The Art of the SAR

Published on May 11, 2020

If filing a suspicious activity report is more of an art than a science, it should be remembered that not all art is equal. Like a painting hung in a museum, a good SAR must be the product of focus and intention if it’s to engage its intended audience.

For the aspiring SAR artist, the first step is to assess the materials at hand. What information does one have on the subject and how can it be arranged clearly and coherently?

“Being clear and concise is really important,” said Ian Mynot, head of the National Crime Agency’s UK Financial Intelligence Unit (UKFIU), during a recent episode of KYC360’s AML Talk Show. “Having reports that follow a logical structure, preferably with a clear summary included, is really beneficial to investigators.”

Clarity entails providing SAR readers with a concise summary of the relevant suspicions, followed by a chronological account of the events leading up to the filing, according UKFIU guidance.

It can also mean avoiding the use of acronyms and other industry jargon, and providing technical explanations of relevant transactions and business relationships whenever appropriate, Mynot said.

Reporting firms should also take care not to overlook two seemingly minor stylistic steps: breaking up narratives into readable paragraphs and avoiding the use of unnecessary capital letters in the body of a sentence, both of which impact readability, according to Mynot.

The big picture

While concision and clarity are fundamental to drafting useable SARs, compliance officers will need to explain the purpose of the filing above all. Reporters don’t necessarily need to know what suspected crime they are reporting on but they need to be able to explain why they have filed a SAR.

For UK officials, the bulk of analysis focuses on the “Reason for Suspicion” field of a SAR, which is a free-text box limited to 8,000 characters or roughly 1,500 words.

“What is really fundamental here is to outline why it is that you’re suspicious,” Mynot said. “I know that sounds pretty basic, but we do on occasion get SARs where that is not clear.”

As the UKFIU’s guidance states, the “Reason for Suspicion” field should answer the following questions:

  • Who is involved?
  • How are they involved?
  • What is the criminal or terrorist property?
  • What is the estimated value of the aforementioned property?
  • Where is the property?
  • When did the relevant circumstances arise?
  • When are the circumstances expected to happen?
  • How did the circumstances arise?
  • Why are you suspicious?

A skilled compliance reporter will want to first make use of the UKFIU’s SAR glossary codes (see pages 13 and 23 of the guidance) before drafting a “brief summary to highlight the key element of your suspicions.” Compliance officers are also expected to consider the inclusion of any additional information in the report that could prove useful to investigators.

Importantly, SAR filers should conclude their “Reason for Suspicion” input with a summary of their intended actions going forward—for example, if they plan to exit the relationship or more closely monitor a customer on an ongoing basis.

Brushwork and detail

A skilled SAR artist will keep in mind that it’s often the detail work that matters most. Inclusion of seemingly disparate but relevant information can provide texture and depth to the overall picture that a compliance team is seeking to convey to investigators, and may give them leads that aren’t immediately apparent.

That’s why “it’s really important that all the [SAR data] fields are completed as far as possible, and obviously some information might not be available, but if you have the information please do include it,” Mynot said.

An individual’s date-of-birth, for example, can be particularly useful to investigators.

“Without that, it’s often quite challenging to confirm the person is the same person that law enforcement are interested in,” said Mynot. “It also limits the ability to undertake key searches of law enforcement databases.”

UKFIU guidance asks that SAR filers also provide full names, addresses (formatted as SW1A 1NT) and nationalities on individuals cited in the reports.

Whenever possible, compliance teams should also include relevant dates, identification document details (for example, passport and National Insurance numbers), car registration information, telephone numbers and full details on bank accounts and financial activity, including data on correspondent banking transactions—all of which should be cited within the context of the filers’ suspicions.

Citing the occupation of a SAR target will also help investigators determine sources of funds as well as whether the individual may be in a position to facilitate money laundering.

When citing corporate entities, SARs should include full legal names, corporate designations (for example, Limited or LLP), registered numbers, VAT numbers, countries of incorporation and information on beneficial owners and directors. If a trust is involved, the report should indicate the nature and type of trust as well as relevant data on trustees, settlors, protectors and known beneficiaries.

If a reporting firm has information on a suspected victim—particularly one who is believed to be a “vulnerable person”—the postcode and full address of the individual should be cited in the “additional address” field. Reports involving international activity should include as much information as possible on both the subject and victim but should cite a country at a minimum.

Whenever a subject has been previously named in another filing, compliance teams should be sure to include the SAR reference number provided by the UKFIU rather than any internal reference number.

SARs for SARs’ sake?

It’s a common question in any compliance department: to file or not to file?

The answer, according to Mynot, is relatively simple. If a compliance team is suspicious, they should report the activity.

“If someone can’t quite put their finger on it, that would suggest to me that the activity is potentially not in line with what they would normally expect or it otherwise hits red flags,” he said. “And setting out that kind of detail is certainly helpful as well.”

In certain circumstances, covered institutions may request a Defence Against Money Laundering (DAML), which can grant reporting entities “appropriate consent” or “prior consent,” depending on the relevant UK law. Such consent can allow firms to continue offering services to a suspicious party without necessarily incurring regulatory penalties.

But the requests must be limited to a specified activity, or series of activities, the reporting entity would permit and they should be indefinite and open-ended, according to UKFIU guidance.

Stepping back

Every artful work needs time to breathe. When a draft SAR is finished, it’s time to step back and assess whether more needs to be done.

A good SAR has a clear focal point: why is the filer suspicious? How well is that suspicion explained?

Reporting firms should also take time to double check spellings, postcodes and accounting details, among other data. For missing information, enter “UNKNOWN” rather than leave the field blank.

Firms can also benefit from a deeper dive into the UKFIU’s recommendations.

“We’ve got a lot of guidance out there on the NCA website, which I encourage people to look at,” Mynot said.


Advance your CPD minutes for this content,
by signing up and using the CPD Wallet

Get started