Inside OpenSanctions’ Open-Source Approach to Compliance

In an interview with 21 Analytics, OpenSanctions Founder Friedrich Lindenberg explains how open-source sanctions and PEP data support transparency, auditability, and regulatory confidence in compliance workflows. 

Sanctions screening and risk-entity data sit at the heart of today’s compliance, investigative, and financial crime-fighting efforts, yet the way this data is sourced, structured, and validated is often opaque. 

In an environment dominated by proprietary black-box solutions, OpenSanctions takes a fundamentally different approach: open, transparent, and built for verification.

In this interview, 21 Analytics chats to Friedrich Lindenberg, Founder of OpenSanctions, about how the project works, why open-source sanctions and PEP data matter, and how organisations across compliance, finance, and investigative journalism rely on it. 

Friedrich’s interest in watchlist data stems from investigative reporting. From 2016 to 2021, he led the data team at the Organised Crime and Corruption Reporting Project (OCCRP), contributing to major investigations into transnational crime, offshore finance, and money laundering, including the Russian and Azerbaijani Laundromat cases.

This investigative DNA is deeply embedded in OpenSanctions’ mission: to deliver high-quality, auditable sanctions and risk-entity data that can be trusted, scrutinised, and reused across the public and private sectors.

Trust Begins With Transparency: A Conversation with OpenSanctions' Founder Friedrich Lindenberg

Q: For those unfamiliar, can you explain what OpenSanctions does and how the project works?

OpenSanctions is a freely accessible, open-source international database of persons and companies of political, criminal, or economic interest. We collect data from sanctions lists, other government watchlists, and indexes of politically exposed persons (PEPs) from around the world and combine this data into a single, easy-to-use dataset using the FollowtheMoney (FtM) data model. 

Data is carefully cleaned and deduplicated, and thousands of handcrafted data patches structure identifying information such as birth dates, countries, addresses, or tax identifiers in a consistent way, ensuring that data can be easily searched and that relationships between entities – like company ownership, control, or family ties – can be easily identified. 

Q: What gap or industry need led to the creation of OpenSanctions?

Collecting watchlist data in a way that allows for precise cross-referencing and risk screening is a labour-intensive process – particularly if your end goal is to have high-quality, fully cleaned and deduplicated data. We wanted to minimise duplication of this kind of work – not just for fintech/regtech technologists, but for investigative journalists and academics too. 

We set up OpenSanctions to establish a sustainable data reference that could be used by a wide range of organisations and individuals, and to deliver high-quality, timely data that is fully transparent and auditable.

Q: Why is transparent, open-source sanctions and risk-entity data important in today’s compliance landscape?

We think that trust begins with transparency: anyone can verify how OpenSanctions works by browsing both the data itself and even the underlying source code used to build the database, highlighting issues, suggesting changes, and proposing improvements. You can even download the whole database as a single bulk file to perform your own experiments and analysis.

We operate in a sector where transparency isn’t necessarily the norm. Most vendors offer proprietary, convoluted, and compartmentalised products, and their quality is not always easy to understand.

Q: How does OpenSanctions source, validate and standardise information from so many different sanctions lists and public records?

We source our data via several hundred data sources from around the world – mostly from official government sanctions and watchlists, as well as some civil society data initiatives – key amongst which is Wikidata, the structured data part of Wikipedia.

We meticulously clean the data to create a coherent data structure with well-defined field names, formats, and country codes, and we store entity names in multiple alphabets to ensure matches aren’t missed. 

As data is collected from a broad range of data sources, the same logical entity – persons, companies, or even aircraft or addresses – may be referenced in several sources. This is why entity deduplication is a crucial step in our workflow, and a real value-add for us: it avoids redundant matches, contextualises entities across data sources to build comprehensive profiles for each name, and enables an integrated view of relevant information, making connections between entities more visible.

Q: What are the main advantages of OpenSanctions over other providers?

The quality and methodological transparency of our database is always going to be the biggest value-add we can offer. We consolidate data from several hundred sources – including smaller jurisdictions as well as the obvious sources like OFAC, the UN, and the EU – and this data is updated several times per day.

Many targeted entities listed in our database go beyond just a name, providing rich profiles that include aliases, biographical details, contact information and family relationships. The cleaning and deduplication process ensures that data is reliable, easy to search, and formatted consistently. 

Flexibility is another key advantage. We provide data access in three ways: via our website, programmable API, and as bulk data. Anyone can use the screening tool on our website to look up a few entities. Our API service allows teams to self-host OpenSanctions, meaning they can search and perform precise matching of their own records against our database.

We also work with a number of solution providers who integrate OpenSanctions into their own products and workflows, providing instant access for financial institutions or compliance teams. 

We also offer free API keys for journalists and non-profit organisations. It was really important to us that OpenSanctions remain a free tool for public interest investigations. 

Q: What types of organisations typically rely on OpenSanctions, and how do they integrate the data into their workflows?

Our data is used by a wide range of companies and organisations, including in trade compliance, online identification, accounting, insurance and shipping. Fintech and regtech firms and others in the compliance sector use it for sanctions screening and AML checks, and banks and payment service providers use it for tasks such as real-time transaction screening.

Some of our partners are simply integrating our bulk data downloads, while others are also using our on-prem API screening service to ingest our data and to offer screening services, such as name matching and fuzzy logic, to their clients.

Journalists, civil society organisations and researchers use it to conduct investigations and policy analysis. For example, the data is often used for cross-referencing in order to dig into persons of interest or companies that may have cropped up in leaked documents or other open-source datasets.

For instance, our data has previously been used in stories on sanctioned oil tankers linked to Russia, or to track the illicit flow of Western technology shipped to Russia through shell companies in Hong Kong. 

Q: Why is OpenSanctions’ work important for financial institutions, investigators, and compliance teams?

Compliance teams in financial institutions need reliable and transparent data to quickly understand risk. Our detailed data lineage ensures users can quickly understand the source of an alert that has flagged a risk.

Q: How do you envision the role of open, verifiable sanctions intelligence evolving as financial crime risks continue to increase worldwide?

Open source compliance data will always be used alongside other sources of data, such as proprietary data – the provenance of which can not be publicly disclosed – and banks’ internal data available to compliance teams. That’s why the integration of data across several sources will become ever more important – and with that, the use of open data standards.

“We think that trust begins with transparency.”

Why Transparency and Open Source Matter to 21 Analytics

21 Analytics spoke with OpenSanctions because its philosophy closely aligns with its view of what effective compliance should look like: transparent, auditable, and built on data that can be trusted. 

In a space still dominated by opaque solutions, OpenSanctions stands out for its open-source approach, clear data lineage, and rigorous methodology, qualities that directly support regulatory confidence and better decision-making. 

21 Analytics strongly believes in open-source software and open, decentralised standards because they allow systems to be inspected, verified, and improved collaboratively, rather than unquestioningly trusted. This visibility fosters trust, accelerates the identification of issues, and gives organisations the flexibility to adapt tools to their real-world compliance needs. 

About OpenSanctions

OpenSanctions is an international database of persons and companies of political, criminal, or economic interest.

Its data combines the sanctions lists, databases of politically exposed persons, and other information about persons in the public interest into a single, easy-to-use dataset. 

This makes it easy to:

• Cross-check databases for conflicts of interest and signs of illicit activity.
• Screen potential customers and partners in international dealings.
• Track political conflicts and compare national sanctions policies.
• Integrate the sanctions and persons of interest graph into existing data products.

Find out more about OpenSanctions.