The document outlines the importance of Suspicious Activity Reporting (SAR) as a key component of the Bank Secrecy Act, emphasizing its role in combating financial crimes such as money laundering and terrorist financing. It details the requirements for filing SARs, challenges faced by financial institutions in monitoring and reporting suspicious activities, and the essential components of an effective reporting system. The document also introduces Hexanika, a fintech company that offers solutions to address data sourcing and reporting challenges for regulatory compliance.

1. Overview Of SAR (Suspicious Activity
Reporting)
Suspicious Activity Reporting (SAR) forms the cornerstone of the Bank Secrecy Act (BSA) and provides
critical financial information to combat terrorist financing, money laundering, and other financial crimes.
To comply with this requirement, it is essential for financial institutions to have in place sophisticated
monitoring and reporting processes capable of identifying and monitoring transactions and activities.
Financial Institutions need capable and adequate staff to successfully identify, research and report
suspicious activities.
To successfully identify the parties involved in any suspicious activity or money laundering/fraud
processes, timely identification and reporting of the same is crucial. The Financial Crimes Enforcement
Network ('FinCEN') has instituted various changes and updates to the requirements to enhance the
process.
We will take a look at SAR requirements and challenges for financial institutions and focus on the
solutions that can be enacted to stay compliant.
What is a SAR?
A Suspicious Activity Report (SAR) is a uniform reporting document filed by financial institutions to the
Financial Crimes Enforcement Network (FinCEN) in the case of a suspected incident of money laundering
or fraud. These reports were brought into play under the United States Bank Secrecy Act (BSA) of 1970.
As of April 1, 2013, this is the only acceptable format for submitting suspicious activity reports to
FinCEN. 1
1
FINCEN: FAQs on SAR

2. Screenshot of FINCEN SAR Report Generator
A SAR must be filed within 30 days after the date of initial detection of the suspicious activity. Financial
institutions are required to keep a copy of the SAR and the original business record of any supporting
documentation for five years. Federal law requires that financial institution and its directors, officers,
employees and agents who report suspected activities or known violations are strictly banned from
disclosing any information to the person involved in the transaction about that transaction being
reported.2
A transaction includes a deposit; a withdrawal; a transfer between accounts; an exchange of currency;
an extension of credit; a purchase or sale of any stock, bond, certificate of deposit, or other monetary
instrument or investment security; or any other payment, transfer, or delivery by, though, or to a bank.
Since February 24, 2012, the FinCEN regulatory body made extensions and exemptions to allow FinCEN
reports to be filed electronically. This step was taken in an effort to improve efficiency, reduce
government and industry costs, and enhance the ability of investigators, analysts, and examiners to gain
better and timely access to important financial information.3
Challenges for SAR
Financial institutions and their employees face civil and criminal penalties for failing to properly file
suspicious activity reports, including large fines or added regulatory restrictions. Total monetary
settlements levied for money laundering, sanctions and tax evasion by the regulators and law
enforcement agencies surpassed $13.4 billion for the year 2014. Four international banks paid U.S.
authorities more than $300 million each, with some paying out significantly more.4
Suspicious activity monitoring and reporting are critical internal controls, which require enhanced
systems to ensure proper surveillance (automation), transaction identification and matching, or a
combination of these. Banks should also employ sufficient resources keeping in mind their overall risk
profile and transaction volume.
Meticulous Identification and Monitoring Requirements
A transaction monitoring system typically targets specific types of transactions, prominently those
targeting large amounts of cash and/or those from foreign geographies, and includes a manual review of
various reports in order to identify unusual activities. These include currency activity reports, funds
transfers reports, monetary instrument sales reports, significant balance change reports, ATM
transaction reports, nonsufficient funds (NFS) reports and more. The process involves review of daily
reports or reports that cover a particular timespan or a combination of both.
This creates various challenges:
2
TechTarget: Suspicious Activity Report (SAR)
3
FinCEN: FinCEN Reports Going Paperless
4
Kaufmann Rossin: Regulators Issued Fewer AML Fines in 2014, But Packed a Bigger Punch

3. 1. Handling large data volumes: Most legacy systems are incapable of analysis and storage of large
data volumes.
2. Updates to identification rules: Banks deploy a certain set of filters or rules to help identify
certain behavior that it deems ‘suspicious’. As the definition of "suspicious" keeps being
updated, the process of updating the system with new rules can be time consuming and
complex.
3. Innumerable data sources: For creation of reports, the system refers to data from disparate
sources, requiring frequent backtracking and cross checking. When dealing with large quantities
of data, data lineage and linkage issues might crop up, eventually leading to the next challenge.
4. Data Accuracy: Reviewers need to constantly crosscheck the data source and match the data
fetched in reports to ensure that the data is accurate. As SAR requires suspicious activities to be
reported within a particular timeframe, ensuring data quality becomes even more critical.
5. Frequent Report Generation and Updating: Although FinCEN has provided sufficient
streamlining in the reporting format requirement, bank generated reports need to be update
from time to time to remain up to date.
The Components for SAR Compliance
The five key components to an effective monitoring and reporting system are:
1. Identification or alert of unusual activity (which may include: employee identification, law
enforcement inquiries, other referrals, and transaction and surveillance monitoring system
output).
2. Managing alerts.
3. SAR decision making.
4. SAR completion and filing.
5. Monitoring and SAR filing on continuing activity.
These components are present in banks of all sizes. However, the structure and formality of the
components may vary. Larger banks will typically have greater differentiation and distinction between
functions, and may devote entire departments to the completion of each component. Smaller banks
may use one or more employees to complete several tasks (e.g., review of monitoring reports, research
activity, and completion of the actual SAR).5
Hexanika: Innovation via Automation
Hexanika is a FinTech Big Data software company, which has developed an end to end solution for
financial institutions to address data sourcing and reporting challenges for regulatory compliance.
The challenges of SAR for financial institutions are to implement sophisticated mechanisms required to
identify suspicious transactions and activities and generate proper reports in a timely and concise
5
FFIEC: Suspicious Activity Reporting—Overview

4. manner. Hexanika helps establish a compliance platform that streamlines the process of data
integration, analytics and reporting. Our software platform can develop and clean data to be sourced for
reporting and automation, simplifying the processes of data governance and generating timely and
accurate reports to be submitted to regulators in the correct formats.
To know more about our products and solutions, read: http://hexanika.com/company-profile/
Contact Us
USA
249 East 48 Street,
New York, NY 10017
Tel: +1 646.733.6636
INDIA
Krupa Bungalow 1187/10,
Shivaji Nagar, Pune 411005
Tel: +91 9850686861
Email: info@hexanika.com
Follow Us