What Are Suspicious Transactions / Activities?
A suspicious transaction refers to any transaction that causes a reporting entity to mistrust or feels apprehensive due to its unusual nature or circumstance or due to the person(s) involved. These suspicions are assessed according to a risk-based approach for customer due diligence, transaction and behavioral monitoring and payment screening. In countries with a robust AML and CFT framework, financial entities are legally required to file an STR as soon as a suspicious transaction is discovered. Reports are filed where there is a suspicion that:
- clients are funding goods/services using the proceeds of crime;
- clients’ wealth has been derived from terrorist financing;
- clients are in contravention of financial sanctions
- clients are laundering illegal funds
Reports must be filed within 30 days of becoming aware of the suspicious activity or transactions, but this can be extended to 60 days if further investigation or information is required to support the report. The Financial Intelligence Centre uses these reports to develop financial intelligence reports, which are disseminated to law enforcement and prosecuting authorities for both investigative work and applications for asset forfeiture.
The filing of SARs is mandated of all financial institutions by the Financial Action Task Force (FATF) as part of a comprehensive anti-money laundering framework.
What Triggers a Suspicious Activity Report?
Specific circumstances will trigger a SAR, including transactions over a certain value, international money transfers over a certain value, or unusual transactions or account activity. If customers suddenly deposit and quickly withdraw vast sums of money that are out of pattern for their claimed business or usual profile, it would merit suspicion. SARs may also be filed if a financial institution believes that employees are behaving in a suspicious manner or if their network was hacked or otherwise compromised.
How to File a SAR
Most financial institutions have a nominated AML or compliance officer who serves as the point of contact for any employee who wishes to report suspicious activities. They are also responsible for submitting the SAR to the relevant authorities.
In the US, reports can be electronically filed through the Financial Crimes Enforcement Network (FinCEN) e-filing system. Each SAR could contain as much information as possible, and any item marked with an asterisk should be completed even if the data is unknown. In the UK, SARs are submitted to the National Crime Agency by nominated officers in physical format or through the Online system.
The e-filing system will provide prompts and instructions where filers should complete the various instructions or check the “Unknown” box where possible if the required data isn’t available.
Corrected reports can be filed whenever errors are discovered in the information previously reported in a SAR report, and the 1b “Correct/Amend prior report” box must be checked. Continuing reports should be filed on suspicious activity that continues after the initial SAR was filed.
Important Do’s and Don’ts When Filing a SAR
Several thousand SARs are filed every single day, which is why it is imperative that reports are completed accurately. A few simple do’s, and don’ts include:
- Do include how the activity was detected and why it raised suspicions
- Don’t repeat information already reflected in other sections of the form
- Do describe elements not reflected in the names/numbers, including comments made in passing, behavior or appearance
- Don’t provide length transaction detail lists
- Do include an explanation of why activities are not the norm
- Don’t provide too little detail
- Do use simple, concise sentences
The Challenges of Filing a SAR/STR
While suspicious activity reporting is an essential component of fighting financial crime and terrorist financing, it’s not without its challenges and failures.
STRs need to be comprehensive and filed within strict, stipulated time frames. For companies with limited resources and expertise, the repetitive and cumbersome nature of STR filing can be a considerable drain. Huge amounts of resources need to be analyzed and manually submitted, and since STRs are sensitive, only a limited number of people can be involved in filing a report. This can add a heavy workload for compliance officers and relevant staff, who cannot outsource this function. Financial institutions and their employees are also prohibited by law from disclosing that STRs are being filed, which adds further limitations, barriers and restrictions to internal processes.
Filing an STR is rarely the end of the matter. Once STRs have been filed, the Regulator can request further information for up to five years. If the person who originally filed the report moved on to a different position, or if systems changed, retrospectively locating and providing the information can prove difficult to manage.