control), trust
+look-through rules, nominee prohibitions, and evidence retention — all scoped
+to **counterparty risk**, not general graph semantics.
+
+## Key Concepts
+
+### FinCEN CDD Rule (customer due diligence)
+
+- **Legal entity customer**: corporations, LLCs, general partnerships, and
+  similar entities opening accounts at covered financial institutions.
+- **Beneficial owner — ownership prong**: each individual who directly or
+  indirectly owns **25% or more** of equity interests.
+- **Beneficial owner — control prong**: a **single** individual with significant
+  responsibility to control, manage, or direct the legal entity (e.g., CEO,
+  CFO, managing member, general partner, president).
+- **Collection at account opening**: identify and verify BO identities when a
+  new account opens (with 2026 exceptive relief allowing reuse after first
+  account unless risk triggers update).
+- **Nominee prohibition**: legal entity must identify **ultimate** beneficial
+  owners, not nominees or straw men.
+- **Trust look-through**: when a trust owns 25%+ equity, identify natural persons
+  behind the trust (settlor, trustees, beneficiaries as applicable); a legal
+  entity trustee does **not** satisfy the ownership prong — natural persons must
+  be identified.
+- **Risk-based updates**: ongoing CDD may require BO refresh on triggering
+  events, not only at opening.
+- **CIP alignment**: BO verification procedures must contain CIP-equivalent
+  elements for individuals but are not identical to the institution's CIP.
+
+### BOI / Corporate Transparency Act (entity reporting)
+
+- **Distinct from CDD**: BOI is a **filing obligation on reporting companies**
+  to FinCEN's BOI registry, not a financial-institution collection rule.
+- **Reporting company beneficial owner**: similar dual-prong concept (substantial
+  ownership + substantial control) with FinCEN ID for individuals.
+- **US regulatory volatility (2025–2026)**: interim final rules and litigation
+  have substantially narrowed or suspended BOI reporting for many US domestic
+  entities. **CDD beneficial ownership collection by financial institutions
+  remains in force** for covered institutions regardless of BOI reporting shifts.
+- **Foreign entities**: BOI and transparency expectations remain more relevant
+  for non-US reporting companies and cross-border KYC.
+
+### FATF Recommendation 24
+
+- Requires countries to ensure adequate, accurate, and up-to-date **beneficial
+  ownership information** on legal persons, accessible to competent authorities.
+- Supports **multi-prong** definitions (ownership threshold + control) and
+  look-through for complex structures (trusts, nominees, layered ownership).
+- Drives national registries and financial-sector CDD alignment globally.
+
+### KYC practice overlay
+
+- Institutions may adopt **lower equity thresholds** for high-risk customers
+  (e.g., 10%) under AML program risk policies.
+- **PEP screening** applies to beneficial owners, not only account signers.
+- **Sanctions screening** (OFAC) must cover identified beneficial owners.
+- BO evidence retained for years after relationship ends (BSA record retention).
+
+## Relevant Terminology
+
+| Term | Source meaning |
+| --- | --- |
+| Beneficial owner | Natural person owning 25%+ or exercising substantial control. |
+| Ownership prong | Equity-interest threshold test. |
+| Control prong | Significant management/control responsibility test. |
+| Legal entity customer | Entity opening a financial account subject to CDD. |
+| CDD Rule | FinCEN customer due diligence requirements (2016, amended). |
+| BOI / CTA | Corporate Transparency Act beneficial ownership information reporting. |
+| FinCEN ID | Individual identifier for BOI filers. |
+| Nominee / straw man | Non-ultimate owner; prohibited as BO response under CDD. |
+| Look-through | Identifying natural persons behind trusts or intermediary entities. |
+
+## Modeling Assumptions
+
+- **Beneficial ownership is relationship semantics**, not a new actor type.
+  The natural person remains **Natural Person**; the assertion is regulatory.
+- **Ownership prong and control prong are orthogonal** — one person may satisfy
+  both, and multiple persons may satisfy ownership prong while exactly one
+  control-prong person is required under US CDD.
+- **Beneficial ownership ≠ corporate parent ownership** (LEI Level 2 describes
