Banks and other financial institutions are required to monitor for and identify suspicious activity that could indicate money laundering, the financing of terrorism, and other crimes.
When suspicious transactions occur, these institutions must use suspicious activity reports (SARs) to report the activity to the appropriate body for legal investigation. SARs are a key part of preventing future criminal activity, and neglecting to file them is a serious issue.
What are suspicious activity reports (SARs)?
A suspicious activity report is a document that financial institutions use to record and report suspicious activity from an account holder. As part of these organizations’ legal requirement to continuously monitor for suspicious activity, it’s also their duty to create and file a SAR whenever they suspect that fraud, money laundering, or other illegal activities are taking place.
The Bank Secrecy Act (BSA) first implemented SARs in 1970 and officially made them the standard form for reporting suspicious activity in 1996. Each country’s law enforcement and financial networks are responsible for monitoring and regulating SAR filings. In the US, FinCEN is the controlling party.
The Financial Action Task Force (FATF), the global watchdog responsible for monitoring financial crimes, has listed SARs as one of its 40 recommendations to fight against money laundering.
How suspicious activity reports help identify and prevent money laundering
With millions of transactions taking place across thousands of institutions every day, it’s impossible for law enforcement and financial crime networks to track and investigate them all. Since banks already have the processes and technology in place to flag suspicious activity, having them report it is the easiest way for the appropriate parties to take action when needed.
The information filed in a SAR can help locate individual bad actors, reveal criminal networks, and shed light on their cash flow source. Once identified, law enforcement can take action to prevent future money laundering incidents. An example of this was in 2013, when a SAR filing helped dismantle a multi-state cigarette smuggling operation.
When do financial institutions need to file a suspicious activity report?
Financial institutions are expected to file a suspicious activity report as soon as they notice any unusual activity. The law states that the report must be filed within 30 days of the suspicious transaction. The only exception is if the organization needs to collect more evidence. In this case, they may receive an extension of up to 60 days.
Institutions should file a SAR for any kind of suspicious activity that could indicate involvement in money laundering, terrorism, or other financial crimes. As SARs are a preventative and investigative tool, banks can and should submit them even if there is no proof of an actual crime.
Examples of situations where a financial institution might file a SAR include:
- Suspected insider trading
- Large or unusual cash transactions
- Transactions that don’t correlate with the type of business (for example, a company paying a catering company for consulting fees)
- A high level of activity in usually dormant accounts
- International wire transfers or a high number of wire transfers
- Any other transaction in which the individual appears to be hiding something or illegally accessing and using funds
Who needs to file a suspicious activity report?
All financial institutions, including casinos, cryptocurrency exchanges, mortgage brokers, and non-traditional money lenders, are legally required to submit SARs whenever they notice suspicious activity.
Failure to file a suspicious activity report can result in heavy fines, prison time, and even a loss of banking contracts.
In many cases, employees are the first to notice suspicious activity and will report it to their superior. Then, a member of the compliance or anti-money laundering (AML) team will formally file the report.
While SARs are most often filed by financial institutions, any business or even a member of the general public can also use them to report suspicious financial activity.
What does a SAR look like, and how is it filed?
In the US, a suspicious activity report is a multi-page document provided by FinCEN that requires several pieces of information, including:
- The names, birthdates, addresses, Social Security numbers, and phone numbers of the account holders involved in the suspicious activity
- Dates and documentation of the suspicious transaction(s)
- Contact information for the financial institution
The first few sections of the form include fields to document the category of crime, the amount of the transaction, and the financial services and instruments involved.


All SARs must also include a narrative section. This is a written description of the event and the reasons why the person filing the report believes the transaction is suspicious. This section includes several guidelines on how to write suspicious activity reports. This ensures investigators get the full picture of the suspicious activity.

After an institution completes the SAR form, it must file it with the appropriate party. The exact process depends on the country of the reporting institution, but most systems are electronic.
In the US, all SARs must be submitted through FinCEN’s BSA e-filing system.
Investigation and SAR confidentiality
Suspicious activity does not necessarily mean a crime was actually committed, so after someone submits a SAR, the next step is an investigation. Law enforcement will dig into the details of the transaction to determine if it’s truly illegal or linked to some criminal activity. If so, they’ll then take appropriate action.
Filing a SAR is extremely confidential to ensure the sanctity of this process and to protect the public. The filer is expressly prohibited from disclosing the SAR or any information that could reveal the report’s existence. This law ensures the reported person or account will not know they have been the subject of a SAR. Similarly, publishing any details about a suspicious activity report in the media is a federal crime.
In addition, the individual who discovered the activity is not required to disclose their name or personal contact information when filing the SAR. Once received by FinCEN, each report is carefully reviewed by financial managers and attorneys who understand the importance of confidentiality and privacy. For all these reasons, the person being investigated will not know about the report unless and until they are contacted by law enforcement.
How to flag suspicious activity more easily
While monitoring account activity is essential, even small institutions can process thousands of transactions per day. This can make it difficult to properly and efficiently identify suspicious activity.
One strategy that can help flag criminal activity is to rigorously train employees. Employees will be more likely to notice suspicious transactions and act accordingly if you train them on common red flags and warning signals, how to identify suspicious transactions, and when to consider filing a suspicious activity report.
However, the most effective way to detect suspicious activity is through automated transaction monitoring as well as automated Know Your Customer (KYC) and anti-money laundering (AML) tools that can help catch risky activity and highlight suspicious transactions for employees to review. This makes it easier to deter bad actors without forcing legitimate customers to suffer unnecessarily long wait times.
Level up your AML compliance with Persona
Suspicious activity reports are a key measure in preventing money laundering and financial crime on a global scale. Appropriate and timely filing is essential for all financial institutions to protect themselves and their customers — and remain compliant. However, SARs become a burdensome process when they rely on traditional, manual monitoring and reporting. Manual reporting is also error-prone and could hinder your team’s productivity.
Our case management solutions help teams set up automated alerts and streamline the review process. If you’d like to learn more about how we can help your business, please reach out — we’d love to chat.