When Lehman Brothers and Bear Stearns imploded in 2008, many financial institutions couldn't figure out their total exposure to the troubled firms, across the many departments that had financial relationships with those companies and their many subsidiaries and geographic locations.

This began a movement, among regulators and the banks themselves, toward creating legal entity identifiers — codes that identify companies the way Social Security numbers identify consumers.

Use of such codes across a bank's databases would let it aggregate customer account data for internal and regulatory reporting purposes and immediately see across-the-board vulnerabilities to sinking firms. Such a system could also be used by regulators to determine their constituents' exposures to at-risk firms across the board.

About 1.5 million legal entities that are counterparties on financial transactions across all asset classes globally would need to receive LEIs.

The Financial Stability Board has mandated that banks have a global system for legal entity identifiers in place by next March. "The FSB recommends adoption of an implementation plan with the goal of establishing an independent, open, fair and transparent global LEI system by the end of 2012 with the system independently functional by March 2013," the organization stated in a report. "This statement still needs to be defined," says Mike Atkin, managing director of the EDM Council. "What I expect is that the FSB Expert Group will have the governance defined and documented (including the operating principles), the LEI utility established as a 'legal entity' and a development process agreed to for operational deployment."

Last week, the Depository Trust & Clearing Corporation and SWIFT launched a Web portal to begin assigning CFTC Interim Compliant Identifiers (CICIs) to firms involved in OTC derivatives trading (of which there are about 50,000), that would ultimately comply with the Financial Stability Board's global framework and the ISO 17442 LEI standard.

The portal builds on test files of the provisional LEIs provided to the industry in February 2012. It contains a full database of such identifiers assigned to date, some 24,000 legal entities from over 80 countries.

"Most financial institutions are aligning identifiers across their internal environments, mapping to CICI and verifying the underlying data about entities/counterparties," Atkin says. "This is about data rationalization and cross-referencing. Financial institutions know how to do this and will be ready to meet their obligations. I am very confident that U.S. financial institutions will be ready for CICI reporting starting October 2012. I'm very confident that financial institutions are aware of LEI and are in the process of reconciling their internal data environments. I am very confident that financial institutions take their regulatory and compliance obligations extremely seriously and will meet their obligations."

But other observers say some U.S. banks have a ways to go.

"There's a lack of readiness now that institutions are starting to plan for LEI," says Fred Cohen, group vice president and head of global banking and financial services at IT services firm iGate Corporation, Fremont, Calif. "They're finding in almost all cases that they're not ready for it. Their infrastructure is not ready for it, the quality of their data is not ready for it."

One iGate bank client has more than 120 entity masters. "They have no idea where the data is coming from in many cases," Cohen says.

Many banks are doing preliminary tests to prepare for LEI mandates. "It's being taken very seriously by the industry," he says. "But the more they start looking at what it's going to take to do it, they're finding the data is poor, their understanding of the data is poor and their infrastructure is not ready for it. Massive programs to have to remediate their environments will be needed to accommodate it."

European institutions are further along at building huge programs to accommodate LEI, Cohen says. "U.S. banks are just now getting to the point where they're seriously introducing programs to senior management to be able to remediate this," Cohen says. "In the U.S., it's being taken quite seriously, we're working with a number of large institutions to try to remediate, resolve and understand all the underpinnings to make this thing happen."

iGate has built a practice around LEI called Radar that includes frameworks that link data elements and business processes from end to end.