+  corporate structure; BO describes natural persons behind a customer entity).
+- **Beneficial ownership ≠ Representation** (authorized signers may represent
+  without being beneficial owners).
+- **Lifecycle is risk-triggered**, not merely account-open/close.
+- **Regulatory regime is a scope dimension** — US CDD, EU AMLD, FATF R24, and
+  BOI filing may differ; canon models the relationship, downstream applies law.
+
+## Identity-Canon Implications
+
+### Resolved: dedicated relationship type
+
+**Beneficial Ownership Relationship** is a first-class relationship type — **not**
+an Ownership subtype with `beneficial` metadata.
+
+**Rationale:**
+
+| Concern | Why not Ownership subtype |
+| --- | --- |
+| Semantic collision | Ownership in canon covers records, tenants, resources, corporate parents — not regulated natural-person BO. |
+| Dual prongs | Ownership prong (%) and control prong (role) are regulatory-specific; corporate Ownership edges lack this structure. |
+| Trust look-through | Requires intermediary entity traversal metadata absent from generic Ownership. |
+| Evidence & scope | BO ties to CDD/AML Evidence Source, Commercial Relationship, and jurisdictional scope — distinct lifecycle from LEI parent edges. |
+| Projection safety | Prevents Cerbos/Zanzibar "owner" tuples from silently implying KYC beneficial owner compliance. |
+
+**Beneficial Owner** remains a glossary label for the **natural person** who is
+the target of a Beneficial Ownership Relationship — not a participation root.
+
+### Recommended relationship fields
+
+- `relationship_type`: `beneficial_ownership`
+- `source`: Natural Person
+- `target`: Organization / Legal Entity (the legal entity **customer**)
+- `scope`: jurisdiction + institution/program (e.g., US CDD, EU AMLD)
+- `ownership_prong`: boolean
+- `control_prong`: boolean
+- `equity_percentage`: optional numeric (when ownership prong)
+- `control_basis`: optional enum (e.g., `ceo`, `managing_member`, `general_partner`)
+- `intermediary_chain`: optional ordered list for trust/entity look-through
+- `evidence_reference`: CDD certification, BOI filing, registry extract
+- `lifecycle_state`: proposed, active, superseded, revoked
+- `regulatory_basis`: optional reference (CDD Rule, FATF R24, national statute)
+
+### Mapping table
+
+| Source concept | Canonical mapping |
+| --- | --- |
+| Beneficial owner (person) | Natural Person |
+| BO linkage | Beneficial Ownership Relationship |
+| CDD certification | Evidence Source |
+| Legal entity customer | Organization / Legal Entity + Commercial Relationship |
+| BOI filing record | Evidence Source (registry) on Legal Entity |
+| FinCEN ID | Identifier (government registry) on Natural Person |
+| PEP/sanctions hit on BO | Lifecycle State / Trust Relationship on BO relationship |
+| LEI Level 2 parent | Ownership Relationship (corporate structure — separate) |
+
+## Terminology Conflicts
+
+- **Beneficial owner (CDD)** vs. **beneficial owner (BOI filing)** vs.
+  **beneficial owner (transparency registry)**: same conceptual person, different
+  regulatory scopes and evidence — use `scope` and `regulatory_basis` metadata.
+- **Owner (Cerbos resource)** vs. **beneficial owner**: authorization attribute
+  vs. regulated natural-person linkage.
+- **Shareholder** vs. **beneficial owner**: not all shareholders meet BO thresholds;
+  control prong may identify non-shareholders.
+
+## Open Questions
+
+- Standard `control_basis` enum across jurisdictions (US CDD vs. EU AMLD wording).
+- Whether BOI FinCEN ID should map to Registry Identifier or generic Identifier.
+- Modeling **exempt** legal entity customers (publicly traded, government) as
+  absence of BO relationship vs. explicit exemption Evidence.
+
+## References
+
+- FinCEN, CDD Rule FAQs — https://www.fincen.gov/resources/statutes-and-regulations/cdd-rule-faqs
+- FinCEN, CDD Final Rule — https://www.fincen.gov/resources/statutes-regulations/cdd-final-rule
+- FinCEN, Account Opening Exceptive Relief Order (FIN-2026-R001) — https://www.fincen.gov/system/files/2026-02/FinCEN-Order-CCDExceptiveRelief.pdf
+- FATF, Recommendation 24 — https://www.fatf-gafi.org/en/topics/fatf-recommendations.html
+- Open Ownership, reliable identifiers for corporate vehicles — https://www.openownership.org/en/publications/using-reliable-identifiers-for-corporate-vehicles-in-beneficial-ownership-data/
+- Internal: `kyc-aml-commercial-identity-binding.md`, `lei-gleif-legal-entity-identifier.md`

