What Businesses Need to Know About Suspicious Activity Reports: When SARs Are Filed & What Happens Next
Here’s a scenario: you run a small business that’s struggling a bit. Your rich uncle sees your situation and offers you a $10,000 loan, which you gratefully accept. There’s no paperwork, no formal agreement: you just deposit the check. No one else needs to know where the money came from.
It probably won’t be quite that simple, though.
A big infusion of cash that suddenly appears in your account, without any explanation? Well, that would seem a little suspicious. And any time the bank sees suspicious activity, they are required to report it to the authorities.
The vehicle for passing on this information is called a Suspicious Activity Report, or “SAR.” In this post, we’re looking at SARs: who files them, how they work, and under what circumstances would the average business need to know about them.
Recommended reading
- Why is My Bank Account is Under Investigation?
- Merchant Identification Numbers | How Do MIDs Work?
- Issuer Declines: 7 Reasons They Happen & How to Fix Them
- What Is Open Banking? Data to Improve Service & Stop Fraud
- Top 10 Payment Fraud Detection & Prevention
- Non-Payment Fraud: What Other Threats Do Sellers Face?
What is a Suspicious Activity Report (SAR)?
- Suspicious Activity Report
A Suspicious Activity Report (often referred to as a “SAR”) is a confidential report filed by a bank when any customer activity registers as unusual or potentially linked to financial crime.
[noun]/sə • spi • SHəs • ak • tiv • ə • dē • rə • pôrt/
Suspicious Activity Reports, or SARs, are at the heart of government financial monitoring. The system was created under the Bank Secrecy Act (BSA) of 1970 and later expanded by the USA PATRIOT Act in 2001. It all falls under the jurisdiction of a bureau within the United States Department of the Treasury called the Financial Crimes Enforcement Network, or FinCEN.
In simple terms, SARs provide financial data to help identify money laundering, terrorist financing, tax evasion, and other financial crimes. SARs are a routine part of modern banking. Financial institutions filed roughly 3.6 million SARs in 2022, and March 2023 alone saw more than 350,000 filings, the highest single month on record.
You can have SARs filed against your business, but unless you’re actually doing something illegal, nothing will probably come from it. In all likelihood, you won’t even know it happened.
A SAR is not a crime report. It’s simply a notice of suspicion and a call for further investigation.
Which Businesses Are Required to File SARs?
Filing a Suspicious Activity Report is mandatory in select qualifying situations. Parties required to file SARs include:
- Banks, credit unions, savings associations.
- Check cashers and currency exchangers
- Securities broker-dealers
- Loan/finance companies
- Third-party payment processors
- Casinos and card clubs
- Insurance companies (mutual funds)
For these businesses, SARs are about self-protection as much as anything. In a sense, the SAR provides plausible deniability. If there is an issue with a payment, the financial institution can tell FinCEN, “Hey, don’t look at us: we told you something weird was going on!”
What Triggers a Suspicious Activity Report?
A SAR is only required if a transaction meets minimum dollar thresholds and is deemed suspicious (e.g., illegal activity). Structuring, or using smaller deposits to avoid the CTR limit, is the most common trigger.
Not every transaction that raises a red flag is SAR-worthy. There are two conditions that must be met. First, there are dollar thresholds:
- $5,000 minimum for most financial institutions
- $2,000 minimum for money services businesses
- ANY amount for insider abuse
- $25,000+ without identified suspect
Anything under those amounts doesn’t need reporting. In addition to meeting the dollar threshold, though, a transaction must also be defined as “suspicious,” meaning one of the following is true:
- The transaction involves (or attempts to hide) funds from illegal activity
- The transaction was designed to evade reporting requirements (structuring)
- The transaction has no business or lawful purpose the bank can identify.
Of the three, the most common trigger is structuring. FinCEN requires a Currency Transaction Report on any single-day cash transactions of $10,000 or more. Structuring is a tactic to bypass CTR requirements by making multiple deposits just under the $10,000 threshold.
SARs must be filed within 30–60 days, with ongoing suspicious activity reported every 90 days.
