.svg)
New guidance clarifying when financial institutions must file suspicious activity reports (SARs) aims to reduce unnecessary compliance burdens and allow firms to focus resources on higher-value investigations.
The US Financial Crimes Enforcement Network (FinCEN) has published answers to four frequently asked questions (FAQs) on SAR requirements relating to financial organisations, including money services businesses (MSBs).
The FAQs were developed jointly with the Federal Reserve, the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA) and the Office of the Comptroller of the Currency (OCC).
“SARs should deliver better outcomes by providing law enforcement the most useful information—not by overwhelming the system with noise,” said the under-secretary for terrorism and financial intelligence, John K. Hurley.
“Compliance requires real resources, and that’s why prioritization is crucial. At Treasury, we will continue to reform our Anti-Money Laundering and Countering the Financing of Terrorism framework to de-prioritize low-value activity and direct compliance resources towards the most significant threats to our country.”
Reducing wasted effort
FinCEN said that the clarifications are intended to ensure financial institutions “are not needlessly expending resources on efforts that do not provide law enforcement and national security agencies with the critical information they need to detect, combat, and deter criminal activity.”
The guidance addresses several areas of uncertainty raised by stakeholders, including:
- Structuring-related SARs. FinCEN has clarified that financial institutions are not required to file a SAR solely because transactions occur near the $10,000 currency transaction reporting threshold, unless the activity appears designed to evade reporting requirements.
- Continuing activity reviews. It confirms that firms are not required to conduct post-SAR reviews for continued suspicious activity, provided they maintain risk-based policies and procedures capable of detecting such activity.
- Filing timelines. The regulator has detailed its expectations for institutions that follow its continuing suspicious activity guidance. SARs should be filed within 30 days of detecting suspicious activity, with subsequent filings 120 days later if the activity continues.
- Documentation. It also confirms there is no legal or regulatory requirement to document decisions not to file a SAR, although firms may choose to do so in line with their internal policies.
FinCEN emphasised that the FAQs do not alter existing Bank Secrecy Act (BSA) obligations or create new supervisory expectations.
Making compliance requirements simpler
The move follows industry feedback calling for clearer compliance expectations under the BSA, amid concerns that ambiguous rules have led to excessive filings and inefficient resource allocation.
Law enforcement agencies have long struggled with the volume-to-value ratio of SARs. In addition, reviews by the US Treasury Department and the Government Accountability Office (GAO) have repeatedly shown that many SARs provide little actionable intelligence.
By narrowing the focus of reporting, FinCEN aims to improve the quality and usefulness of the data it receives, ensuring law enforcement resources are directed towards genuinely suspicious activity rather than contributing to administrative overload.
The US is not alone in taking this approach; there is broad consensus that it represents best practice. The Financial Action Task Force (FATF) has long promoted a risk-based approach as the foundation of global anti-money laundering and counter-terrorist financing (AML/CTF) standards.
Its Guidance on the Risk-Based Approach to Combating Money Laundering and Terrorist Financing advises jurisdictions and regulated entities to allocate resources in proportion to the risks they face, rather than applying uniform controls.
FATF’s Guidance on Risk-Based Supervision further encourages regulators to move beyond tick-box oversight and focus on higher-risk activities, and it has also published sector-specific guidance for banking, money or value transfer, securities and real estate.
Recent regulatory updates in the UK reflect this same philosophy. In November 2024, the Financial Conduct Authority (FCA) updated its Financial Crime Guide to strengthen expectations around transaction monitoring and to encourage firms to tailor controls according to risk.
The FCA’s Money Laundering Through Markets Review, which was published in January 2025, also highlighted the need for intelligence-led, risk-sensitive monitoring, and the regulator’s broader strategy calls for outcome-focused compliance rather than procedural box-ticking.
Impact of the change
The FAQs include tangible benefits for compliance officers. For example, the clarification on structuring-related SARs could substantially reduce compliance workloads for payment service providers (PSPs), as FinCEN’s guidance confirms that proximity to this threshold alone is not sufficient to trigger a SAR.
This allows firms to focus on cases that genuinely indicate evasion or criminal intent.
In addition, confirming that institutions are not required to conduct continuing activity reviews after filing a SAR provides PSPs with greater flexibility.
High-volume payments firms can rely on risk-based monitoring systems, potentially achieving significant efficiency gains, particularly when using automated or AI-driven detection tools.
The FAQs also reinforce the principle of proportionality and risk-based compliance. For PSPs such as banks and MSBs, this is likely to be seen as regulatory validation for modernising AML frameworks, allowing them greater flexibility to focus on data-driven, intelligence-led systems rather than rigid, rules-based processes.
