top of page

Join us on the app

Vessel Screening, Dark Activity and STS - What is Sanctions and Compliance Data?

Updated: Mar 21, 2023

Economic sanctions have been a key tool for governments to enforce their agendas. Few industries are as acutely exposed to this as Maritime and Trade.

The development and use of more advanced illicit behaviour from owners and operators of vessels have driven up the rate and specificity of sanctions from government bodies such as OFAC (Office of Financial and Asset Control), The EU and the Department of the Treasury.

For organisations within the Maritime ecosystem, these sanctions regulations need to be attentively followed as part of normal business practice. The consequences of non-compliance ranging from fines (which are not insignificant), reputational damage through to the suspension of a business’s ability to trade in dollar denominated currency.

With the stakes this high, it is no surprise that suppliers have invested heavily to provide a range of tools to support the maritime industry.

It should be noted that this article is not indented to provide advice on which solutions any business is required to have in place.

What is Sanctions and Compliance data and where does it come from? 

Sanctions and compliance data includes:


Sanction body feeds

Suppliers will aggregate, and regularly update lists of sanctioned countries/locations companies and persons. Many of these suppliers will link these sanctions to vessels and company profiles.

Voyage histories

To enable effective vessel screening, the recent past voyages of a vessel are a key indicator of risk. An obvious example would be if the vessel had previously called into North Korea, but more recently the application of some of the derivative outputs augment this.

Vessel Characteristics

The main factors here will be vessel types, flag history, class history. Flag/Class/P&I hopping (going through several of them quickly) is listed on the OFAC guidance as a key indicator of risk. More obviously if the vessel is flying the flag of a sanctioned nation.

Vessel Ownership

While the sanctioned information is useful, understanding the full ownership tree of the vessel/company will provide a greater understanding of the counterparties involved and their sanctions status. See our Ownership page for more details.

AIS Gaps

While sometimes caused by satellite coverage or safety concerns, AIS gaps are one of the datapoints highlighted by OFAC as an indication of illicit activity.

Derivative datasets:

Ship-to-Ship Transfers

A number of suppliers have begun to monitor and calculate the vessels are adjacent to each other while at sea, providing this as an indication of a ship-to-ship transfer. This again, is one of the recommended datapoints for monitoring by OFAC.

Dark Activity Monitoring

Due to the increasing prevalence of Machine Learning and AI in commercial applications, suppliers have been able to build complex modelling tools and platforms which can predict what a vessel has done during a period of darkness (time with no AIS broadcast). These vary from available port calls within this time, through to the ability to model the possibility of a ‘dark STS’ whereby two vessels with their AIS transponders off, conduct a ship-to-ship transfer.

MMSI Manipulation or ‘Spoofing’

As AIS messages require manual input, it’s possible to ‘hijack’ a signal with a view to concealing activity. In practice this means a vessels position would appear in two places at once on any kind of tracking tool, as well as concealing the ‘spoofers’ identity.

Colour coded ratings

Given the volume of vessels that many organisations will need to review as part of their compliance procedures, many of the suppliers have opted to simplify this process as much as possible. The most common example of this is the ‘flagging’ system created: Green, Amber Red, to determine the riskiness of a vessel, with the appropriate escalation tools to accompany this flag.

How can I use it? 

Ultimately, avoiding working with sanctioned entities is a pure risk management and mitigation activity. Every organisation must understand their own risk and processes and implement systems to ensure compliance.

The data and tools available to facilitate this have, in many ways, been purpose built to help support organisations do this, and what/how each organisation chooses to buy/implement them will be based on the compliance policies of their business.

The main and most ubiquitous use case, Compliance managers through to frontline sales teams ensuring that they do not work with sanctioned individuals/companies or organisations engaged in sanction-busting. A small selection of those this applies to:

  • Marine Insurance Underwriting

  • Chartering and Vetting

  • Maritime domain awareness

  • Legal representation

  • Trade Finance

  • Ship Finance

  • Hedge fund/asset management

  • Trading desks

  • Integrated energy companies

How do I access the data? 


Suppliers of this data will often significantly simplify obtaining this information by displaying it as part of their platforms. This will include: the aggregation of many/all the datasets and arranging them as part of vessel/company reports, alerting functionality, escalation functionality, and in some cases custom elements specific to an organisations risk settings.

Data feeds:  

In addition to the above, many suppliers will provide these datasets as a direct delivery via API or FTP(S3 or equivalent). The benefits generally remain the same as the platform delivery, but data delivery enables the ingestion and presentation within a buyers own systems. This will allow for the blending of this data with other complimentary datasets where necessary.

How to assess one supplier vs another

Because of the scale of the risk associated with sanctions, most buyers of this data will have a high bar for assessment based on:

  1. Coverage of the data – Fill rates and data available – for example additional sanctions bodies such as The Monetary Authority of Singapore or Global Affairs Canada.

2. Frequency of update – How often are the derivatives calculated, how quickly is the information around flag hopping/class hopping etc, updated.

3. Accuracy of both the underlying data and the derivative outputs - are the gaps highlighted actually indicative of risk? Does the methodology have any gaps in?

4. How well the platform/data matches compliance procedures – This is an individual preference, does the process/risk rating/structure of the data and platform match the internal compliance process?

Is there a cost to use the data? 

The government bodies that issue sanctions all publish and maintain lists in the public domain.

They will inform you on which vessels, owners and entities are sanctioned under what programs.

They will not however highlight such things secondary sanctions and illicit behaviours that may occur prior to sanctions being issued.

Secondary sanctions are a relatively new kind of sanction that has been implemented frequently over the past five years, particularly relating to Iran. These kinds of sanctions supplement other sanctions programs by targeting non-U.S. persons (primarily foreign financial institutions and foreign sanctions evaders) who do business with individuals, countries, regimes, and organizations in Iran.


These services range for simple look up tools to integrated maritime databases (vessel, ownership, incident, risk and tracking data) and AI driven maritime compliance solutions that support users to identify the behaviours we’ve tried to outline.

The topic of maritime sanctions is complex and ever changing. We would encourage any buyers of these services to consult with subject matter experts before forming your requirement and reaching out the market.


Within the maritime industry, the issue of compliance has been rising in both severity and complexity for the last 10 years. A set of processes originally targeting banks and financial institutions has now spread across the entire ecosystem. And with a constantly moving target (think Russia/Ukraine and the US relationship with Iran) it’s going to continue moving at pace.

Add this to the significant repercussions for breaking the rules, and it’s clear this is one of the most pressing challenges for anyone within the industry.

The data and platforms available are good and improving, but it’s possible to move faster.

Given that compliance is seldom a revenue generating part of a business, it’s possible to speak more freely and share ideas wider in this area of business, more than any other.

Maritime Data are looking for those who would like to be a part of this community, so we can help support and drive these developments forward for everyone.

We hope this article has been helpful in understanding what sanctions and compliance data is, where it comes from, how it's used and how to access it.

For more information on vessel data and other maritime data and applications, reach out for free support.


bottom of page