Sanction lists as published by national and supranational organizations contain details on sanctioned entities. Those lists have to be obeyed in order to avoid legal implications. Yet, sanction lists are of very low information quality. Nevertheless, regulatory compliance demands, that organizations check their customer master data against sanction lists. We analyze sanction lists in this contribution with respect to their information quality and derive from this analysis requirements on a compliant system. We present a case study of a software vendor that equipped its information system with an extension that enables organizations to comply with sanction lists. We provide details on its implementation and evaluation.