Blog Login
AML

What Is a SAR Report? Suspicious Activity Reporting Explained

A

Anzar Dewani

3 hours ago

A SAR report is a confidential filing that fintechs submit to FinCEN when they detect suspicious financial activity. Here is what it is, what it contains, and why it matters for your compliance program.

What Is a SAR Report? Suspicious Activity Reporting Explained

A SAR report — short for Suspicious Activity Report — is a confidential document that covered financial institutions are legally required to file with FinCEN when they detect activity that may indicate money laundering, fraud, or other financial crime. It is one of the most important compliance outputs of a fintech's AML program and one of the most consequential regulatory obligations under the Bank Secrecy Act.

What a SAR Is

A Suspicious Activity Report is a standardized form filed electronically with the Financial Crimes Enforcement Network through FinCEN's BSA E-Filing System. It documents specific suspicious activity — who was involved, what happened, when it occurred, and why the activity is suspicious.

SARs serve a critical law enforcement function. FinCEN aggregates SAR data from thousands of financial institutions across the U.S. and makes it available to law enforcement agencies — the FBI, DEA, IRS Criminal Investigation, Homeland Security Investigations, and others — for use in financial crime investigations. A SAR filed by one institution may connect to investigations involving dozens of other institutions and thousands of transactions.

What a SAR Is Not

A SAR is not a criminal report or a complaint. Filing a SAR does not initiate a criminal investigation. It adds to a database of financial intelligence that law enforcement may or may not use in current or future investigations.

A SAR is not a finding of wrongdoing. Filing a SAR does not mean the subject of the report has committed a crime — it means the filing institution has a reasonable suspicion that the activity may involve criminal conduct.

A SAR is not public. SARs are strictly confidential. The filing institution cannot disclose to the subject, to any related party, or to any outside person that a SAR has been filed. This confidentiality rule is enforced by federal law.

What Is In a SAR

A completed SAR contains several categories of information.

Subject information covers the identifying details of the individual or entity whose activity is being reported — name, address, date of birth, Social Security Number or other identification number, account numbers, and any other available identifying information.

Transaction information covers the specific transactions that triggered the SAR — amounts, dates, transaction types, counterparties, and the financial institutions involved.

Suspicious activity type identifies the category of suspicious activity — structuring, money laundering, fraud, identity theft, terrorist financing, or other applicable categories.

The narrative is the most important element. It is a written description of the suspicious activity that must be clear, specific, factual, and complete enough for a law enforcement agent who has never seen the account to understand exactly what happened and why it is suspicious.

Who Files SARs

SAR filing requirements apply to financial institutions covered by the Bank Secrecy Act — including banks, credit unions, broker-dealers, Money Services Businesses, and other covered institutions. For fintechs, MSB status triggers independent SAR filing obligations.

Fintechs operating under sponsor bank arrangements should have their SAR filing responsibilities clearly defined in their program agreement — some arrangements require the fintech to file independently, others route filings through the bank, and some require coordination between both parties.

When a SAR Must Be Filed

A SAR must be filed when a covered institution knows, suspects, or has reason to suspect that a transaction involves funds from illegal activity, is designed to evade BSA reporting requirements, has no apparent lawful purpose, or involves use of the institution to facilitate criminal activity — and the transaction meets the applicable dollar threshold.

For most fintechs and MSBs the threshold is $2,000. For banks and broker-dealers it is $5,000.

The filing deadline is 30 calendar days from the date suspicious activity is initially detected. Missing this deadline is a BSA violation. For a complete breakdown of SAR filing requirements, see our guide on SAR filing requirements.

The Confidentiality Rule

The SAR confidentiality rule is one of the most important operational compliance requirements associated with SAR filing. It is a federal crime to disclose to the subject of a SAR — or to any other outside party — that a SAR has been filed or is being considered. This prohibition applies to everyone in the organization.

Customer-facing staff need specific training on this rule. When customers ask why their account is restricted or under review, staff cannot confirm or deny that a SAR is involved. This requires clear guidance and consistent application across the organization.

Frequently Asked Questions

Does the subject of a SAR know one was filed?

No. SAR filings are confidential and the subject is never notified. Federal law prohibits disclosure that a SAR has been filed or is being considered. This is one of the most strictly enforced aspects of BSA compliance.

What happens after a SAR is filed?

After filing, the SAR enters FinCEN's database of financial intelligence. FinCEN may share it with law enforcement agencies. The filing institution typically hears nothing further — law enforcement does not confirm receipt or provide feedback on individual SAR filings. The filing institution simply maintains its records and continues monitoring the account.

Can a business file a SAR voluntarily even if not technically required?

Financial institutions that are not covered by mandatory SAR filing requirements may file voluntary SARs. Voluntary SARs are accepted by FinCEN and receive the same safe harbor protections as mandatory filings.

How ComplyOne Helps

ComplyOne helps fintechs build SAR programs that work — from detection and transaction monitoring through filing and recordkeeping — through advisory services, compliance technology, or both. Learn more about how to file a SAR.

 

 

Talk to the ComplyOne team to get started.

The information in this article is for general educational purposes and does not constitute legal or regulatory advice. Consult a qualified compliance professional for guidance specific to your situation.

Share this article:

Related Articles