Guide: FinCEN’s Suspicious Activity Report (SAR) for VASPs

Table of Contents

Introduction – 2020 SAR Update

On May 26 2020, the Financial Crimes Enforcement Network (FinCEN) issued a notice to request comments on its proposed renewal of how it currently collects information for Suspicious Activity Reports (SARs), in order to cut down on its paperwork burden. The window for written comments will close on 27 July 2020.

The United States’ Bank Secrecy Act (BSA) obligates financial institutions, which includes virtual asset service providers (VASPs), to report suspicious transactions to FinCEN.

While the latest renewal offers no changes to current information collection procedures, FinCEN now proposes an updated burden estimate to prepare, file and records SARs. It has changed its estimate from 120 minutes per SAR to a range of 25 to 315 minutes, as 4 in 5 SARS takes between 45 to 75 minutes to complete.

FinCEN’s new SAR estimates will help VASPs like crypto exchanges operating in the United States to complete their SARs in a more efficient and less time-consuming manner.

In this guide, we take a closer look at what SARs are, why they’re required and how they impact financial institutions and the crypto industry.

What is a Suspicious Activity Report (SAR)? 

A Suspicious Activity Report (SAR) is a standardized document that U.S. financial institutions must file with the Financial Crimes Enforcement Network (FinCEN) if they suspect possible money laundering, terrorism funding or fraud. 

FinCEN uses the SAR requirement as a tool to help enforce the U.S.’ Bank Secrecy Act (BSA) of 1970. The SAR mechanism ensures that transactions that are out of the ordinary and outside the scope of existing legislation are reported to the authorities if relevant financial institutions believe that the parties involved are or behaving illicitly, or intend to. Suspicious Activity Reports have been used in the U.S. since 1996.

What’s the purpose of a Suspicious Activity Report?

The goal of a Suspicious Activity Report is to identify domestic and global criminals involved with money laundering, fraud, and terrorism. It covers regulatory blindspots and helps to detect and analyze criminal behavior. This enables law enforcement to apprehend criminals and prevent further criminal activity.

FinCEN also shares SARs and important BSA-related data with bank supervisory agencies and helps to analyze data for new criminal trends and patterns. 

What’s the difference between CTRs and SARs? 

U.S. financial institutions are required to file a Currency Transaction Report (CTR) for every deposit, withdrawal or other transaction they deal with that exceeds $10,000 in value. 

The difference between a CTR and SAR is therefore:

A Currency Transaction Report (CTR) should be filed when a transaction or series of transactions exceeds the $10,000 threshold within a 24 hour period. 

A Suspicious Activity Report (SAR) must be filed when financial institutions become aware of suspicious behavior that could potentially be crime-related. 

SAR Thresholds

According to FinCEN’s SAR guidance, the following monetary thresholds apply to SARs:

  • for transactions conducted or attempted by, at or through a money services business or its agent, the threshold of $2,000 applies;
  • for transactions identified by issuers of money orders or traveler’s checks from a review of clearance records or other similar records of instruments that have been sold or processed, the threshold of $5,000 applies.

Therefore, crypto MSBs must report suspicious transactions over $2,000.

Who regulates Suspicious Activity Reports?

Suspicious Activity Reports are a vital part of the States’ anti-money laundering and counter-terrorism-financing (AML/CFT) policy and has grown in importance after 2001, thanks to the USA Patriot Act’s extensive new SAR requirements.

The Financial Crimes Enforcement Network (FinCEN), as mandated by the U.S. Treasury uses the SAR in accordance with the Bank Secrecy Act (BSA) of 1970 to identify and bring its violators to justice. This includes uncovering money laundering, terrorism and illicit activities like fraud and Ponzi schemes. SARs are really useful to help authorities gain a holistic overview of illicit financial behavior in the U.S. and create predictive models and countering procedures to reduce it.

SAR variants can be found in jurisdictions around the world, and are also referred to as Suspicious Transaction Report (STR). For example, the Financial Action Task Force (FATF), whose guidances extend to almost every country in the world, requires STRs to be promptly filed with a local Financial Intelligence Unit (FIU) upon discovery, whenever there is reason to believe a specific transaction is related to a crime, as per its Recommendation 20. 

When should a Suspicious Activity Report be filed?

In the United States, financial institutions (FIs) must file a report with the AML/CFT regulator FinCEN within 30 DAYS after their detection of suspicious activity, such as insider trading, unlicensed money service businesses (MSBs), computer hacks, money laundering and more.

If the financial institution requires more time, they can request an extension of up to 60 days. SAR records must be kept for 5 years. FIs that fail to report a financial crime with an SAR can be subject to both civil and criminal punishment, such as license revocation, fines, and prison sentences. 

After its filing, FinCEN will investigate the SAR in question, without disclosing it to the parties of interest. 

Which financial institutions are obligated to file SARs? 

The usual suspects of U.S. financial institutions are required to file SAR reports, such as banks and banking-related organizations like brokers and credit unions, as well as various money service providers (MSBs). However, insurance businesses, precious metal dealers and even casinos and other gambling-related entities must file SARs when applicable under the BSA. 

Who can report a Suspicious Activity Report?

Financial institutions need to train their staff to identify, flag and look into illicit behavior, such as strange transmittal patterns or amounts or large deposits into previously dormant accounts. 

Most SARs come from the financial sector, however, any U.S. citizen, whether from the private or public sector or in a personal capacity, has the right to file a Suspicious Activity Report (SAR) if they feel the need to. 

How to file a Suspicious Activity Report

Since 2013, SARs can be filed in a standardized format on the BSA e-filing system here. 

The SAR filing system requires five fields of information:

  1. Personal information: Name, Address, Social Security Number, Date of Birth, etc. 
  2. Date of incident, and code of incident type
  3. Information about the financial institution where the incident happened
  4. Contact details for the financial institution
  5. A written description is generated to help explain the incident

You can learn more about filing an SAR by clicking here:

The Crypto Industry and Suspicious Activity Reports

Since 2013, FinCEN has received more than 70,000 cryptocurrency-related SARs, more so as virtual asset usage proliferated in recent years.

After its May guidance and increasing regulatory pressure in 2019, FinCEN director Ken A. Blanco expressed his satisfaction with the virtual asset industry’s response in 2019. From May to December 2019, over 11,000 Suspicious Activity Reports were filed by crypto-related financial institutions.

Kenneth A. Blanco
Acting Assistant Attorney General Kenneth A. Blanco.

Mr. Blanco concluded at the time: “ “It is encouraging that CVC entities, dozens of whom had never filed a SAR report prior to the May advisory, are using the red flags and reporting suspicious activity back to us.”

However, in May 2020, Mr. Blanco was less optimistic during a virtual talk at Consensus Distributed on the FATF Travel Rule.

Blanco said that between 2014 to 2020, only 0.59% of the 12 million SARs received were crypto-related. It remained “paramount” for the crypto industry to self-report. The FinCEN director also issued a warning to offshore crypto businesses who continued to avoid registration as MSBs and the duties that come with it such as a cohesive AML system and SAR commitments.

“We are increasingly concerned that businesses located outside the United States continue to try to do business with U.S. persons without complying with our rules. If you want access to the U.S. financial system, and the U.S. market, you must abide by the rules. We are serious about enforcing our regulations.”

Ken Blanco, FinCEN director


Japan's History of Crypto Asset Regulation: 2014-2020

What is the FATF Secretariat?