A Suspicious Activity Report (SAR) is a document filing to track suspicious activities and to inform regulatory bodies about them by related institutions. When money laundering or fraud is suspected, financial institutions and those associated with their business must apply to the authorities. The regulatory body changes according to location; the UK Financial Intelligence Unit on behalf of the National Crime Agency (NCA) is the entity that controls SAR reports in the UK.
These SARs are required under the Bank Secrecy Act (BSA) of 1970. SARs alert law enforcement agencies to potential money laundering or terrorist financing cases. They are an important source of intelligence not only in economic crime but also in criminal activities. The overall purpose of SAR is to identify illegal activities such as money laundering and terrorist financing, tax evasion, and other financial fraud.
Although the report varies from country to country, monitoring any activity that could threaten public security is often necessary. However, there is a suspicion that the account holder is trying to hide something or take illegal action. The SAR Report is usually sent to the country's financial crime enforcement agency to collect and analyze transactions and then report them to the relevant law enforcement agencies. The file must be submitted no later than 30 calendar days from the date of the first identification of facts that may serve as the basis for filing.
Companies must raise SAR when they detect one of the followings:
- Extremely high-value deposits
- Unusual transactions in terms of sender, receiver, location and volume
- High-value transactions across countries
- Abnormal customer behavior
- Non-commercial transactions
What Can Be Considered a Suspicious Activity?
Suspicious activities are defined by specific values in currency, known as thresholds of currency. In the United States, the Financial Crimes Enforcement Network (FinCEN) sets these thresholds for national US banks and international banks operating under the jurisdiction of the Office of the Comptroller of the Currency (OCC). These definitions, while specific to US banks, give a general idea of the types of activity that qualify as suspicious.
According to the OCC, an SAR (Suspicious Activity Report) must be filed with FinCEN in certain circumstances, such as:
- If insider trading abuse is suspected,
- If a violation involving $5,000 or more is identified,
- If a violation involving $25,000 or more is detected, regardless of the suspect.
Additionally, transactions that violate the Bank Secrecy Act (BSA) or are intended to evade existing regulations must also trigger a SAR filing. In general, reasonable suspicion is considered a reasonable possibility that relevant evidence exists, and a "vague feeling of unease" would not be sufficient.
Suspicious Activity Report in Transaction Monitoring
Transaction Monitoring also has an important place for Suspicious Activity Reports. Transaction Monitoring responds to companies' AML (Anti-Money Laundering), CFT (Counter-Financing of Terrorism), and KYC (Know Your Customer) requirements. Transaction monitoring generates an alarm for suspicious situations. When the software issues an alarm, the transaction is automatically stopped, and the transaction is reviewed in detail by the Firm's Compliance or Risk Department. At this point, if the SAR comes into play and detects crime in the customer transaction, the suspicious transactions report to the AML, CFT, and KYC regulators.
Suspicious Activity Reporting Process
Suspicious Activity Reports are a tool provided by the BSA of 1970. SARs allow governments to identify and analyze trends and patterns that arise in a wide range of personal and organized crime. With this information, they can predict and resist fraudulent and criminal behavior before gaining a place. Even though most SARs come from the financial sector, institutions such as law enforcement, public safety workers, and business owners also submit a SAR. Federal law requires that a financial institution and its managers, officers, employees, and agents reporting suspicious or known criminal violations or suspicious activities not report to any person reporting the transaction.
The following information sections are required to submit a SAR file:
- Information such as the names, passport numbers, birth dates, addresses, social security numbers, and phone numbers of all parties related to the suspicious event is collected.
- Dates of suspicious events that took place and documentation of suspicious activity codes are required.
- Contact information is required for the financial institution and the institution where the auspicious event took place.
- A written description of the suspicious event is developed.
According to NCA, every single suspicious activity must be reported immediately in regulated sector companies under Part 7 of the Proceeds of Crime Act 2002 (POCA) and the Terrorism Act 2000. However, if a company in a different sector detects an abnormality that suspects money laundering or any kind of financial crime, it must raise SAR too.
Regulators of the SAR
SAR report is made by a financial institution that observes suspicious activity in an account. The report is sent to NCA in the UK, which is investigating the incident. The financial institution can report within 30 days of any account activity they deem suspicious or unusual, and a 60-day extension can be obtained to gather more evidence as needed. Financial institutions should keep a copy of SAR for five years. Failure to comply with any of these regulations may result in civil and criminal penalties, including significant fines, legal restrictions, loss of banking contracts, and even prison terms. Total monetary settlements collected by regulatory agencies and law enforcement agencies for money laundering, sanctions, and tax evasion.
Confidentiality of SARs
The Suspicious Activity Report's effectiveness depends on these reports' extreme confidentiality because it contains customers' confidential personal information and potentially has significant legal consequences. The person under investigation is never informed about the pending report. Similarly, discussions with third parties like media companies are a federal crime. When a bank or financial institution submits a SAR file, the information provided is reviewed by financial researchers, management staff, and lawyers before concluding the SAR. As a result. Special privileges are given to protect those who submit SARs as part of a company or alone; for example, people who submit SARs do not need to disclose the name of their name or organization.
The Current State of SAR Filings
In January 2022, the number of SARs filed exceeded any other month on record, and it shows an increase compared to January 2021 and 2020. Additionally, in 2021, the number of SARs filed surpassed 3 million for the first time and it is projected to reach 3.5 million by the end of 2022. Depository institutions, such as banks and credit unions, account for 45% of all SARs filed, while money services businesses file around 40%. Out of the 90 different categories of suspicious activity that can be reported, two stand out: "transactions below the BSA threshold" were used by MSBs 50,142 times and by depository institutions 34,057 times.
How Can Sanction Scanner Help?
As a leading AML compliance Regtech, Sanction Scanner offers a Transaction Monitoring tool to detect suspicious activities of your customers or individuals using your financial services. The product monitors every activity which your company mediates and its machine-learning algorithm detects suspicious attempts. On the other hand, it provides you to create your own rules and rule sets, and create your own scenarios according to your company's risk appetite, size, sector etc. The rules can be adjusted for different customer groups according to their risk levels. After setting up, AML Transaction Monitoring software watches the activities of customers for your compliance team and notifies them if it detects a suspicious transaction by real-time alerts. If you want to know more about our solution you can contact us or request a demo of the product.