Suspicious Activity Report (SAR)

When the behavior does not necessitate the submission of a currency transaction report, the extent to which financial institutions must build processes to examine currency transactions to detect and disclose “structuring.” This article elaborates on ‘Suspicious Activity Report (SAR)’.

The scope and circumstances under which positive multi-day monitoring for possible suspicious activities should be commenced. 

Suppose a transaction includes or aggregates at least $5,000 in funds or other assets. The bank knows, suspects, or has to cause to believe that the transaction is structured to circumvent any provisions of the Bank Secrecy Act, such as structuring. In that case, the bank must submit a Suspicious Activity Report

To comply with the suspicious activity reporting regulation, a bank must have in place systems to identify the kinds of transactions and accounts that may exhibit indicia of suspicious activity. Otherwise, a bank cannot assure that it is reporting suspicious transactions as required by the Bank Secrecy Act.

Structuring is the breaking up of transactions to evade the Bank Secrecy Act reporting and recordkeeping requirements and, if appropriate thresholds are met, should be reported as a suspicious transaction. 

Suspicious Activity Report (Sar)

Suspicious Activity Report (SAR) 

When the behavior does not necessitate the submission of a currency transaction report, the extent to which financial institutions must build processes to examine currency transactions in order to detect and disclose “structuring.” 

The scope and circumstances under which positive multi-day monitoring for possible suspicious activities should be commenced. 

If a transaction includes or aggregates at least $5,000 in funds or other assets, and the bank knows, suspects, or has to cause to believe that the transaction is structured to circumvent any provisions of the Bank Secrecy Act, such as structuring, the bank must submit a Suspicious Activity Report.

A bank must have procedures in place to detect the types of transactions and accounts that may show signs of suspicious behavior in order to comply with the suspicious activity reporting law. A bank cannot guarantee that it is reporting suspicious transactions as required by the Bank Secrecy Act if it does not do so. 

Structuring is the breaking apart of transactions to avoid the Bank Secrecy Act’s reporting and recordkeeping obligations, and it should be reported as a suspicious transaction if the proper criteria are satisfied.

Forms of Structuring

There are two primary types of structuring. To begin, a client may deposit currency in sums less than $10,000 on many days (e.g., $9,990.00) in order to avoid a financial institution’s duty to declare any cash deposit exceeding $10,000 on a currency transaction report. Despite the fact that such deposits do not need aggregation for currency transaction reporting since they occur on separate business days, they fulfill the criteria of structuring as defined by the Bank Secrecy Act, related regulations, and applicable case law.

Another variation on basic structuring is for a customer or customers to conduct multiple transactions in one or more bank branches on the same day or over several days or more in order to avoid either the currency transaction reporting requirement or another Bank Secrecy Act requirement, such as the recordkeeping requirements for funds transfers of $3,000 or more.

Structuring may be indicative of underlying illegal activity. Furthermore, structuring itself is unlawful under the Bank Secrecy Act. A financial institution’s anti-money laundering program should be designed to detect and report both categories of structuring to guard against the use of the institution for money laundering and ensure the institution is compliant with the suspicious activity reporting requirements of the Bank Secrecy Act. 

The extent and specific parameters under which a financial institution must monitor accounts and transactions for suspicious activity should be commensurate with the level of money laundering and terrorist financing risk of the specific institution, considering the type of products and services it offers, the locations it serves, and the nature of its customers. 

In other words, suspicious activity monitoring and reporting systems cannot be “one size fits all.”

It is the bank’s responsibility to establish and implement risk-based policies, procedures, and processes to comply with the Bank Secrecy Act and safeguard its operations from money laundering and terrorist financing.

FinCEN SAR Filing Instructions

Who Must File: 

Certain financial institutions operating in the United States are required to file with FinCEN, a report of any suspicious transaction relevant to a possible violation of law or regulation. 

The following financial institutions are required to file a FinCEN SAR: 

SAR Filing Deadlines: 

A FinCEN SAR must be filed within 30 calendar days after the reporting financial institution’s initial discovery of information that may provide a basis for filing a report. 

A financial institution may postpone submitting a FinCEN SAR for an additional 30 calendar days if no suspect is identified on the day of the original discovery, but reporting must not be delayed for more than 60 calendar days after the date of the initial detection.

Filing Requirements for Financial Institutions

Any transaction conducted or attempted by, at, or through a financial institution that involves or aggregates $5,000 ($2,000 for money services businesses) and the financial institution knows, suspects, or has reason to suspect that the transaction or pattern of transactions of which the transaction is a part: 

• involves funds derived from illegal activity or is intended or conducted to hide or disguise funds or assets derived from illegal activity; 

• is designed, whether through structuring or other means, to evade any relevant requirement of the Bank Secrecy Act;

• has no business or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the financial institution knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction, or 

• involves the use of the financial institution to facilitate criminal activity. 

