Archive|Deep Briefs|
|
← Back to Glossary

SAR (Suspicious Activity Report)

RegulationUpdated: January 15, 2025
Also known as: Suspicious Activity Report, FinCEN SAR

Browse all Regulation terms

AI RMF (AI Risk Management Framework)Asset SegregationBeneficial OwnershipBeneficiaryBIS (Bank for International Settlements)BSA (Bank Secrecy Act)CASP (Crypto-Asset Service Provider)CASP LicenseCFTC (Commodity Futures Trading Commission)Client AssetsData MinimizationDLT Pilot RegimeeIDAS 2.0ESMA (European Securities and Markets Authority)FATF (Financial Action Task Force)FCA (Financial Conduct Authority)FEAT PrinciplesFinCEN (Financial Crimes Enforcement Network)FINMA (Swiss Financial Market Supervisory Authority)FINRA (Financial Industry Regulatory Authority)FSB (Financial Stability Board)GDPR (General Data Protection Regulation)High-Risk AI SystemHowey TestKYC (Know Your Customer)Market ManipulationMAS (Monetary Authority of Singapore)MiCA (Markets in Crypto-Assets Regulation)MiCA ComplianceMiFID IIOFAC (Office of Foreign Assets Control)OriginatorPassportingPEP (Politically Exposed Person)PII (Personally Identifiable Information)Qualified CustodianQualified InvestorRetail InvestorRight to be ForgottenSEC (Securities and Exchange Commission)SOC 2 (Service Organization Control 2)Strict LiabilityTransaction MonitoringVARA (Virtual Assets Regulatory Authority)Virtual AssetVirtual Asset Service Provider (VASP)Wash Trading
Regulatory filing to authorities reporting suspected money laundering or financial crime

A Suspicious Activity Report is a regulatory filing that financial institutions including crypto exchanges and VASPs must submit to FinCEN when they detect transactions or patterns suggesting possible money laundering, terrorist financing, fraud, sanctions violations, or other financial crimes.

Under the Bank Secrecy Act, covered institutions must file SARs within 30 days of detecting suspicious activity involving $5,000 or more in potential money laundering or BSA violations, or $25,000 for other violations. SARs must describe the suspicious activity, parties involved, amounts, dates, and reasons for suspicion. Filing a SAR does not require certainty of criminal activity, only reasonable suspicion based on red flags and behavioral patterns. Institutions are legally prohibited from disclosing SAR filings to customers or external parties.

Crypto exchanges file thousands of SARs annually based on red flags including transactions involving known darknet markets or mixing services, rapid movement of funds through multiple wallets immediately after deposit, structuring to avoid reporting thresholds, inconsistency between stated business purpose and transaction patterns, and connections to sanctioned addresses. Blockchain analytics tools enable automated detection of suspicious patterns and risk scoring of wallet addresses and transaction chains. FinCEN expects robust transaction monitoring programs capable of detecting crypto-specific typologies including chain hopping, peel chains, and interactions with high-risk DeFi protocols.

Related Terms

Transaction Monitoring
← Back to Full Glossary