A Suspicious Activity Report (SAR) is a report made by a regulated institution in a variety of finance-related industries, from depository institutions to dealers in precious metals, about suspicious or potentially suspicious activity. The report is filed with that jurisdiction’s financial crime enforcement agency, usually referred to as the Financial Intelligence Unit (FIU).
In the United States, under the Bank Secrecy Act of 1970 (BSA), financial institutions are required to assist U.S. government agencies in detecting and preventing financial crime. These efforts include keeping records of cash purchases of negotiable instruments and filing reports, referred to as Currency Transaction Reports (CTRs), of daily cash transactions exceeding $10,000. Notably, the requirement to file SARs in the United States was mandated by the Annunzio-Wylie Anti-Money Laundering Act of 1992.
Under the regulations, the SAR must be filed, through the BSA E-Filing System, to the U.S. Treasury’s, Financial Crimes Enforcement Network (FinCEN), the nation’s FIU, within 30 days of the date of “initial detection of facts that may constitute a basis for filing a suspicious activity report.” However, an extension of 30 days can be obtained if the identity of the entity conducting the suspicious activity cannot be determined. Notably, the filing of a SAR cannot be delayed longer than 60 days, and institutions must maintain records of its filing for a period of five (5) years.
For FIUs in other jurisdictions, the policies and procedures may differ as the organizational maturity and independence may vary. For example, in the United Arab Emirates, the Central Bank had recently mandated that its licensed financial institutions submit suspicious activity reports directly to the country’s FIU using the “goAML” digital portal within a maximum of 35 days from detection; while in Germany, the SARs may only be submitted via fax. Notably though, an FIU’s independence, a risk factor in Sigma’s properiery Country Risk Ratings, is imperative in the fight against financial crime, which is highlighted by Recommendation 29 from the FATF.
As we’ve previously covered in 1st Level vs. 2nd Level Reviews, which covered the reviews conducted by financial institutions in order to meet their anti-money laundering (AML) obligations, the sources an AML analyst may utilize in their investigation include a mix of internal data (customer records, payment data, etc.) and external data (public domain searches, government databases, etc.), which may include access to third-party databases (such as Sigma Terminal, World Check, LexisNexis). Most critically, Open-Source Intelligence (or OSINT), the process of using data from the Internet and other publicly available information goes a long way in both mitigating unusual activity, or facilitates “initial detection of facts that may constitute a basis for filing a suspicious activity report.”