research/commercial-identity/commercial-identity-synthesis.md

@@ -83,7 +83,10 @@ Commercial Commitment + Evidence, not declared ad hoc.
 - **Commercial Relationship** — vendor/customer commercial link.
 - **Commercial Commitment** — enforceable or costly promise binding parties (contract,
   subscription, payment mandate, regulatory onboarding acceptance).
-- **Beneficial Owner linkage** — Natural Person to Organization for entity customers.
+- **Beneficial Ownership Relationship** — dedicated type from Natural Person to
+  Organization/Legal Entity for KYC/CDD (not Ownership subtype).
+- **Registry Identifier** and **Proxy Commercial Identifier** — Reference layer
+  subtypes with authority class, ICD scheme, and renewal lifecycle.
 
 ### Unchanged roots
 
@@ -112,8 +115,9 @@ Model as lifecycle events, not silent merges:
 
 - Payment Credential vs. authentication Credential boundary in PCI contexts.
 - Smart contracts and automated Commercial Commitment lifecycle.
-- Cross-border registry Synonymity for same legal entity (LEI ↔ DUNS ↔ company reg).
+- Synonymity strength bands for LEI ↔ DUNS ↔ company reg crosswalks.
 - Reputation as first-class canon concept vs. Evidence Source aggregation.
+- Standard `control_basis` enum for Beneficial Ownership across jurisdictions.
 
 ## Source Notes in This Stack
 
@@ -124,6 +128,8 @@ Model as lifecycle events, not silent merges:
 - `kyc-aml-commercial-identity-binding.md`
 - `eidas-eudi-legal-person-wallet.md`
 - `salesforce-crm-commercial-record.md`
+- `beneficial-ownership-kyc-boi.md`
+- `registry-identifier-subtypes.md`
 - `../commercial-subscription/b2b-saas-subscriber-tenancy.md`
 - `../commercial-subscription/stripe-customer-billing.md`
 

research/commercial-identity/duns-commercial-credit-identity.md

@@ -49,7 +49,8 @@ interest among counterparties.
 
 ## Identity-Canon Implications
 
-- DUNS maps to **Identifier** on **Commercial Record** / **Organization**.
+- DUNS maps to **Proxy Commercial Identifier** (`scheme: 0060`,
+  `authority_class: commercial_proxy`) on **Commercial Record** / **Organization**.
 - PAYDEX and credit file map to **Evidence Source** influencing **Trust Relationship**
   and counterparty risk.
 - UEI maps to **Identifier** (government authoritative) on Commercial Record.
@@ -67,7 +68,7 @@ interest among counterparties.
 
 | D&B / procurement concept | Candidate canonical concept |
 | --- | --- |
-| DUNS number | Identifier |
+| DUNS number | Proxy Commercial Identifier (ICD 0060) |
 | D&B business record | Commercial Record |
 | PAYDEX | Evidence Source (credit performance) |
 | UEI | Identifier (government registry) |

research/commercial-identity/kyc-aml-commercial-identity-binding.md

@@ -59,8 +59,9 @@ high-stakes counterparty records**.
 
