What are Suspicious Activity Reports?


Suspicious Activity Reports (SARs) are confidential records of unusual financial activity detected by financial institutions as part of their financial crime compliance obligations. The Financial Crimes Enforcement Network (FinCEN) received more than 12 million SARs between 2011 and 2017 – and more than two million in 2019 alone.[1]

SARs are submitted to a country’s Financial Intelligence Unit (FIU) and used to alert law enforcement agencies of suspected financial crimes, such as money laundering, fraud, or terrorist financing. On receipt of a SAR, the authorities can investigate the activity to expose any criminal behaviour.

What information is included in a Suspicious Activity Report?

SARs contain detailed information about transactions that are deemed to be suspicious, including data on the parties involved in the transaction, when the transaction took place, and why the activity is considered out of the ordinary.

For example, if a transaction is for an amount far higher than would usually be expected for that customer’s profile, if it lacks a clear economic rationale, or if it is excessively complex in nature, it should ring alarm bells for the financial institution.

Who should file Suspicious Activity Reports?

All “obliged entities” under anti-money laundering and countering the finance of terrorism (AML/CFT) regulations – financial institutions, including banks, money service businesses, securities brokers and even casinos – are required to file SARs in the United States.

SARs facilitate an information exchange between the private and public sector, enabling the relevant authorities to gain timely access to information they would not otherwise have sight of, and take appropriate action to protect the financial system and the public.

Where should Suspicious Activity Reports be filed?

In the United States, SARs must be filed to the Financial Crimes Enforcement Network (FinCEN), whenever any potentially illicit behaviour is detected.

As a Financial Intelligence Unit (FIU), FinCEN is in charge of receiving, analysing, and disseminating reports of suspicious activity from obliged entities. Similar bodies exist in most other countries, such as the National Crime Agency (NCA) in the United Kingdom and TRACFIN in France.

What happens after a Suspicious Activity Report is submitted?

If a financial institution submits a SAR before the suspicious transaction has been processed, they will freeze the suspicious accounts and await a decision from FinCEN as to whether or not to proceed. The subjects of the accounts cannot be told that their transaction has been deemed suspicious – known as “tipping off” – so the bank faces the dilemma of not being able to delay the transaction indefinitely without giving some kind of justification to their client.

However, many SARs are filed for transactions that have already taken place, due to the many steps involved in the internal process of identifying, analysing, and referring the suspicious activity. In these cases, it is too late to stop the flow of funds, but the authorities will investigate the transaction retrospectively with the goal of connecting the dots and forming a full picture of an entity’s wrongdoing, prosecuting the criminals involved, and preventing further crimes.

What are the consequences of not submitting a Suspicious Activity Report?

US regulations state that SARs must be filed within 15 days of the transaction date. Failure by financial institutions to report suspicious activity can lead to civil penalties such as fines.

How can financial institutions prepare for submitting Suspicious Activity Reports?

Financial institutions are required to implement financial crime compliance programs that are adequately designed to be able to detect and mitigate the risks they are exposed to, within the scope of their regulated activities. Elements of these programs include putting robust policies and procedures in place, conducting regular risk assessments, and using tools and human resources to implement sound controls.

Sophisticated compliance tools, such as name screening software or transaction monitoring systems are instrumental in streamlining these controls. For example, an institution’s policy may require enhanced due diligence or the interdiction of business relationships with entities convicted of certain wrongdoings, but only robust adverse media and enforcement screening tools would enable effective and efficient detection of such previous convictions. Hence, screening tools help to inform an institution’s risk assessment of a customer, enabling it in turn to implement its risk-based approach.

[1] https://www.icij.org/investigations/fincen-files/suspicious-activity-reports-explained/