Part 1: Why legal-entity knowledge graphs are essential for 2026

In the past few years, the way the world handles company ownership and transparency has changed dramatically. Regulators in the US, UK, EU, and beyond have all raised the bar. At the same time, global standards and new identity tools have matured.

Companies, banks, and regulators can no longer rely on a single dataset or a single rulebook. They need to bring multiple pieces of information together to understand risk and make informed decisions.

This is where legal-entity knowledge graphs (LE-KGs) come in. They act as the “map” of companies and their connections, showing ownership, control, and risk in a way that is transparent and explainable.

Key changes around the world

• United States: In March 2025, FinCEN narrowed Corporate Transparency Act reporting. Domestic companies no longer have to report beneficial owners. Only foreign reporting companies are still in scope. This means compliance teams cannot rely on a single US BOI register and must look to alternative sources and tools.
  
• European Union: The EU’s AML package – made up of the AML “Single Rulebook,” AMLD6, and the new EU AML Authority in Frankfurt – has created one unified standard across member states. From 2025 onward, firms will face consistent supervision and stricter expectations for beneficial ownership transparency.
  
• United Kingdom: From March 2024, Companies House reforms took effect. These give the registrar stronger powers to verify information, reject false filings, and enforce penalties. More reforms will continue in 2025, raising the bar for company identity checks and data quality.
  
• Global standards: FATF updated its guidance on beneficial ownership in 2023–2024. It now places even more emphasis on data accuracy, timeliness, and transparency. These expectations fit perfectly with knowledge-graph methods.
  
• Digital identity: ISO published a new standard for verifiable LEIs (vLEIs), tamper-proof digital credentials for legal entities. These connect directly with Europe’s new eIDAS 2.0 framework and digital identity wallets.

Why this matters now

Together, these changes mean that no single dataset or registry can be trusted to give a full picture of risk. To comply with regulations and detect hidden threats, firms need to connect many sources of data.

A legal-entity knowledge graph makes this possible. It fuses registry data, identifiers, sanctions lists, ownership details, officer information, and more – while keeping every fact traceable to its source and valid over time.

In 2026, it will be one of the only realistic ways to stay compliant, manage risk, and make fast, confident decisions.

Proof it works

This isn’t theory. Earlier projects already shown the benefits:

• The EDM Council’s Open Knowledge Graph prototype cut KYC/AML costs by 30–40% and reduced false positives.
  
• Quantexa used OpenCorporates Bulk Data to map corporate networks and flag risk hubs such as addresses linked to thousands of companies (often tied to formation agents or TCSPs). This work even helped the UK Cabinet Office spot fraud in Covid-19 loan schemes.

The difference now is that regulators, standards bodies, and identity systems have caught up. Graph-led entity intelligence has gone from an experiment to a business-critical capability.

Part 2: How to build and run a legal-entity knowledge graph

What a legal-entity knowledge graph is

A legal-entity knowledge graph is a connected database that shows companies and all their links to each other.

At its core is transparent registry data from sources like OpenCorporates. On top of that, you add:

• Global identifiers (LEI, vLEI)
  
• Sanctions and PEP lists
  
• Ownership and control data
  
• Officers and agents
  
• Addresses and filings
  
• Internal KYC data and transactions

Every fact in the graph should include:

• Source (where it came from)
  
• Timestamp (when it was valid)
  
• Traceability (how it connects to other facts)

This makes the graph explainable and audit-ready – something regulators now expect.

Best practices for building a knowledge graph

1. Start with strong foundations

• Use official registry data as your base layer.
  
• Reinforce with LEIs and plan for vLEIs to handle cross-border identity.
  
• Adopt open standards such as BODS v0.4 for ownership.

2. Make provenance and time first-class
Every edge in the graph should answer two questions:

• Where did this fact come from?
  
• When was it true?

3. Model ownership and control
It’s not enough to track who owns equity. Capture voting rights, board seats, powers of attorney, and relationships with formation agents (TCSPs).

4. Use explainable entity resolution
Match records using both deterministic IDs (registry numbers, LEIs) and probabilistic signals (names, addresses, officer overlaps). Always keep a log of why a match was made.

5. Encode sanctions rules
Implement OFAC’s 50% Rule and EU ownership/control logic directly in the graph. Provide clear “sanctions paths” investigators can follow.

6. Build typology-driven analytics
Detect risk patterns such as:

• Circular ownership chains
  
• Fast director churn
  
• Shared addresses or phone numbers
  
• Hubs of thousands of companies linked to the same TCSP

7. Keep humans in the loop
Alerts should be explainable and prioritized by risk. Investigators should see exactly why a company was flagged.

8. Run operations at scale

• Bulk load historical data.
  
• Stream in registry and sanctions updates.
  
• Feed investigator outcomes back into models for improvement.

Who benefits and how

• RegTech vendors: Productize BODS v0.4 and vLEI checks; deliver fewer false positives and faster triage.
  
• FinTechs and payment firms: Run “day-0” checks on addresses and officers to catch mule networks or sanction adjacency early.
  
• Banks: Harmonize onboarding to EU standards, while using graphs to fill gaps in US BOI data.
  
• Digital identity providers: Accept and verify vLEIs and link them back to registry facts.
  
• Professional services: Build time-sliced reconstructions for disputes or investigations with full provenance.

How to measure success

Track outcomes in three areas:

• Coverage & freshness: % of counterparties with registry IDs; lag from registry change to update.
  
• Entity resolution quality: precision, recall, and investigator override rates.
  
• Risk outcomes: false positives, time-to-decision, SAR conversion, and avoided losses.

Pitfalls to avoid

• Relying on one dataset: US BOI rules prove no single source is enough.
  
• Ignoring time: Ownership and control shift constantly – graphs must show “what was true then.”
  
• Black-box models: Regulators expect transparency; always store paths and sources.

Closing thoughts

The environment has shifted, the rules have tightened, and digital identity standards are here. Firms that don’t adopt graph-driven approaches will struggle to keep up.

A legal-entity knowledge graph is now the operating spine of risk and compliance.

A legal-entity knowledge graph is not just technology – it’s an operating model. Built correctly, it helps firms meet regulations, cut costs, and detect hidden risks earlier. Grounded in transparent registry data, it has become the control room of risk and compliance.

For more information

Learn more about how OpenCorporates’ data can help you understand corporate structures and manage risk. Reach out for a demo or explore our services.