Suspicious Activity Reporting
Regulatory Change and the Role of Accountants

By Peter Romaniuk, Jeffry Haber, and Gary Murray

E-mail Story
Print Story
MARCH 2007 - Bank secrecy has functional and virtuous origins. From the late 18th century, the tradition of Swiss private banking evolved to facilitate early forms of international trade. But bank secrecy is no longer venerated. Far from it. Recent events—the wars on drugs and terrorism, and high-profile financial scandals—have led to increasing regulation, as governments at home and abroad seek to suppress money laundering and terrorist financing. Chief among the tools to deter and detect these ills is the Suspicious Activity Report (SAR), introduced by 1996 regulations pursuant to the Annunzio-Wylie Anti–Money Laundering Act of 1992. SARs describe suspicious financial transactions that may be relevant to a violation of the law. In some circumstances, only transactions above a certain dollar threshold trigger a SAR, but in other situations (such as insider information), no minimum dollar threshold applies.

Ongoing legislative and regulatory changes have increased the scope of suspicious activity reporting significantly. With the passage of the Patriot Act in 2001 and recent amendments to the Bank Secrecy Act, SAR requirements have been extended to broker-dealers (January 2003), insurance companies (May 2006) and, most recently, mutual funds (October 2006). Although the accounting profession is not specifically covered, accountants are bound by SAR requirements in their capacity as employees of financial institutions (see Exhibit 1). Moreover, accountants may voluntarily file SARs and may yet be bound by international mandatory reporting requirements (as they are in the United Kingdom). Prudence demands that accountants become familiar with SAR requirements and, more broadly, the anti–money laundering and counter–terrorist financing (AML/CTF) strategies used by the federal government.

Why Are SARs Useful to Law Enforcement?

The requirement to file SARs fulfills three basic functions for law enforcement.

  • First, SARs are an important source of intelligence about potential criminal activity, especially in instances where multiple SARs are filed by different financial institutions. SARs help identify new methodologies for money laundering. Both the quantitative data (such as the dollar value of transactions structured to conceal the movement of illicit funds) and the qualitative information (the reasons why the transactions are suspicious) can usefully inform assessments of future threats from money laundering and terrorist financing, as well as decisions about when to launch investigations. SARs provide important input into the government’s development of AML/CTF strategies.
  • Second, SARs offer a body of data that can be used for investigative purposes. SARs identify suspects, their accounts, their companies, and, in some cases, co-conspirators, additional witnesses, and supporting documentation. Receiving such information in “real time” can be particularly useful when suspects are under investigation. SARs explain in detail the origin of funds and how funds move into and out of accounts. This is especially important when the movements involve foreign jurisdictions that are known money-laundering concerns, such as those listed among “Non-Cooperative Countries and Territories” by the Financial Action Taskforce (FATF), the leading intergovernmental organization on AML/CTF. Viewing transactions in chronological order enables law enforcement to trace a pattern of activity, toward possible prosecution. SARs can provide key evidence of prior knowledge or prerequisite intent to violate law (e.g., statements made to bank personnel).
  • The third function of SARs is deterrence. Of course, SARs alone may be unlikely to dissuade launderers and terrorists, but they do constrain their ability to act in the financial sector. In some cases, this leads criminals to alter their tactics (e.g., by making multiple smaller transactions); this, in turn, can yield valuable information for law enforcement and increase the likelihood of detection. As money-laundering experts acknowledge, “The ultimate value of a SAR regime is best illustrated by the lengths criminals will go to avoid alerting financial institutions about a suspicious transaction” (Triflin J. Roule and Jeremy Kinsell, “Legal and Bureaucratic Impediments to Suspicious Transaction Reporting Regimes,” Journal of Money Laundering Control, Vol. 6, No. 2, 2002).

Who, What, When, Where, Why, and How Much?

SAR forms and filing instructions can be found on the website of the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN; Many institutions use their own terminology and methodology in completing SARs. Nonetheless, anyone completing a SAR should use common terms and language, or explain any distinctive terms. More-detailed guidance is available from FinCEN (, but one simple approach is to answer six key questions:

Who? Provide a complete pedigree on the subject or business (with officers) and additional signers. Include names, addresses, dates of birth, Social Security numbers, phone numbers, and occupations. Identify additional subjects not named as the accountholder. No person involved in the transaction should be notified of the SAR.

What? What made the transaction suspicious? For example, was it structured deposits, ATM withdrawals in foreign countries, or wire transfers?

When? Notate the date the activity began. Did the activity routinely occur? Over what period of time?

Where? Indicate the branches and accounts affected. Name any other financial institutions and account numbers involved. Are affected accounts open or closed?

Why? Describe any information from the customer’s file or from due diligence procedures that could be linked to the suspicious activity.