A few other suspicious actions that may warrant a SAR for a financial transaction include:
- Transaction patterns inconsistent with business type
- Rapid movement of funds with no clear purpose
- Transactions involving high-risk countries
- Customer giving false (or no) information
- Inconsistent explanations for transactions
- Large wire transfers with no apparent business purpose
This chart offers some real-world examples of situations that would require an SAR:
| Red Flag | What Triggered It? | How it Works | Why It’s Suspicious |
| Structuring | Business needs to deposit a total of $90,000 | Multiple employees deposit $9,000 each at different branches same day | Appears designed to avoid $10,000 CTR threshold |
| Rapid movement of funds with no clear purpose | Business deposits $75,000, then immediately begins shuffling funds | Varying amounts go back and forth between several different banks or accounts | Looks like a shell-game for money laundering |
| Unusual business patterns | A laundromat owner makes regular weekly deposits averaging $20,000 | Typical weekly gross for single-location laundromat is in the $5,000 range | Amount goes way beyond industry expectations |
For payment processors, an inexplicably high chargeback or return rate can also point to suspicious activity.
Just because activity looks suspicious, of course, doesn’t mean there’s necessarily something illegal going on. That’s why FIs file SARs more on the “know your customer” principle: a transaction might not be generally unusual, but it’s highly unusual for you.
Once a suspicion is raised, there are timelines with SARs. They must be filed within 30 days of initial detection, assuming the FI has nailed down the suspect. 60 days is the absolute cutoff for a responsible business to file a SAR. Then, ongoing suspicious patterns must be reported every 90 days.
How SARs Are Filed & Who Gets to See Them
SARs are filed electronically with FinCEN and include a written suspicion narrative. Only regulators and law enforcement can access them; merchants and their attorneys cannot be told if a SAR was filed, as banks are legally barred from disclosing it.
SARs aren’t physical reports. Instead, they’re filed electronically through FinCEN’s BSA E-Filing System. That’s been mandatory since 2013. There’s no paper form, no back channel; everything goes straight to FinCEN.
Filings require a written explanation as to why it seems suspicious, though, as well as evidence to support the report. That documentation isn't actually included with the filing, but the bank has to hold onto it for at least five years, just in case something does come of the report.
Not just anyone can access filed SARs. Cleared viewers include FinCEN analysts, federal law enforcement agencies like the FBI, IRS, and Secret Service, and authorized state or local law enforcement. SARs can also be shared between financial institutions, but only for preparing a joint filing.
A financial institution cannot confirm or deny if a SAR was filed against you (saying “pretty please” won’t help). In fact, the FI is literally barred from handing over SARs, even if they’re subpoenaed. Access is also blocked for your attorney, as well as any mediators or customers involved.
Self-protection against chargebacks is one of your best revenue-saving tools.
Let us show you how much you could save with a comprehensive strategy.
Request a Demo
The Investigation Process: What Occurs After FinCEN Receives a SAR
Filing a SAR doesn’t automatically trigger an investigation. The SAR goes into FinCEN’s review queue, where most reports lead nowhere. Only about 4% receive follow-up, and banks file mainly to be cautious.
When a SAR is filed, it doesn’t set off alarms or automatically launch an investigation. The report goes into a large electronic to-do list; kind of like a waiting room for paperwork.
It takes time, but FinCEN analysts eventually review every SAR they receive, comparing them to other SARs, cash reports, and law-enforcement databases. They look for a pattern, like businesses that pop up repeatedly, or activity that looks a bit too similar across different banks. The process is tedious, and most of the time, nothing comes of it.
If a SAR involves a significant amount of money, and there is clear evidence of wrongdoing, it can be investigated. Law enforcement may reach out, issue subpoenas or warrants, or freeze accounts during an active investigation. In most cases, though, no action will be taken.
A 2020 Bank Policy Institute study found that only about 4% of SARs receive follow-up, and only a fraction of those ultimately lead anywhere. In other words, the vast majority of SARs submitted will ultimately turn out to be a big plate of nothing.
Can Your Business Continue Banking After a SAR Is Filed?
