What is a SAR?

A “Suspicious Activity Report” or SAR is a document submitted by Banks or any Money Services Business that help financial authorities supervise unlawful transactions.

According to the U.S. Financial Crimes Enforcement Network (FinCEN), SARs are part of anti-money laundering regulations and cover unusual or suspicious activity that might indicate illicit or criminal transactions. Customers are not informed when a SAR is filed.  The U.S. Bank Secrecy Act (BSA) requires financial entities in the U.S. to assist government agencies in detecting and preventing money laundering and other financial crimes. Under the BSA, financial institutions (Banks, trust companies, insurers, MSB) must know who are their customers and must keep records of their transactions, as well as verify and report unusual behavior or activity.

Financial Authorities use SARs to identify customers involved in money laundering activities, fraud or terrorist funding. Tax evasion is also reason for filing SARs. In the U.S., SARs must be filed with FinCEN, a division of the U.S. Treasury and the designated administrator of the Bank Secrecy Act.

Other countries have their own financial watchdogs. SARs are filed with the National Crimes Agency (NCA) in the United Kingdom and the Australian Transaction Reports and Analysis Centre (AUSTRAC) in Australia. For example, the Philippine equivalent of the SAR is the Suspicious Transaction Report (STR). Banks, insurance companies and money remittance firms, otherwise known as “covered persons,” are required to submit this document to the Anti-Money Laundering Council (AMLC).

When is a suspicious activity report required?

The criteria for providing a SAR differs from country to country and even from institution to institution, depending on the nature of the suspicious activity and the particulars of the bank or fund. In the United States, FinCEN requires a suspicious activity report in a few instances. First, if financial institutions believe an employee engaged in insider activity, they must file a report. However, it is not limited only to employees. Financial institutions monitor customer transactions, too. If potential money laundering or violations of the BSA are detected, a report is required. Computer hacking and customers operating an unlicensed money services business also trigger an action. Once potential criminal activity is detected, the SAR must be filed within 30 days. If more evidence is needed – such as identifying a subject involved – an extension not to exceed 60 days is available. Finally, SAR filings must be kept for five years from the date of the filing. Failure to comply with any of these regulations can result in civil and criminal penalties, including substantial fines, regulatory restrictions, loss of banking charter, and even imprisonment.

A SAR may cover any transaction, with any of the following circumstances, for example:

  • it has no legal or trade obligation, purpose, or economic justification;
  • the client has no proper identification;
  • the amount does not correspond to the business or financial capacity of the client;
  • it has been structured to avoid reporting requirements
  • it deviates from the profile of the client and/or the client’s past transactions with the covered person;
  • it is related to any unlawful activity, any money laundering activity, or any offense that has been committed, is being committed, or is about to be committed; or
  • Its circumstances are similar to any of the preceding situations.

What institutions need to be aware of suspicious activity reports?

Many different types of financial industries require SAR reports, including banks and credit unions, stock and mutual fund brokers, and various money service businesses (check cashing companies, money order providers, etc.) However, casinos and card clubs, precious metals or gems dealers, insurance companies, and those involved in the mortgage business, all fall under the stipulations of the BSA. If there is an opportunity for money laundering, tax evasion, or criminal financing within the day-to-day business of the institution, the organization and its employees are required to be aware of the rules and regulations around suspicious activity reports.

Who can report suspicious activity?

A suspicious activity report can start with any employee within a financial institution. Employees are generally trained to flag and investigate suspicious activity. For example, if an employee notices an anonymous wire transfer of money out of the country or large amounts of money deposited into an account that had never seen such activity before, they would communicate their findings to supervisors who decide whether to file a report. While most SARs come from the financial sector, law enforcement, public safety workers, city or state officials, business owners, and even the general public can submit a suspicious activity report. The report functions in the same way as it does with financial matters. Whether it is a financial matter, or one related to national security, a suspicious activity report ultimately circulates to local, state, and federal agencies through the use of fusion centers. These centers make the information available to whatever other agencies may be affected by the flagged activity.