 - KYC onboarding creates **Commercial Record** + **Commercial Commitment** (regulated
   relationship) bound to **Natural Person** and/or **Organization/Legal Entity**.
-- **Beneficial owner** maps to **Natural Person** linked via **Ownership** or
-  **Representation** to Organization customer.
+- **Beneficial owner** maps to **Natural Person** linked via **Beneficial
+  Ownership Relationship** to Organization/Legal Entity customer (see
+  `beneficial-ownership-kyc-boi.md`).
 - CIP evidence maps to **Evidence Source** with **Assurance Level**.
 - Ongoing monitoring produces **Evidence Source** events affecting **Lifecycle State**
   and **Trust Relationship**.
@@ -80,7 +81,7 @@ high-stakes counterparty records**.
 | --- | --- |
 | Verified customer | Commercial Record + Actor binding |
 | CIP evidence | Evidence Source |
-| Beneficial owner | Natural Person + Ownership Relationship |
+| Beneficial owner | Natural Person + Beneficial Ownership Relationship |
 | Risk profile | Assurance Level + metadata on Commercial Relationship |
 | EDD review | Evidence Source (enhanced) |
 | Sanctions hit | Lifecycle State / Trust Relationship revocation |
@@ -89,9 +90,13 @@ high-stakes counterparty records**.
 
 ## Open Questions
 
-- Should Beneficial Owner be a canonical relationship role or Ownership subtype?
+- Standard `control_basis` enum across US CDD and EU AMLD wording.
 - How to model BOI registry volatility in lifecycle without canon becoming legal advice?
 
+## Resolved (see beneficial-ownership-kyc-boi.md)
+
+- Beneficial Owner → **Beneficial Ownership Relationship** (dedicated type, not Ownership subtype).
+
 ## References
 
 - Thomson Reuters, Customer Identification Program overview — https://legal.thomsonreuters.com/blog/overview-customer-identification-program-cip/

research/commercial-identity/lei-gleif-legal-entity-identifier.md

@@ -51,7 +51,9 @@ requirements.
 
 ## Identity-Canon Implications
 
-- LEI maps to **Identifier** for **Legal Entity** / **Organization** actors.
+- LEI maps to **Registry Identifier** (`scheme: 0199`, `authority_class:
+  regulatory_global`, `renewal_required: true`) for **Legal Entity** /
+  **Organization** actors.
 - Level 2 parent data maps to **Ownership** or structural Organization relationships.
 - LEI record maps to **Commercial Record** or authoritative **Identity Record**
   with registry **Evidence Source**.
@@ -70,7 +72,7 @@ requirements.
 
 | LEI concept | Candidate canonical concept |
 | --- | --- |
-| LEI code | Identifier (authoritative, global) |
+| LEI code | Registry Identifier (regulatory_global, ICD 0199) |
 | Legal entity | Legal Entity / Organization |
 | Level 1 data | Commercial Record / registry Profile |
 | Level 2 parent | Ownership Relationship |
@@ -80,8 +82,12 @@ requirements.
 
 ## Open Questions
 
-- Should authoritative registry identifiers (LEI, company reg number) be a distinct
-  Identifier subtype with renewal semantics?
+- Synonymity strength when linking LEI to DUNS or national company reg numbers.
+
+## Resolved (see registry-identifier-subtypes.md)
+
+- Authoritative and proxy registry IDs → **Registry Identifier** subtype with
+  authority class and renewal lifecycle.
 
