The Suspicious Activity Report (SAR) was created by five federal financial agencies and the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). The purpose of the SAR is to report a suspicious transaction relevant to a possible violation of law or regulation. The SAR must be electronically filed through FinCEN’s Bank Secrecy Act (BSA) E-Filing System. Financial information retrieved from a SAR assists the US Government with combating terrorism, terrorist financing, money laundering, and other financial crimes.
The quality of information provided in a SAR narrative is important
In December 2018, Judge Denise Cote of the Southern District of New York ruled in favor of the Securities Exchange Commission (SEC) in Case 1:17-cv-04179-DLC Document 174 Filed 12/11/18 (U.S. SEC versus ALPINE SECURITIES CORPORATION regarding the type of information must be included in the narrative section of a SAR filing. Judge Cote concluded that the Defendant – Alpine Securities – violated Rule 17a-8 (Financial recordkeeping and reporting of currency and foreign transactions) by:
- Filing required SARs with deficient narrative
- Failing to file SARs for groups of suspicions liquidation transactions
- Failing to maintain and produce SAR support files
The takeaway from this ruling is that Financial Institutions ought to pay attention to the quality of their SAR narrative. It is in the best interest of a Financial Institution to ensure that the BSA filing process conforms with FinCEN’s Guidance on Preparing a Complete & Sufficient Suspicious Activity Report Narrative:
https://www.fincen.gov/sites/default/files/shared/sarnarrcompletguidfinal_112003.pdf and Keys to Writing a Complete & Sufficient SAR Narrative: https://www.fincen.gov/sites/default/files/shared/writingcompletesarnarrative_1103.ppt.
FinCEN states that the SAR Narrative should identify the essential elements of the information:
- Who is conducting the criminal or suspicious activity?
- What instruments or mechanisms facilitate the suspect activity/transactions?
- When did the criminal or suspicious activity occur?
- Where did the suspicious activity take place?
- Why does the institution think the activity is suspicious?
- How did the suspicious activity occur?
What is reported in a SAR?
- Insider abuse of a financial institution, involving any amount, detected by an institution;
- Federal crimes against, or involving transactions conducted through a financial institution that the financial institution detects and that involve at least $5,000 if a suspect can be identified, or at least $25,000 regardless of whether a suspect can be identified;
- Transactions of at least $5,000 that the institution knows, suspects, or has reason to suspect involve funds from illegal activities or are attempts to hide those funds;
- Transactions of at least $5,000 that the institution knows, suspects or has reason to suspect are designed to evade any regulations promulgated under the BSA; and
- Transactions of at least $5,000 that the institution knows, suspects, or has reason to suspect have no business or apparent lawful purpose or are not the sort in which the particular customer would normally be expected to engage and for which the institution knows of no reasonable explanation after due investigation.
Who Must File the SAR?
- Bank and Financial Holding Companies
- Casinos and Card Clubs
- Money Services Businesses
- Brokers or Dealers in Securities
- Mutual Funds
- Insurance Companies
- Futures Commission Merchants
- Introducing Brokers in Commodities
- Residential Mortgage Lenders and Originators
A SAR is confidential
A SAR and any information that would reveal its existence is confidential and may not be disclosed. No bank, and no director, officer, employee, or agent of a bank that reports a suspicious transaction may notify any person involved in the transaction that the transaction has been reported. A SAR and any information that would reveal the existence of a SAR is confidential, except as is necessary to fulfill BSA obligations and responsibilities.
The SAR may only be shared appropriately with:
(2) Federal, state, or local law enforcement agency;
(3) Federal regulatory agency that examines the depository institution for compliance with the BSA;
(4) State regulatory authority that examines the depository institution for compliance with state laws requiring compliance with the BSA.
(5) A U.S. bank or savings association may share a SAR with its controlling company (whether domestic or foreign). The sharing of a SAR or, more broadly, any information that would reveal the existence of a
SAR, with a head office or controlling company (including overseas) promotes compliance with
the applicable requirements of the BSA by enabling the head office or controlling company to
discharge its oversight responsibilities with respect to enterprise-wide risk management,
including oversight of a depository institution’s compliance with applicable laws and regulation.
What information on the SAR may appropriately be shared?
- the disclosure of the underlying facts, transactions, and documents upon which a SAR is based, including, but not limited to, disclosures related to filing a joint SAR and in connection with certain employment references or termination notices; and
- the sharing of a SAR, or any information that would reveal the existence of a SAR, within a depository institution’s corporate organizational structure for purposes consistent with Title II of the BSA, as determined by regulation or in guidance
When is a SAR filing required?
- No later than 30 calendar days after the date of the initial detection by the reporting financial institution of facts that may constitute a basis for filing a report.
- If no suspect is identified on the date of such initial detection, a financial institution may delay filing a FinCEN SAR for an additional 30 calendar days to identify a suspect, but in no case shall reporting be delayed more than 60 calendar days after the date of such initial detection.
Don’t be a victim of your own making
Identifying unusual activities can be a daunting task. Financial Institutions ought to review their internal policies, procedures, and processes for identifying, researching, and reporting suspicious activity and ensure that SARs are complete, through and submitted timely. In addition, Board Members at Financial Institutions ought to be consistently aware of their fiduciary duties as it relates to the privacy and confidentiality of the existence and content of a SAR. Financial Institutions ought to consult with specialized compliance advisors to ensure that the content of the SARs meet all the BSA requirements.