The Scope of SARs - Something Old and Something New - WST

Did you know that filing Suspicious Activity Reports, or SARs, is not limited to just suspected financial crimes, but almost any kind of suspicious activity affecting financial institutions? SARs should be considered for several kinds of events that are out of the ordinary. This is nothing new:

With limited exceptions, SARs are used to report all types of suspicious activity affecting depository institutions, including but not limited to cash transaction structuring, money laundering, check fraud and kiting, computer intrusion, wire transfer fraud, mortgage and consumer loan fraud, embezzlement, misuse of position or self-dealing, identity theft, and terrorist financing.

It is recognized, however, that with respect to instances of possible terrorism, identity theft, and computer intrusions, the dollar thresholds for filing may not always be met. Financial institutions are encouraged to file nonetheless in appropriate situations involving these matters, based on the potential harm that such crimes can produce. Even when the dollar thresholds of the regulations are not met, financial institutions have the discretion to file a SAR and are protected by the safe harbor provided for in the statute.

Source: https://www.fdic.gov/regulations/examinations/supervisory/insights/siwin07/article03_connecting.html

Clients often ask us about appropriate “next steps” when they discover anomalous activities within their networks or have reasonable suspicions regarding client interactions or activities. The default answer: read your Incident Response Plan. But which part specifically? All financial institutions should consider including SAR filing as a formal step in incident response scenarios or playbooks.

Does your Incident Response Plan mention SAR filing requirements in all the applicable places? No? Discuss the triggers mentioned above with your Business Continuity team, Information Security Officer, and BSA staff. When in the middle of handling an incident, it may be more likely to miss or mishandle important tasks, such as the filing of a SAR. An effective Incident Response Plan is regularly tested, clearly outlines steps to be taken, and assigns responsibility.

And now for the Something New:

On January 19, 2021, FinCEN, along with Federal banking agencies, issued Answers to Frequently Asked Questions Regarding Suspicious Activity Reporting and Other Anti-Money Laundering Considerations. This document includes seven new FAQs regarding the completion and filing of suspicious activity reports by financial institutions.

The answers to the FAQs do not change any legal or regulatory requirements or expectations but are published to provide clarity and assist financial institutions with their compliance obligations. The questions cover topics such as requests to keep accounts open that are the subject of law enforcement investigations, filing SARs based on the receipt of grand jury subpoenas or law enforcement inquiries, maintenance of customer relationships following multiple SAR filings, and investigation of and filing SARs based on negative news and media alerts. The FAQs also address repeating information in the narrative that is covered in other fields of the SAR and character limits within the narrative.

This newest FAQ can be found at: https://www.fincen.gov/resources/statutes-regulations/guidance/answers-frequently-asked-questions-regarding-suspicious