diff --git a/operator_claims.go b/operator_claims.go
index 6a99597..3c4d4a1 100644
--- a/operator_claims.go
+++ b/operator_claims.go
@@ -40,6 +40,8 @@ type Operator struct {
 	// A list of NATS urls (tls://host:port) where tools can connect to the server
 	// using proper credentials.
 	OperatorServiceURLs StringList `json:"operator_service_urls,omitempty"`
+	// Identity of the system account
+	SystemAccount string `json:"system_account,omitempty"`
 }
 
 // Validate checks the validity of the operators contents
@@ -63,6 +65,12 @@ func (o *Operator) Validate(vr *ValidationResults) {
 			vr.AddError("%s is not an operator public key", k)
 		}
 	}
+
+	if o.SystemAccount != "" {
+		if !nkeys.IsValidPublicAccountKey(o.SystemAccount) {
+			vr.AddError("%s is not an account public key", o.SystemAccount)
+		}
+	}
 }
 
 func (o *Operator) validateAccountServerURL() error {
diff --git a/operator_claims_test.go b/operator_claims_test.go
index 73cae23..28f4890 100644
--- a/operator_claims_test.go
+++ b/operator_claims_test.go
@@ -259,6 +259,47 @@ func Test_AccountServerURL(t *testing.T) {
 	}
 }
 
+func Test_SystemAccount(t *testing.T) {
+	operatorWithSystemAcc := func(t *testing.T, u string) error {
+		kp := createOperatorNKey(t)
+		pk := publicKey(kp, t)
+		oc := NewOperatorClaims(pk)
+		oc.SystemAccount = u
+		s, err := oc.Encode(kp)
+		if err != nil {
+			return err
+		}
+		oc, err = DecodeOperatorClaims(s)
+		if err != nil {
+			t.Fatal(err)
+		}
+		AssertEquals(oc.SystemAccount, u, t)
+		vr := ValidationResults{}
+		oc.Validate(&vr)
+		if !vr.IsEmpty() {
+			return fmt.Errorf("%s", vr.Errors()[0])
+		}
+		return nil
+	}
+	var asuTests = []struct {
+		accKey     string
+		shouldFail bool
+	}{
+		{"", false},
+		{"x", true},
+		{"ADZ547B24WHPLWOK7TMLNBSA7FQFXR6UM2NZ4HHNIB7RDFVZQFOZ4GQQ", false},
+		{"ADZ547B24WHPLWOK7TMLNBSA7FQFXR6UM2NZ4HHNIB7RDFVZQFOZ4777", true},
+	}
+	for i, tt := range asuTests {
+		err := operatorWithSystemAcc(t, tt.accKey)
+		if err != nil && tt.shouldFail == false {
+			t.Fatalf("expected not to fail: %v", err)
+		} else if err == nil && tt.shouldFail {
+			t.Fatalf("test %s expected to fail but didn't", asuTests[i].accKey)
+		}
+	}
+}
+
 func testOperatorWithOperatorServiceURL(t *testing.T, u string) error {
 	kp := createOperatorNKey(t)
 	pk := publicKey(kp, t)