Businesses can usually keep banking after a SAR is filed. Banks may continue the relationship with closer monitoring, but if suspicious activity continues or risk becomes too high, they can still close the account.
The short answer is usually “yes.” Businesses can usually keep banking after a SAR is filed.
FinCEN protocols allow banks to maintain customer relationships, even after filing a SAR. An account can stay live if it doesn’t pose an unmanageable risk, just with closer monitoring. Enhanced due diligence, stricter transaction limits, or additional documentation may be required going forward, too.
Some banks may refuse to service entire categories of customers — money services businesses and payment processors are common examples — rather than manage the risk case-by-case.
That doesn’t mean an account won’t be closed, though: if suspicious activity continues post-SAR filing, or the risk level exceeds the bank’s tolerance, they may decide it’s easier to just cut ties. So if your business model regularly trips monitoring systems, you should talk to your bank and try to identify the issue.
Understanding Safe Harbor Protections for SAR Filers
Banks and employees are legally protected (“safe harbor”) when filing SARs in good faith. This shields them from civil liability, unless they participate in the crime. This encourages reporting, even if most SARs turn out to be false alarms.
Like I mentioned above, financial institutions may file Suspicious Activity Reports they know are probably needless. They’re operating with a “better safe than sorry” mentality, because they’ve got nothing to lose from filing a SAR.
Under 31 U.S.C. § 5318(g), anyone who files a good-faith report to the authorities is immune from civil liability. In other words, neither the bank, nor its staff, can be sued for filing a SAR, even one that is later proven unfounded.
The reasoning here is obvious: FinCEN is trying to encourage reporting by eliminating fear of retaliation. Banks can err on the side of caution, knowing that over-reporting doesn’t carry a legal risk. Yes, many SARs turn out to be false positives, but because they’re protected, banks tend to take that “better safe than sorry” route.
Safe harbor does have limits. It doesn’t protect parties that participate in a crime, for example, and it doesn’t shield banks from regulatory non-compliance penalties. It only applies to good-faith reporting.
Steps to Take if a SAR is Filed Against Your Business
You usually won’t know a SAR was filed unless law enforcement contacts you. If contacted, hire a criminal defense attorney before offering any information. Gather all records, document business reasons for transactions, and never alter or hide information.
Unless there actually is a serious issue, you likely won’t — and don’t really need to — know a Suspicious Activity Report was filed. On the other hand, if some law enforcement agency actually contacts you, it’s showtime. Now, you’re officially under investigation.
So, how should you respond?
Know when to worry: you’re aware of illegal activity, law enforcement has a specific investigation or has served a warrant/subpoena, or multiple banks have closed your accounts.
Most other situations — one-time large transactions, legitimate high-cash businesses, or occasional transaction flags — usually don’t indicate a SAR or investigation. Document it, explain it, and keep running your business.
First off, exercise your right to remain silent. This is not an admission of guilt, but rather, a way of protecting yourself against making your situation worse. Don't talk to any agent without an attorney present (a criminal defense attorney, not just a business attorney). Start gathering all records, statements, and documentation.
Proactive measures can really help in this regard. Keep detailed records, so you can readily access information if needed. Document business reasons for unusual transactions as they happen, and make sure you’re filing accurate taxes.
Absolutely do not attempt to alter or hide any relevant documentation. This could lead to an “obstruction of justice” charge on top of everything else.
Best Practices to Reduce SAR Risk for Legitimate Businesses
Legitimate businesses can reduce SAR risk by being transparent with their bank and building trust. They should strive to avoid suspicious transaction patterns, accurately report transactions, and keep chargeback ratios low. Threatening the bank or hiding activity only increases scrutiny.
It goes without saying that the best way to manage Suspicious Activity Reports is not to get one in the first place.
Your best tool for avoiding SARs is transparency. That, and getting to know your bank. If you and your bank have a successful, mutually beneficial relationship, you should be comfortable approaching them proactively. Letting them know up front about a larger-than-normal wire transfer or other unusual transaction, for example, is a good idea. If they know an unusual transaction is going to happen, and that there’s a legitimate reason for it, then they’ll be less likely to file a SAR.
