A Suspicious Activity Report (SAR) is a report that a bank or other financial institution must file if it suspects that a customer might be breaking the law and committing fraud, financing terrorism, or laundering money.
The Financial Action Task Force (FATF) provides recommendations to financial institutions for filing SAR and detecting terrorist financing.
History of the Suspicious Activity Report
Suspicious activity reports have been part of the anti-money laundering statutes and regulations since the BSA became law in 1970. Then in 2001, the USA Patriot Act expanded the requirements for what constitutes suspicious activity to battle domestic and global terrorism.
What Is the Purpose of a Suspicious Activity Report?
The purpose of a suspicious activity report is to provide financial institutions with a way to report potentially suspicious or illegal activities.
Suspicious activity could include:
- Particularly large numbers of wire transfers and/or a pattern of wire transfers.
- Transactions that look like they’re trying to sidestep recordkeeping and reporting requirements.
- An unusual mix of deposits into a business account, e.g., third-party checks, payroll checks, money orders, etc.
This information helps FinCEN identify emerging patterns and trends involving financial crimes — information law enforcement agencies need to investigate crimes like money laundering and terrorism financing.
How Does a Suspicious Activity Report Work?
Once a financial institution discovers suspicious activity, it has 30 days to file a SAR. If it needs more time to identify the person associated with the suspicious transaction, it can get a 30-day extension. But all reports must be filed no more than 60 days after the suspicious activity is discovered. The bank is not allowed to mention the report to any person or entity included in the filing (also known as “tipping off”).
Financial institutions have to keep copies of their suspicious activity reports and any supporting documentation for five years from the dates they filed the reports. They are also required to hand over supporting documentation to FinCEN or other law enforcement or federal banking agencies if they’re asked for it.
Under FinCEN, financial institutions must identify five essential components of the suspicious activities they're reporting:
- Who is conducting the suspicious activity?
- What method is the person using to facilitate the suspicious activity?
- When did the suspicious activity take place?
- Where did the suspicious activity take place?
- Why does the financial institution think the activity is suspicious?
A financial institution might consider a transaction suspicious if it is different from other activities that have occurred within an account. However, just because a transaction is different does not necessarily mean that it is malicious, fraudulent, or otherwise illegal. FIs should confirm that unusual activity does not have a valid explanation.
Compliance refers to the regulations, laws, and guidelines governing businesses and financial institutions.
- 1What is SOC 2?
- 2What is Section 314(b)?
- 3Financial Crimes Enforcement Network (FinCEN)
- 4Customer Due Diligence
- 5Customer Identification Program
- 6What is Section 314(a)?
- 7Suspicious Activity Report
- 8Politically Exposed Person
- 9Specially Designated Nationals
- 10What is a Currency Transaction Report?
- 11What is OFAC?
- 12What is the Bank Secrecy Act (BSA)?
- 13What is PCI DSS Certification?
- 14What is AML Compliance?
- 15Office of the Comptroller of the Currency (OCC)
- 16Personal Identifiable Information (PII)
- 17Compliance Risk Management?
- 18What is Know Your Customer (KYC)?
- 19Know Your Business (KYB)