 ## References
 

research/commercial-identity/registry-identifier-subtypes.md

@@ -0,0 +1,182 @@
+# Registry Identifier Subtypes — ISO 6523, ALEI, LEI, DUNS, UEI
+
+## Source Type
+
+Standards and registry synthesis. ISO/IEC 6523, ISO 17442 (LEI), ISO 8000-116
+(ALEI), GLEIF, D&B DUNS, SAM.gov UEI, EITI/Open Ownership identifier guidance.
+
+## Domain
+
+Authoritative and proxy organization identifiers used in commerce, procurement,
+financial markets, beneficial ownership transparency, and master data management.
+
+## Why This Source Matters
+
+Legal entities accumulate **multiple identifiers** from different registries —
+company registration numbers, LEI, DUNS, UEI, VAT — each with different
+**issuing authority**, **renewal rules**, and **trust basis**. Collapsing them
+into generic Identifier loses lifecycle, authority, and cross-registry linking
+semantics needed for commercial binding and BO transparency.
+
+## Key Concepts
+
+### ISO/IEC 6523 structure
+
+ISO/IEC 6523 defines organization identification as:
+
+- **International Code Designator (ICD)**: up to 4 digits identifying the issuing
+  scheme authority (registered with ISO/IEC 6523-2).
+- **Organization identifier**: up to 35 characters within that scheme.
+- **Optional organization part identifier (OPI)**: sub-entity within organization.
+
+Combined form enables global interchange (PEPPOL, EDIFACT, Schema.org `iso6523Code`).
+
+Example ICD allocations relevant to commercial identity:
+
+| ICD | Scheme | Authority type |
+| --- | --- | --- |
+| 0060 | D-U-N-S (DUNS) | Commercial proxy (D&B) |
+| 0088 | EAN Location Code (GLN) | GS1 location |
+| 0151 | Singapore UEN | Government registry |
+| 0199 | Legal Entity Identifier (LEI) | GLEIF / ISO 17442 |
+| 0209 | GS1 identification keys | GS1 |
+
+(Full list maintained at iso6523.info and PEPPOL ICD codelists.)
+
+### Authoritative vs. proxy identifiers (ISO 8000-116 / ALEI)
+
+**Authoritative Legal Entity Identifier (ALEI)**: identifier assigned by a
+**government jurisdiction** authorized by statute to create legal entities and
+maintain authoritative registries. Format: jurisdiction prefix + register +
+local number (e.g., `US-DE.BER:3031657`).
+
+**Proxy identifiers**: issued by institutions that do **not** create legal
+entities — DUNS (D&B), NCAGE (CAGE), and arguably LEI (GLEIF issues to existing
+legal entities but does not incorporate them).
+
+**LEI nuance**: ISO 17442 / GLEIF is regulatory-mandated for financial
+transactions but is a **cross-jurisdiction overlay** on existing legal entities,
+not the incorporating register. Canon treats LEI as **Registry Identifier**
+with `authority_class: regulatory_global`.
+
+### Renewal and lifecycle
+
+| Identifier | Renewal / validity | Lifecycle driver |
+| --- | --- | --- |
+| LEI | Annual renewal required | GLEIF / LOU reaffirmation |
+| DUNS | No annual renewal; record updates | D&B data maintenance |
+| UEI | Persistent in SAM.gov | Entity registration status |
+| Company reg number | Jurisdiction-specific | Annual report / dissolution |
+| ALEI / IBRN | Tied to registry filing status | Government register |
+| VAT / tax ID | Jurisdiction-specific | Tax authority |
+
+Renewal semantics belong on **Registry Identifier** lifecycle state, not on the
+Organization actor.
+
+### Cross-registry linking
+
+Same legal entity may hold LEI + DUNS + UEI + national company number.
+**Synonymity Assertion** (`same_as`, strong or authoritative) links Registry
+Identifiers when evidenced by registry crosswalk, LOU verification, or operator
+confirmation. Do not silently merge Commercial Records.
+
+EITI and Open Ownership recommend **reliable organizational identifiers**
+(especially authoritative registration numbers) in beneficial ownership datasets
+to disambiguate corporate vehicles.
+
+## Relevant Terminology
+
+| Term | Source meaning |
+| --- | --- |
+| Registry Identifier | Identifier issued under a registered scheme with known authority. |
+| ICD | ISO 6523 International Code Designator for a scheme. |
+| ALEI | Authoritative Legal Entity Identifier (government register). |
+| Proxy identifier | Commercial or overlay ID not from incorporating authority. |
+| LOU | Local Operating Unit issuing LEIs. |
+| Renewal | Periodic reaffirmation of identifier validity (esp. LEI). |
+| Crosswalk | Mapping between identifiers for same entity. |
+
+## Modeling Assumptions
+
+- **Registry Identifier is an Identifier subtype**, not a Record layer entity.
+  The registry **record** (GLEIF entry, D&B profile, SAM registration) maps to
