Suspicious Activity Reports 101

How to train employees to pinpoint, monitor and report suspicious activity at your community bank.

By Mary Thorson Wright

Community bankers are no strangers to record keeping and reporting requirements under the Bank Secrecy Act (BSA). This includes the requirement to monitor for and report suspicious activity. In the first quarter of 2018, depository institutions filed 111,125 Suspicious Activity Reports (SARs) with the Financial Crimes Enforcement Network (FinCEN). Debit cards, credit cards, residential mortgages, prepaid access and home equity lines of credit topped the categories for which SARs were filed in each month of Q1 2018, and they totaled 78,533 of the reports filed.

On its face, the requirement to file a SAR appears simple:

  • Criminal violations involving insider abuse in any amount.
  • Criminal violations aggregating $5,000 or more when a suspect can be identified.
  • Criminal violations aggregating $25,000 or more regardless of a potential suspect.
  • Transactions conducted or attempted by, at or through the bank (or an affiliate) and aggregating $5,000 or more, if the bank or affiliate knows, suspects or has reason to suspect that the transaction:
  • may involve potential money laundering or other illegal activity
  • is designed to evade the BSA or its implementing regulations
  • has no business or apparent lawful purpose, or is not the type of transaction that the customer would normally be expected to engage in, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction.

Insider abuse and criminal activity exceeding the $5,000 and $25,000 thresholds, when detected, are most easily identifiable and clearly require a SAR. But, what does it take to detect criminal activity? What should bank employees look for, and what should they do when they suspect potentially illicit transactions or actions?

Five steps to SAR success
The BSA examination guidance maintains that effective suspicious activity monitoring and reporting systems include five key components:

  1. Identifying and alerting on unusual activity
  2. Managing the alerts
  3. SAR decision making
  4. SAR completion and filing
  5. Monitoring and SAR filing on continuing activity

Identification—through employee training and internal monitoring—is the foundation of the SAR process. The bank may receive information from outside parties, such as law enforcement inquiries or referrals, but employee discovery is critical to compliance.

Quick stat


Suspicious Activity Reports filed by depository institutions in Q1 2018

BSA training should include background and technical recordkeeping and reporting requirements, including reporting activity that continues over an extended period. It should also include the bank’s procedures. To whom should questions or alerts about unusual transactions or behavior be referred? What bank form or electronic record is used to document the occurrence(s)? What should the bank employee tell the customer, if anything? (SAR information, including the fact that a SAR was or was not filed, is generally confidential and disclosed on a limited basis.) Who can complete a SAR? Who must review, approve and sign it? And, who can submit it to FinCEN?

Training should highlight types of day-to-day activities that might be at risk for criminal activity, and the types most likely in the department or operations of the employees being trained. Use examples to breathe life into terms like “criminal violations,” “aggregation,” “smurfing” and “fraud.” Give examples of how a loan-fraud or check-kiting scheme might look.

Training that keeps bank staff informed and empowered to observe unusual or potentially suspicious transaction activity is … the cornerstone of SAR compliance.

FinCEN offers an index of topics it has reported on in The SAR Activity Review–Trends, Tips & Issues, a periodical that discusses cases of suspicious activity and the circumstances under which they occurred in financial institutions. FinCEN also publishes enforcement actions for violations of the BSA, including SAR violations, and each includes an overview of the circumstances on which the enforcement was based.

A bank’s BSA program should also include a defined system of procedures for identification, monitoring, the SAR decision-making process, maintaining supporting documentation, filing SAR records, and pertinent communications with FinCEN and the bank’s primary regulatory agency. The SAR process must be included in the scope of the bank’s periodic independent review of the BSA program.

SARs serve as vital law enforcement tools to identify and track funds derived from criminal activity. Training that keeps community bank staff informed and empowered to observe unusual or potentially suspicious transaction activity is a good risk-management practice, and the cornerstone of SAR compliance.

Mary Thorson Wright, a former Federal Reserve examiner, is a financial writer in Virginia.