The best practices for effective Suspicious Activity Reporting

By Fred McDowell, senior manager in the financial crime team at fscom

Global money laundering transactions for 2020 have been estimated to account for a staggering $2.3 trillion, according to the United Nations. In response, national regulators continue to require banks to monitor and report suspicious activity in financial transactions.

These are known as suspicious activity reports (SARs) in the UK – or suspicious transaction reports (STRs) in Ireland. SARs matter because they capture activity that potentially relates to money laundering or terrorist financing, but which law enforcement would otherwise simply not see.

In my career, I have developed expertise in SARs both in senior roles in the banking sector and more recently while carrying out independent audits of firms for fscom. In a recent webinar, I shared my top tips for improving the way you identify and report suspicious activity. You can watch the webinar here, but this blog highlights some of the key takeaways.


The strict reporting obligations on financial institutions and their staff

The UK’s Proceeds of Crime Act and Terrorism Act require persons working in the regulated financial sector to submit a SAR about information that comes to them, if they know, suspect or have reasonable grounds to think a person is engaged in or attempting money laundering or terrorist financing. Ireland’s Criminal Justice Act has an almost identical requirement.

The legislation penalises firms and potentially staff, that do not comply. If a firm reports a SAR, it is an offence to tip off the subject of that report. It is also an offence to fail to report suspicious activity. In the UK and Ireland, the offences of Tipping Off and Failing to Report come with financial fines and / or imprisonment.

The UK’s Financial Intelligence Unit (FIU) received 460,000 SARs last year, 70% come from frontline staff (who directly engage with clients), 28% from the compliance function, and 2% from external or internal audits.


How can compliance officers identify suspicious activity?

A challenge is that “suspicion” is not defined in legislation. But in short, submitting a SAR does not require hard evidence – the role of a compliance officer is not to secure convictions but to pass suspicions to law enforcement who will decide the appropriate investigative steps.

Suspicious activity does not depend on the size of the transaction so compliance officers should be vigilant even for small transactions. Indicators of suspicious activity could include:

  • Transactions that appear to be unnecessarily complex.
  • Complex ownership structures that make it difficult to identify the beneficial owners, without a clear explanation of why that structure merits being so complex.
  • Transactional volumes that are inconsistent with the Know-Your-Customer checks carried out on the client.
  • Unexplained deposits of cash.
  • Loan repayments that do not match a customer’s reported income and ability to repay.


Best practices for identifying and reporting suspicious activity

Firms looking to meet their reporting obligations must put in place robust yet proportionate controls, undertake monitoring and have ongoing due diligence processes. These steps will help identify activity that merits investigation and might ultimately warrant SARs. In reality, 25% of SARs come from onboarding and periodic reviews, 40% arise from transaction monitoring alerts, and 35% stem from client engagement, such as loan or mortgage applications.

The ideal operating model for a financial institution seeking to improve their detection and reporting of suspicious activity should comprise:

  • Robust onboarding processes that are regularly reviewed to ensure they are fit for purpose.
  • Strong and proportionate risk rating systems, with Enhanced Due Diligence for higher risk rated clients.
  • Carefully considered transaction monitoring rule sets which are regularly reviewed – rather than manual monitoring of transaction monitoring alerts which often see arrears.
  • A compliance framework that evolves over time in line with the firm’s growth.

While this is a good ambition to work towards, there is usually a balance to be struck. Companies should also bear in mind that they can never remove the risk entirely in the financial services industry. Compliance is about trying to identify and understand what the risks are. The operating model should be proportionate to your business and the risks you face.

Failing to put in place an effective operating model increases the risk of money laundering and makes firms more open to criminals. For example, money launderers or terrorist financers will open accounts in different banks to try to find lax controls and will share that information with other criminals.


MLROs: the first line of defence for SARs

Money Laundering Reporting Officers (MLROs) have a critical role in helping a company to follow best practices around SARs and are usually responsible for submitting the SAR to the FIU. They should provide regular SAR awareness training to staff across the business. This must make clear that there is a requirement to report suspicious activity, the likely grounds for suspicion, and the practicalities of where to find and file a report.

MLROs should also consider the following when handling SARs and STRs:

  • Acknowledge a report whenever a colleague submits one and ensure confidentiality in the process.
  • Investigate the report as promptly as possible, requesting supporting documentation when required.
  • Explain why there are – or are not – grounds for suspicion to report. If the suspicion seems to be justified, submit the report to the relevant FIU as soon as possible.
  • Maintain a tracking log of all SARs to ensure oversight of the reporting process and keep it up to date.
  • Capture the number of SARs received and submitted to FIUs for ongoing AML management reporting to the senior management and Board.


To find out more about how you can meet your reporting obligations and deter criminals from trying to launder money or terrorist financing through your firm, you can watch the webinar in full here.

Related Posts

Press Release

fscom Press Release

FSCom Limited (fscom) a leading specialist consulting firm providing governance, risk and compliance solutions to financial services institutions in the UK and Ireland, today announced

Read More