How much? Determine, if possible, the source of the funds or the disposition of the funds and the dollar value of the transactions. Be prepared to provide law enforcement and regulators with supporting documentation. Do not attach or paste objects onto the SAR form.

What Not to Do

FinCEN guidance includes the following caveat:

[L]ate filings, absence of supplementary SARs, and/or inaccuracies in SARs have an impact upon law enforcement’s ability to determine whether a crime was committed or continues to be committed, and the extent of any possible criminal activity that has been committed. Therefore, it is imperative that financial institutions not only file complete and sufficient SARs but that those SARs are filed within established deadlines (FinCEN, “Guidance on Preparing a Complete and Sufficient Suspicious Activity Report Narrative,” November 2003,

There are a number of common reasons why a SAR could be deemed incomplete:

  • The SAR does not provide the complete identifying information of the account holder/signer.
  • The narrative does not indicate whether the deposits or withdrawals were cash, checks, or wire transfers. If the deposits were in the form of checks, additional details regarding the checks would be helpful. If the deposits were in the form of cash, the SAR should indicate whether currency transaction reports were also filed.
  • The SAR does not indicate the name of the bank, account number, and beneficiary receiving the wire transfer. The SAR does not clearly indicate how many wire transfers were sent, and does not reveal the date of the wire transactions with regard to the dates of the deposits.
  • The SAR does not describe the customer’s transaction history and does not detail why this activity is suspicious in historical context.
  • The SAR fails to identify the name(s) of the signer(s) on the account and the date the account was opened.
  • The SAR does not indicate the balance prior to the deposits.
  • The SAR neither states whether the bank inquired about the purpose of the transactions and the source of the money, nor describes any possible response by the customer.
  • The information was presented in the form of a table, spreadsheet, or attachment, as opposed to a narrative.

SARs Past, Present, and Future

It might be tempting to think that the expanding SAR requirements are merely a response to the events of September 11, 2001, and will subside over time. In truth, the regulatory uptick predates the attacks and will likely outlive the war on terror. Prior to September 2001, Treasury officials had formed a Gatekeepers Working Group to engage professionals—especially lawyers and accountants—and had even discussed integrating AML standards into relevant professional standards. This has subsequently occurred in the United Kingdom, where accountants are bound by SAR requirements, whether they are acting on behalf of designated reporting bodies or not. This particular reform may yet reappear in U.S. discussions on accountants’ roles in AML/CTF. For example, FATF experts conducted an exhaustive review and recommended that accountants, as a profession, should be subject to the full range of AML/CTF measures. This would extend the SAR regime, requiring accountants to develop internal controls and apply additional scrutiny to transactions from countries of money-laundering concern.

Of course, the trend toward more-robust regulation is often met with resistance. Banks have long noted rising implementation costs. Sectors newly covered by AML/CTF measures—such as the securities and insurance industries—have raised similar concerns. Critics point out that the volume of SARs submitted to FinCEN has grown so much in recent years (Exhibit 2) that it threatens to overwhelm the agency’s capacity. Worse, many reports are effectively superfluous, as financial institutions adopt a policy of defensive filing, submitting reports merely on the basis of a weak suspicion to avoid any subsequent reprobation.

In response, regulators have endeavored to balance the burden that they place upon financial institutions by refining SAR requirements, updating guidance for filers, and improving their own analytical capacity. They have enforced compliance by imposing fines upon banks and broker-dealers for infractions related to the filing of SARs.

As more industries, companies, and clients come under SAR reporting requirements, it is important for CPAs to have an understanding of the nature, purpose, and use of SARs. Law enforcement is increasingly requiring the private sector, and the financial and accounting communities in particular, to implement AML/CTF strategies. Although notions of bank secrecy will continue to be redefined in response to evolving government priorities, an awareness of the origins and broad directions of regulatory change can benefit those trying to manage it. Knowledge of the SAR form—the who, what, when, where, why, and how much of completing it—and who must file it will put CPAs in a better position to provide advice. Regardless of whether accountants are further affected by future regulatory change, there is little doubt that a well-informed profession is better positioned to influence, and adapt to, evolving policy.

Peter Romaniuk, PhD, is an assistant professor of government at the John Jay College of Criminal Justice, CUNY, New York, N.Y. Jeffry Haber, PhD, CPA, is an associate professor of accounting at Iona College, New Rochelle, N.Y. Gary Murray is the director of the High Intensity Financial Crimes Area (HIFCA) of United States Immigration and Customs Enforcement, Department of Homeland Security.




















The CPA Journal is broadly recognized as an outstanding, technical-refereed publication aimed at public practitioners, management, educators, and other accounting professionals. It is edited by CPAs for CPAs. Our goal is to provide CPAs and other accounting professionals with the information and news to enable them to be successful accountants, managers, and executives in today's practice environments.

©2009 The New York State Society of CPAs. Legal Notices