Skip to main content Skip to navigation

Launching AI-driven Fraud Detection

What is a Suspicious Activity Report (SAR Report)?

Transaction Monitoring Knowledge & Training

When financial institutions detect suspicious transactions, it is their duty to report them to the authorities. This is done in order to prevent potential criminal behavior, such as money laundering or the financing of terrorism. In most countries, the reporting of suspicious activity takes place via the submission of a suspicious activity report (SAR), a document sent by a financial institution to the appropriate authority, according to compliance regulations.

Financial institutions should understand when and how to report suspicious activity to the relevant authority and ensure their AML program is set up to facilitate the process efficiently.

Why Use A Suspicious Activity Report (SAR)?

Suspicious Activity Reports are used to make financial authorities aware of transaction behavior that seems out of the ordinary, that might be a precursor to a crime, or that might threaten the safety of the public. Suspicious activity around bank accounts and other financial services is often an indicator that clients are involved in laundering, the financing of terrorism, or fraud money laundering.

Given its importance to law enforcement efforts, SAR filing is a priority compliance obligation for financial institutions, but it is also a way for governments to analyze emerging trends in financial crime and develop future legislation and policy to counteract that activity. The obligation to log a suspicious activity report in regards to transactions is also mandated in the FATF’s 40 Recommendations.

When is a Suspicious Activity Report Required?

A suspicious activity report is necessary whenever a financial institution detects a potentially suspect transaction from one of its clients. When that suspicious activity is detected, the financial institution usually has around 30 days to confirm and submit the SAR, but that period may be extended to 60 days if more evidence is required to support the document. Circumstances which might trigger a SAR include:

  • Transactions over a certain value
  • International money transfers over a certain value
  • Unusual transactions or account activity

For a practical example of a situation where a SAR would be necessary, consider a customer who deposits the same amount of money in their account on a monthly basis. If that customer suddenly started to deposit and withdraw large amounts of money on a weekly schedule, that behavior would merit suspicion and trigger a suspicious activity report.

SARs are not restricted to unusual customer transactions or behavior; they are also required if financial institutions detect employees engaged in suspicious behavior, or if computer systems are hacked or compromised in any way.

 Who Should Create SAR Reports?

In most cases, suspicious activity may be detected by an institution’s automated monitoring system, but it falls to human administrators to verify and report that suspicious activity. The importance of human vigilance in the suspicious activity report process means that employees must be trained to recognize suspicious activity, how to complete a SAR document correctly, and how to submit it to the appropriate authorities – which obviously vary by territory.

AML Officer: In most financial institutions, a nominated AML officer will be a point of contact for employees reporting suspicious activity and is ultimately responsible for submitting the SAR to the authorities.

 Are Suspicious Activity Reports Confidential?

SARs necessarily involve clients’ confidential personal information and generate potentially significant legal consequences, so it is important that the reporting process takes place confidentially. Accordingly, when SARs are filed, the subjects of the reports are not informed and discussion of the SAR with third-parties, like media organizations, is legally forbidden. Several additional factors protect the confidentiality of the SAR process:

  • SAR documents are reviewed by financial investigators, management personnel, and attorneys.
  • Special privileges are afforded to employees who initiate SARs in order to protect their anonymity. 
  • All reporters receive immunity for the statements they make during the SAR process.

What is SAR e-Filing?

The SARs submission process varies by territory although most countries have made the move to an electronic system in order to standardize the process and boost efficiency.
Suspicious Activity Reporting SARS filing

Suspicious Activity Reporting in the US

In the United States, a FINCEN suspicious activity report must be submitted via the BSA e-filing system. Generally, in order to complete a SAR, employees must fill in an online form, citing various relevant factors, such as transaction dates and the names of those involved, and include a written description of the suspicious activity.

SAR Reporting in the UK

In the UK, SARs reports must be submitted to the National Crime Agency (NCA) by a financial institution’s nominated officer. Having decided a suspicious activity report should be submitted to the NCA, the nominated officer should suspend the relevant transaction activity (if it is safe to do so), before initiating the submission. SARs in the UK can be submitted in physical format, but it is faster and more efficient to use the SAR Online system.

Request a Demo

See how 1000+ leading companies are screening against the world's only real-time risk database of people and businesses.

Demo request

Originally published 24 October 2019, updated 25 August 2022

Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.

Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).