+  Commercial Record or Identity Record.
+- **Authority class** matters more than brand name (LEI vs. DUNS vs. company reg).
+- **Renewal is optional metadata** — present for LEI, absent for DUNS.
+- **ICD code** is the preferred `scheme` key for ISO 6523-aligned identifiers.
+- **Proxy Commercial Identifier** is a Registry Identifier with
+  `authority_class: commercial_proxy` for DUNS-like schemes.
+
+## Identity-Canon Implications
+
+### Resolved: Registry Identifier subtype
+
+Add **Registry Identifier** as an Identifier specialization in the Reference layer.
+
+**Recommended fields:**
+
+- `scheme`: ICD code or well-known scheme URI (e.g., `0199` for LEI, `0060` for DUNS)
+- `authority`: issuing body (GLEIF LOU, D&B, SAM.gov, Companies House, etc.)
+- `authority_class`: `government_registry` | `regulatory_global` | `commercial_proxy` | `tax`
+- `jurisdiction`: ISO country/subdivision when applicable
+- `value`: the identifier string
+- `renewal_required`: boolean
+- `lifecycle_state`: active, lapsed, revoked, expired, superseded
+- `last_renewed_at` / `expires_at`: when renewal applies
+- `evidence_source`: registry lookup, LOU issuance, API verification
+
+### Proxy Commercial Identifier
+
+**Proxy Commercial Identifier** is a Registry Identifier with
+`authority_class: commercial_proxy` — vendor-operated business keys (DUNS) used
+for credit and procurement but not legal incorporation. Keeps DUNS mapping
+explicit without conflating with ALEI or company registration numbers.
+
+### Mapping table
+
+| Source identifier | Canonical mapping |
+| --- | --- |
+| LEI code | Registry Identifier (`scheme: 0199`, `authority_class: regulatory_global`) |
+| DUNS | Proxy Commercial Identifier (`scheme: 0060`) |
+| UEI (SAM.gov) | Registry Identifier (`authority_class: government_registry`, US federal) |
+| Company registration number | Registry Identifier (`authority_class: government_registry`, jurisdiction-local) |
+| ALEI / IBRN | Registry Identifier (`authority_class: government_registry`, ISO 8000-116 format) |
+| VAT / EIN / tax ID | Registry Identifier (`authority_class: tax`) |
+| GLEIF registry entry | Commercial Record or Identity Record + Evidence Source |
+| D&B business profile | Commercial Record + PAYDEX as Evidence Source |
+| Same entity, multiple IDs | Synonymity Assertion between Registry Identifiers |
+
+### Relationship to Beneficial Ownership
+
+BO datasets should reference **Organization/Legal Entity** via Registry Identifier
+(authoritative company reg preferred; LEI as strong cross-border key). Beneficial
+Ownership Relationships attach to the entity actor, not to the identifier — but
+identifier quality affects Evidence strength on BO filings.
+
+## Terminology Conflicts
+
+- **Legal entity (LEI)** vs. **Organization (canon)**: LEI subset ⊂ organizations
+  with financial/regulatory participation.
+- **DUNS business entity** vs. **Legal Entity**: D&B may assign DUNS to locations
+  or branches not identical to juridical persons.
+- **Identifier** vs. **Commercial Record**: Stripe `customer_id` is scoped
+  system Identifier; LEI is registry Identifier — different authority classes.
+
+## Open Questions
+
+- Whether `authority_class` enum needs `industry_association` (e.g., NCAGE).
+- Standard Synonymity strength when linking LEI ↔ DUNS (medium vs. strong).
+- PEPPOL / ISO 6523 OPI modeling for branch-level identifiers vs. Organization Unit.
+
+## References
+
+- ISO/IEC 6523 — https://www.iso.org/standard/25773.html
+- ISO 17442 (LEI) — https://www.iso.org/standard/78829.html
+- ISO 8000-116 (ALEI) — https://www.iso.org/standard/75117.html
+- GLEIF, Introducing the LEI — https://www.gleif.org/en/about-lei/introducing-the-legal-entity-identifier-lei
+- iso6523.info ICD list — http://iso6523.info/icd_list.pdf
+- PEPPOL ICD codelist — https://docs.peppol.eu/poacc/billing/3.0/codelist/ICD/
+- GSA, Unique Entity Identifier — https://www.gsa.gov/about-us/organization/federal-acquisition-service/fas-initiatives/integrated-award-environment/iae-systems-information-kit/unique-entity-identifier-update
+- EITI, Organisational identifiers guidance — https://eiti.org/sites/default/files/2023-11/Technical%20Guidance%20%E2%80%93%20Organisational%20identifiers%20guidance%20%20WEB.pdf
+- Open Ownership, reliable identifiers — https://www.openownership.org/en/publications/using-reliable-identifiers-for-corporate-vehicles-in-beneficial-ownership-data/
+- Internal: `lei-gleif-legal-entity-identifier.md`, `duns-commercial-credit-identity.md`