To protect the confidentiality of these reports, the statute prohibits any filing institution or its personnel from notifying anyone involved in the transaction that it has been reported, including any government employee or officer, unless the notification is required to carry out the employee’s or officer’s official duties. Furthermore, the Act includes a “safe harbor” provision that shields any financial institution and its employees that file a SAR, whether it is mandated or voluntary, from responsibility for the report or for failing to notify any individual named in the report.

Additional Filing Instructions for Banks

In addition to the above requirements, a bank must file a FinCEN SAR for activity involving the detection of any known or suspected Federal criminal violations or pattern of criminal violations committed or attempted against the financial institution or involving a transaction or transactions conducted through the financial institution, where the bank believes that it was either an actual or potential victim of a criminal violation, or series of criminal violations.

If the bank was used to facilitate a criminal transaction, and the bank has a substantial basis for identifying one of its directors, officers, employees, agents or other institution-affiliated parties as having committed or aided in the commission of a criminal act regardless of the amount involved in the violation.

Violations aggregating $5,000 or more where a suspect can be identified. Whenever the bank detects any known or suspected Federal criminal violation, or pattern of criminal violations, committed or attempted against the bank or involving a transaction or transactions conducted through the bank and involving or aggregating $5,000 or more in funds or other assets, where the bank believes that it was either an actual or potential victim of a criminal violation or series of criminal violations, or that the bank was used to facilitate a criminal transaction, and the bank has a substantial basis for identifying a possible suspect or group of suspects.

If it is determined before filing this report that the identified suspect or group of suspects has used an “alias,” then information regarding the true identity of the suspect or group of suspects, as well as alias identifiers, such as drivers’ licenses or social security numbers, addresses and telephone numbers, must be reported. 

Violations aggregating $25,000 or more regardless of a potential suspect. Whenever the bank detects any known or suspected Federal criminal violation, or pattern of criminal violations, committed or attempted against the bank or involving a transaction or transactions conducted through the bank and involving or aggregating $25,000 or more in funds or other assets, where the bank believes that it was either an actual or potential victim of a criminal violation or series of criminal violations, or that the bank was used to facilitate a criminal transaction, even though there is no substantial basis for identifying a possible suspect or group of suspects.

Additional Reporting CTR

The Bank Secrecy Act requires financial institutions to file a Currency Transaction Report (CTR) following the requirements of the Department of the Treasury whenever a currency transaction exceeds $10,000: 

• if a currency transaction exceeds $10,000 and is otherwise reportable as suspicious activity, the institution must file both a CTR (reporting the currency transaction) and a FinCEN SAR (reporting the suspicious activity); 

• if a currency transaction is $10,000 or less and is otherwise reportable as suspicious activity, the institution should only file a FinCEN SAR. Appropriate records must be maintained in each case. 

Fraud Related SARs

Fraud-related SARs are filed by numerous business lines inside banks, including corporate security, fraud prevention, loan risk and recovery, consumer lending operations, and credit card operations. While other business lines may make referrals of potentially suspicious activities, all SARs are submitted by the bank’s BSA division, according to one bank. 

A rise in fraud-related SARs has been reported by several banks, particularly in the areas of mortgage loan fraud, home equity loan fraud, credit card fraud, and general account misrepresentations and false claims. FinCEN’s SAR Conduct Reviews and home loan fraud studies, according to some institutions, are useful tools for detecting this sort of activity.

The acts of money laundering and fraud are often quite interconnected. The financial gain of the fraudulent activity ultimately needs to be integrated into the financial system, so money laundering is often a product of fraud. Therefore, it was of interest to FinCEN that many banks’ AML programs are run entirely separately from their fraud detection programs. 

Several banks noted the challenge that a successful AML program does not recoup losses like anti-fraud programs with pure money laundering. There typically is not a loss for the bank, meaning there are no funds to recoup.

From a due diligence perspective, information financial institutions have available and collect to comply with their anti-money laundering program requirements mirrors the information they would already be gathering for anti-fraud purposes. 

The information used for AML purposes is often the same that is needed for fraud investigations. As a result, the resources being spent on fraud detection and prevention within financial institutions may well support the AML program and vice versa.

AML programs and fraudulent activity became more sophisticated over time, efforts by banks to combat fraud and money laundering diverged. There is a need to see the fraud risks and ML risks together while monitoring the transactions and activities. There is a need to merge anti-fraud and anti-money laundering resources and tools as part of the overall Compliance Program.

Final Thoughts

When organizations or financial institutions detect suspicious transactions, it’s their responsibility to report them to authorities. This is done to prevent criminal behavior such as ML/TF. Report such suspicious transactions takes place by submission of a Suspicious Activity Report (SAR).

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}