Project Tamga: exploring how a universal verification mechanism for regulatory proofs could support the future of compliance and supervision

Project Tamga: exploring how a universal verification mechanism for regulatory proofs could support the future of compliance and supervision

11 November 2025

Today, regulatory proofs, such as licenses and attestations, often remain verifiable only within jurisdictional or institutional boundaries, greatly complicating the automation of global trust relationships.

As financial systems grow increasingly interconnected, both supervisors and regulated entities face the challenge of validating these proofs across jurisdictions in a consistent and reliable manner.

Project Tamga, led by the BIS Innovation Hub Hong Kong Centre, explores how this objective can be achieved, without creating new registry systems, through a verification and discovery mechanism built on existing internet infrastructure. This approach makes it possible for proofs to be validated across borders.

Design

Rather than creating new infrastructure, Project Tamga will explore how established internet infrastructures and internet security standards (such as DNS, HTTPS, and well-known paths) can be used as a trust layer for cross-border verification. This approach reuses what already exists, and it adapts for supervisory and compliance use cases.

At the core of this concept is trust metadata: minimal set of structured digital information for proofs verification. It might include cryptographic information like public keys and chains of certificates. By making this metadata automatically discoverable through standardized well-known web paths, verifiers can pull it directly from the issuer's domain itself and validate proofs across jurisdictions without centralized registries or other intermediaries.

Purpose

By making this metadata discoverable through standardized web mechanisms, proofs issued under different systems, technologies, formats, or jurisdictions can be verified through a common and interoperable discovery process without relying on centralized registries or blockchains.

By embedding verifiable regulatory proofs into digital workflows, institutions could ensure that compliance conditions, such as licensing status, reporting obligations or supervisory limits, are verified in real time.

This model complements existing compliance frameworks in terms of efficiency, interoperability, and automation, while preserving the sovereignty and confidentiality required by regulatory systems.

In sum, Project Tamga is not about creating new platforms, but rather about connecting what already exists and making trust itself machine-readable across borders.