In 2018, more than 2.100 SARs leaked from the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), exposing their weaknesses and insensitivities. Known as the FinCEN Files, the wrongdoing exposed by Buzzfeed News and the International Consortium of Investigative Journalists (ICIJ) demonstrated how an ineffective SAR regime pushed major global financial institutions to facilitate money laundering, drug trafficking, terrorism, and Ponzi schemes.
Law enforcement agencies and financial intelligence units (FIU) are flooded with poor quality reports, making it burdensome or near impossible to handle them with the attention they deserve. So, what makes a perfect SAR?
What is/is not a SAR
Before diving into the technical aspects of how to write a perfect Suspicious Activity Report, one must first understand what an SAR is and what it is not.An SAR is not a defensive document used for backside covering, meaning they don’t exist to appease authorities, make your financial institution look good, or to avoid fines. Reporting a suspicious behaviour should be a proactive activity to stop the flow of dark money, not to shield a bank from past mistakes or negligence.
How do you construct a narrative for an SAR?
SARs are read by analysts in national FIUs who must try to understand who your client is and why the transaction he/she performed is suspicious. To avoid the mistake of writing a confusing or incomplete report that has little use, put yourself in the shoes of the reader.To help you write a better narrative for your STRs, use the 5 W’s:
-
Who: Incorporate the necessary information on the identity of the person/s that you are reporting on. This includes their name, address, job title, date of birth, and account number. If a pet store employee is dealing in transactions that are beyond their income, or a nineteen-year-old is handling millions of euros, this can help the FIU analyst to quickly pinpoint the suspicious behaviour. For companies, make sure to list the identities of the UBOs.
-
When: Add the precise date of when the suspicious behaviour occurred. If it happened over a span of time, write out the timeline of events. If the activity involved multiple withdrawals at an ATM, give the precise hours of each withdrawal. This will help the FIU analyst get a better sense of how the suspicious activity evolved.
-
Where: If applicable, be sure to include the location of where the suspicious action took place such as the address of the branch or of the ATM. A person who lives in one town but goes to another town to withdraw cash or goes to multiple branches to deposit cash can help FIU analysts spot the warning signs of an illegal activity.
-
What: Detail what happened that made you think that the activity was suspicious. List the various steps of the transaction/s and/or cash withdrawals/deposits. This is where the FIU analyst will truly understand what happened. Be concise but don’t leave out necessary details and make sure to add how the activity was flagged – monitoring tool, lookback, etc.
-
Why: Explain why you think the behaviour is suspicious. List the reasons: money laundering, tax evasion, funnel account, etc. This will help the FIU analyst in categorising your report. FIUs like FinCEN want you to use keywords to help flag the type of activity you are reporting on. Their list of keywords can be helpful to any financial institutions around the world.
Dos and don'ts of a Suspicious Activity Report
Now that you are aware of what constitutes a good narrative for an STR, let’s look at what makes a Suspicious Activity Report stand out and what doesn’t.
Keep it simple: use an active tense when writing your report. Be sure to use simple words and concise concepts. Don't go overboard with technical concepts and always write out any acronyms.
Quotes: if the client had a conversation with a staff member of the bank, you may quote him/her if you believe that it adds to the narrative or accentuates his/her suspicious behaviour. However, do not twist his/her words or add non-existent meaning to them. Use quotes sparsely and only if necessary.
Confidentiality: keep your reports confidential. Do not distribute them, talk about them with colleagues that don’t need to be aware of the document, refer to them when talking to a client, or menace a client with them. Only a handful of closely connected people such as the compliance or AML departments must know about the reports.
Connections: do state any connections that your client may have with another client performing shady business in the same financial institution. Be clear on how they are connected and try to find out if the connection is behaving in the same way. If you discover an ensemble of people executing the same dubious transactions, you can group them together into the same SAR.
Copies: after sending the report to your local FIU, always keep a copy. This will make it easier to retrieve the information if the FIU asks you to follow-up with further material or data.
Keep it short: don’t write an excessively long and detailed report. You are not writing a scholarly article or a PhD dissertation. Keep the narrative to maximum one page, or one page and a half if strictly necessary.
Repetitions: do not repeat information. If a client’s identity information is stated somewhere in the report, there is no need to repeat it in the narrative, unless that material is indispensable for highlighting why you believe the activity is suspicious.
Bullet points: avoid bullet points unless you are listing something. Do not write the entire narrative in bullet points as you might make your story confusing and hard to put together. You can use them to list a selection of transactions but use them sparsely throughout your document.
Shopping lists: closely connected to the previous point is providing a long list of transactions in your report. Avoid writing out lengthy and heavy “shopping lists.” Instead, try to highlight the most important transactions and summarize the remaining ones. If interested, FIUs will ask you to provide the full list of transactions in their follow-up.
Deadlines: try to avoid sending an SAR to your FIU beyond its 30-day submission deadline (the date can differ based on your country.) Late STRs can hinder investigations and make it harder to stop the suspicious activity or track down the felonious client. FinCEN Files showed that the median reporting time for an SAR was 166 days with Barclay’s median being 1.205 days.
Quality vs quantity
Financial Intelligence Units are swamped with STRs and are unable to sift through them in an efficient manner. Between 2011 and 2017, FinCEN received over 12 million SARs from financial institutions.This defensive mechanism is often associated with excessive reporting. Known as “crying wolf,” SARs are often drafted for any behaviour or transaction that is even slightly suspicious without an actual investigation from the part of the financial institution just to “protect” themselves from regulators and showcase that their AML/CTF regimes are optimal. However, 90% of all STRs have no immediate value with only 10% leading to an investigation by FIUs.
Understanding what an STR is, perfecting narrative, and knowing the right keywords is useless if one does not focus their attention on quality over quantity, and those elements put together are the key to writing the perfect SAR.