terminology/TerminologyInventory.md

@@ -42,11 +42,15 @@ has incompatible meanings across source families.
 | commercial record | Commercial Record | Stripe, CRM, billing | Record layer; payment/subscription/commerce state. |
 | commercial relationship | Commercial Relationship | vendor/customer SaaS | Vendor-to-customer typed relationship. |
 | commercial commitment | Commercial Commitment | contracts, subscriptions, KYC | Binding obligation raising identity stakes. |
-| beneficial owner | Beneficial Owner | KYC/AML, FinCEN | Natural person controlling legal entity customer. |
+| beneficial owner | Beneficial Owner + Beneficial Ownership Relationship | KYC/AML, FinCEN CDD, FATF R24 | Natural person behind legal entity customer; dedicated relationship type with ownership/control prongs. |
+| beneficial ownership | Beneficial Ownership Relationship | FinCEN CDD, BOI, Open Ownership | Regulated Natural Person → Organization/Legal Entity linkage; not Ownership subtype. |
+| lei | Registry Identifier (regulatory_global) | GLEIF, ISO 17442, ICD 0199 | Legal entity identifier with annual renewal. |
+| duns | Proxy Commercial Identifier | D&B, ICD 0060 | Commercial-proxy registry identifier. |
+| uei | Registry Identifier (government_registry) | SAM.gov | US federal entity identifier. |
+| company registration number | Registry Identifier (government_registry) | national registers, ALEI | Authoritative incorporating-register identifier. |
+| alei / ibrn | Registry Identifier (government_registry) | ISO 8000-116 | Authoritative legal entity identifier from government register. |
+| iso 6523 / icd | Registry Identifier scheme | ISO/IEC 6523, PEPPOL | ICD + organization identifier encoding. |
 | legal person | Legal Person | eIDAS, civil law, agency | Natural or juridical person under law. |
-| lei | Identifier (registry) | GLEIF, ISO 17442 | Legal entity identifier for financial markets. |
-| duns | Identifier (registry) | D&B | Commercial/credit identifier. |
-| uei | Identifier (registry) | SAM.gov | US federal entity identifier. |
 | paydex | Evidence Source | D&B | Credit/payment performance history. |
 | kyc / cip | Evidence Source + Assurance | FinCEN, FATF | Regulated commercial identity onboarding. |
 | crm account | Commercial Record | Salesforce | Company/household commercial record. |