Suspicious Activity Report (SAR): What You Need to Know

5 mins

In 2009 alone, an estimated USD 1.6 trillion was laundered globally, according to the United Nations Office on Drugs and Crime (UNODC). To combat the growing volume of illicit financial activities, such as money laundering or the financing of terrorism, it is the duty of financial institutions (FI) to report any suspicious transactions to authorities. For most countries, this takes the form of a document submitted by a financial institution to the appropriate authority, according to compliance regulations for that country. Documents filed are known as suspicious activity reports (SAR), or sometimes suspicious transaction reports (STR).

As such, financial institutions must be aware of when and how to report suspicious activity for the specific country they are operating in and should ensure that their Anti-Money Laundering (AML) process is set up to submit such reports efficiently.



What Is a Suspicious Activity Report (SAR)?

The purpose of a Suspicious Activity Report is to make financial authorities aware of transaction behaviour that:

  • seems out of the ordinary
  • might be indicative of criminal activity
  • might be a threat to public safety

Suspicious behaviour around bank accounts and other financial services often indicates that clients are involved in money laundering, the financing of terrorism, or fraud.

As a critical component of law enforcement efforts, SAR filing is an essential compliance obligation for all financial institutions. In addition, SARs enable governments to analyse emerging trends in financial crime and develop legislation and policy to counteract that activity. This important obligation is also mandated in the FATF 40 Recommendations.

What triggers a suspicious activity report?

The filing of a SAR is necessary whenever a financial institution detects a potentially suspicious transaction, or set of transactions, to or from one of its clients. This is not immediate; most countries have a timeframe of around 30 days for financial institutions to confirm and file the SAR. That time can usually be extended to 60 or 90 days if additional supporting documentation is required to support the filing.

Typical triggers to file a SAR include, but are not limited to:

  • Transactions over a certain value
  • International money transfers over a certain value
  • Unusual transactions or account activity

Example 1 – A customer deposits the same amount of money in their account on a monthly basis. If that customer suddenly starts to deposit and withdraw large amounts of money on a weekly schedule, that behaviour would merit suspicion and trigger a SAR.

In addition, SARs are also required if financial institutions detect that:

  • employees engage or have engaged in suspicious behaviour
  • computer systems were compromised in any way (for example, via   unauthorised/improper access or hacking)


Who Should File a SAR?

In general, financial institutions commonly employ a variety of automated detection systems, also known as transaction monitoring (TM) or name screening (NS), as part of their overall AML strategy.

Usually, these automated systems will be the first to detect such activity, but analysis, investigation and final verification of suspicious activity requires action by human agents and administrators.

Therefore, it is imperative that employees of financial institutions, especially those actively engaged in the AML process, are trained to:

  • recognise suspicious activity
  • complete an SAR document correctly, and
  • submit it to appropriate authorities in a timely manner

all of which are also contingent on the prevailing regulations of that country or jurisdiction.

Note: In most financial institutions, a nominated AML officer will be a point of contact for employees reporting suspicious activity, and who is ultimately responsible for submitting the SAR to the authorities.

SAR Confidentiality

Filing of a SAR necessitates disclosure of clients’ confidential personal information, and as such, presents significant legal risk and consequences.

It is thus critically important that the reporting process takes place in utmost confidentiality. Accordingly, the subject of these reports are not informed of any such filing. Moreover, discussion of SAR filings, current or future, with third parties (e.g., media organisations) is legally forbidden.

The following measures are also taken to protect the confidentiality of the SAR process:

  • review of SAR documents by financial investigators, management personnel, and attorneys
  • extension of special privileges to employees who initiate SARs, in order to protect their anonymity
  • provision of immunity to reporting persons for the statements they make during the SAR process


The Future of SARs — Electronic Filing

The process of filing a SAR can vary significantly from country to country, although many countries have started to implement electronic systems (e-filing) to improve standardisation and boost efficiency.

Typical SAR Decision-Making Process

The following diagram shows a typical decision-making flow prior to filing of a SAR.


Filing an SAR in the US

In the United States, submission of a Financial Crimes Enforcement Network (FinCEN) suspicious activity report (SAR) must be conducted via the BSA e-filing system. Generally, employees completing such an SAR must fill in an online form that includes various relevant factors such as:

  • transaction dates
  • names of those involved
  • written description of the suspicious activity


Filing an SAR in the UK

In the UK, SARs must be submitted to the National Crime Agency (NCA) by a financial institution’s nominated officer. Once a determination has been made to proceed with SAR filing, and if it is safe to do so, the nominated officer should suspend the relevant transactional activity, before initiating an SAR submission.

While SARs in the UK can be submitted in physical format, the SAR Online system is a faster and more efficient means.

Tookitaki provides next-generation AML compliance solutions that accurately detect suspicious activities and transactions and help effectively file SARs or STRs with your regulator with readily available supporting information. Our machine learning-powered solutions for Transaction Monitoring and Watchlist/Transactions/Name Screening help identify suspicious people and transactions and rank system alerts into high, medium and low-risk categories based on their risk sensitivity.

To find out more about our solutions and their market-leading features, speak to one of our AML experts.