Determining Suspicious Activity

Determining Suspicious Activity

When must an institution file a Suspicious Activity Report, or SAR? What criteria do they use in determining suspicious activity? The baseline for filing an SAR is suspicion. Suspicion is a very low threshold. Suspicion can be described in many ways. A very good indicator that something is wrong is your intuition. Trust your guts. If you feel something is wrong, most likely, there is something wrong. 

Having suspicion means no proof of a crime or predicate offense is needed. So, what is the basis for suspicion? It can be unusual client behavior, such as a behavior change in a person. For example, a long-term client comes to the branch with different clothes and a beard and refuses to speak to women. This instance could be an indication of radicalization. It could be a person who is nervous and more interested in thresholds for transactions than the costs of an account. But it may also be an unusual behavior with product use. Imagine a current account that was only used for living expenses and is now used for huge international transactions.

Determining Suspicious Activity

Ways in Determining Suspicious Activity

Besides from suspicion, another reason to file an SAR is an activity with no apparent economic reason, like a very complex offshore company setup. This same setup may not appear to have any lawful purpose.

Also, look for transactions or activities inconsistent with Customer Due Diligence/Know Your Customer or CDD/KYC information. Suppose the activities are inconsistent with your knowledge of the customer. In that case, its business, risk profile, source of funds, and CDD/KYC information are outdated, or the activity is suspicious.

Institutions should be aware that in many jurisdictions, a SAR can only be filed if the activity is presumed to be related to a predicate offense, as we will explain in a moment. Suppose the SAR is not connected to a predicate offence. In that case, it can even be seen as a breach of banking secrecy in some jurisdictions with robust banking secrecy laws like Switzerland or Luxembourg. In general, institutions file SARs based on suspicion, but law enforcement will be the one who finally needs to connect the SAR with a predicate offense.

In the US, SARs are filed on suspicious activity. There is no need for institutions to link that activity to a predicate offense before filing. Remember, your SAR may be a minor incident within your institution, but it gives crucial information on a big case. 

Determining Suspicious Activity

Money laundering requires a predicate offense to be unlawful. The offense must generate unlawful money. Initially, predicate offenses were connected to drug-related offenses. The definition of predicate offenses has been expanded to include serious crimes and other crimes. Due to an Financial Action Task Force or FATF recommendation, tax evasion is the newest inclusion in predicate offenses.

It was included in the 4th EU AML Directive and the legislation in many other countries. Even Switzerland included tax evasion in its predicate offenses. Predicate offenses vary from jurisdiction to jurisdiction, so know your local laws and regulations. 

An SAR always follows an investigation. Why? Because you are expected to send complete information, so you must take the time to investigate before filing a report. Internal referrals or Unusual Activity Reports are among the most important sources for investigations and, therefore, for SARs. Front-line staff interact with customers directly and are a great source of information. They escalate suspicious activities or information to the financial crime departments. The conversion rate from front-line referrals to SARs tends to be very high. An audit is the third line of defense. An audit allows the institution to discover what the first line of front office staff and the second line in the financial crime departments missed.

Final Thoughts

The context of the transaction is an important factor in determining suspicion. This will differ from one business to the next and from one client to the next. As an entity or an employee of an entity, you should evaluate transactions based on what appears appropriate and is within normal practices in your specific line of business, as well as your knowledge of your client. Suspicion should be based on a reasonable assessment of relevant factors such as knowledge of the customer’s business, whether the transactions are consistent with standard industry practices, financial history, background, and behavior.