Since we know that structuring is the most common trigger for SARs, make sure it doesn’t happen, even accidentally. Go for accuracy over convenience; for example, don't make multiple deposits to avoid a CTR. The goal is to build trust through transparency.
What you really don’t want to do is threaten to close your account if you’re “reported.” Remember, it’s not personal: the bank has rules to comply with. Plus, any kind of threat is likely to increase scrutiny, not deter it. This would be a bluff that won’t break in your favor.
An often overlooked way to avoid SARs is to keep your chargeback ratio in a safe range. Excessive chargebacks can raise suspicions, especially if it’s tied to other unusual activities.
We can help you with that. Our comprehensive end-to-end platform can take chargeback management completely off your plate, while also helping you curtail third-party fraud and optimize your customer experience. Contact us to learn more.
FAQs
Will I be notified if a SAR is filed about my business?
No. Federal law prohibits financial institutions from notifying anyone that a SAR has been filed. This "no tipping off" rule exists to prevent subjects from destroying evidence or changing behavior. Even if you directly ask your bank whether a SAR was filed, they are legally required to decline to confirm or deny it.
What is the difference between a SAR and a CTR?
A Currency Transaction Report (CTR) is filed automatically for any cash transaction over $10,000 and doesn't indicate suspicion; it's just recordkeeping. A Suspicious Activity Report (SAR) is discretionary, filed when a transaction of any amount appears suspicious. The same transaction can trigger both a CTR (because it's over $10,000 cash) and a SAR (because it appears designed to evade reporting).
Can I be arrested just because a SAR was filed about me?
No. A SAR is not a crime report or evidence of wrongdoing; it's simply a notice of suspicious activity for investigation. The vast majority (90-95%) of SARs don't result in any law enforcement action. However, if FinCEN refers your SAR to law enforcement and they find evidence of actual crimes, that could lead to charges.
Does my business need to file Suspicious Activity Reports?
Only if you're a financial institution or other covered entity under BSA regulations (banks, money services businesses, securities brokers, casinos, insurance companies, etc.). Regular merchants, retailers, and eCommerce businesses are NOT required to file SARs. However, you may be the SUBJECT of SARs filed by your bank or payment processor.
Will my bank close my account if they file a SAR?
Not necessarily. October 2025 FinCEN guidance clarified that banks can and should maintain customer relationships after filing a SAR in most cases. The bank will assess risk on a case-by-case basis and may continue the relationship with enhanced monitoring. However, if suspicious activity continues or risk is too high, they may close the account.
How long does FinCEN keep Suspicious Activity Reports?
FinCEN will keep Suspicious Activity Reports indefinitely. SARs are maintained in FinCEN's database permanently and can be accessed by law enforcement at any time. Financial institutions must retain copies of SARs and supporting documentation for five years, but FinCEN keeps them forever. Old SARs can be referenced in future investigations years later.
Is structuring illegal even if my business is legitimate?
Structuring — intentionally breaking up transactions to avoid reporting thresholds — is illegal under the Bank Secrecy Act even if the underlying funds are legitimate. For example, depositing $9,000 on five consecutive days to avoid a single $45,000 CTR is a crime. The penalty can be up to $250,000 in fines and 5 years imprisonment, plus forfeiture of structured funds.
Can high chargeback rates trigger a Suspicious Activity Report?
Yes. FinCEN's 2012 advisory specifically identified excessive chargebacks and returns as red flags for payment processors. Banks monitoring payment processor accounts look for patterns that may indicate merchant fraud, unauthorized transactions, or other suspicious activity. While chargebacks alone don't automatically trigger SARs, unusually high rates warrant reporting.
How many Suspicious Activity Reports are filed each year in the US?
Over 3.6 million SARs were filed in 2022, with March 2023 setting a monthly record of 351,000 reports. The number has been trending upward in recent years. However, studies show that only about 4-5% of these reports lead to law enforcement responses, and an even smaller fraction result in arrests or convictions.
