Discover our latest AI-powered innovations around faster payments, smarter workflows, and real-time visibility.Learn more →

Learn

Suspicious Activity Report

Welcome to Learn, where we provide straightforward, easy-to-understand definitions of the payments industry.

Follow us

A Suspicious Activity Report (SAR) is a report that a bank or other financial institution must file if it suspects that a customer might be breaking the law and committing fraud, financing terrorism, or laundering money.

Financial institutions must file these reports with the Financial Crimes Enforcement Network (FinCEN) via the e-filing system of the Bank Secrecy Act (BSA).

The Financial Action Task Force (FATF) provides recommendations to financial institutions for filing SAR and detecting terrorist financing.

History of the Suspicious Activity Report

Suspicious activity reports have been part of the anti-money laundering statutes and regulations since the BSA became law in 1970. Then in 2001, the USA Patriot Act expanded the requirements for what constitutes suspicious activity to battle domestic and global terrorism.

What Is the Purpose of a Suspicious Activity Report?

The purpose of a suspicious activity report is to provide financial institutions with a way to report potentially suspicious or illegal activities.

Suspicious activity could include:

  • Particularly large numbers of wire transfers and/or a pattern of wire transfers.
  • Transactions that look like they’re trying to sidestep recordkeeping and reporting requirements.
  • An unusual mix of deposits into a business account, e.g., third-party checks, payroll checks, money orders, etc.

This information helps FinCEN identify emerging patterns and trends involving financial crimes — information law enforcement agencies need to investigate crimes like money laundering and terrorism financing.

How Does a Suspicious Activity Report Work?

Once a financial institution discovers suspicious activity, it has 30 days to file a SAR.  If it needs more time to identify the person associated with the suspicious transaction, it can get a 30-day extension. But all reports must be filed no more than 60 days after the suspicious activity is discovered. The bank is not allowed to mention the report to any person or entity included in the filing (also known as “tipping off”).

Financial institutions have to keep copies of their suspicious activity reports and any supporting documentation for five years from the dates they filed the reports. They are also required to hand over supporting documentation to FinCEN or other law enforcement or federal banking agencies if they’re asked for it.

Under FinCEN, financial institutions must identify five essential components of the suspicious activities they're reporting:

  1. Who is conducting the suspicious activity?
  2. What method is the person using to facilitate the suspicious activity?
  3. When did the suspicious activity take place?
  4. Where did the suspicious activity take place?
  5. Why does the financial institution think the activity is suspicious?

A financial institution might consider a transaction suspicious if it is different from other activities that have occurred within an account. However, just because a transaction is different does not necessarily mean that it is malicious,  fraudulent, or otherwise illegal. FIs should confirm that unusual activity does not have a valid explanation.

Try Modern Treasury

See how smooth payment operations can be.

Talk to sales
More from

Learn

Learn topic image

Compliance is a crucial function for any company that moves money on behalf of their customers. Dive into the fundamentals behind key compliance processes like KYC, KYB, transaction monitoring, and more.

Compliance risk management (CRM) is the ongoing process of identifying, assessing, and mitigating potential risks that threaten an organization’s business.

Read more

Customer due diligence (CDD) is a process used at financial institutions (FIs) when working with potential new customers.

Read more

The Customer Identification Program (CIP), part of the Know Your Customer program guidelines, requires that financial institutions in the U.S. verify that customers (both individuals and businesses) are who they say they are when they open new accounts for themselves or other people.

Read more

FinCEN, short for Financial Crimes Enforcement Network, is a government bureau that aims to prevent money laundering and other financial crimes—and punish bad actors that commit them.

Read more

Know Your Business (KYB) is a set of verification procedures that helps companies avoid getting into business with criminals.

Read more

The Office of the Comptroller of the Currency (OCC) is a federal agency that "charters, regulates, and supervises" all national banks.

Read more

According to the Department of Labor (DOL), Personal Identifiable Information (PII) is any information from which a person’s identity can be either directly or indirectly inferred.

Read more

A Politically Exposed Person (PEP) is someone that might be more likely to break the law or be corrupt because of the power their position affords them.

Read more

Specially Designated Nationals (SDN) are individuals and entities tied to countries that the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has hit with sanctions.

Read more

A Suspicious Activity Report (SAR) is a report that a bank or other financial institution must file if it suspects that a customer might be breaking the law and committing fraud, financing terrorism, or laundering money.

Read more

Anti-money laundering (or AML) compliance entails a careful adherence to rules and regulations aimed at combating illicit financial activities.

Read more

Know Your Customer or Know Your Client (KYC) is a set of guidelines for verifying the identity of a customer and gauging the associated risk of working with them.

Read more

The Office of Foreign Assets Control (OFAC) is a financial intelligence and enforcement agency under the jurisdiction of the US Treasury Department.

Read more

PCI DSS certification means your business has met the requirements laid out in the Payment Card Industry Data Security Standard (PCI DSS) to secure payment card data.

Read more

Service Organization Control 2 (SOC 2) is a voluntary auditing procedure that service providers complete to keep their clients’ data secure from cyber attacks.

Read more

Section 314(a) is part of the USA Patriot Act that enables financial institutions (FIs) and law enforcement to work together to fight money laundering and terrorist activity.

Read more

Section 314(b) and Section 314(a) of the USA Patriot Act both relate to information requests under the Banking Secrecy Act (BSA).

Read more

A currency transaction report (CTR) is a report made by U.S. financial institutions aiming to prevent money laundering.

Read more

An Agent of the Payee is a person, entity, or other intermediary specifically appointed by a payee to process and collect payments on their behalf.

Read more

Identity Verification APIs allow businesses to streamline the process of checking the identities of new users by automatically, and in some cases instantly, verifying their provided identifying information.

Read more

The Bank Secrecy Act (BSA)—also known as the Currency and Foreign Transactions Reporting Act—is a piece of legislation designed to help prevent fraud.

Read more

The Electronic Fund Transfer Act (EFTA) is a federal law in the U.S. that regulates electronic transactions to protect consumers.

Read more