Five Questions about FinCEN’s Suspicious Activity Reporting Requirements(SARs)

On October 9, 2025, the U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN) and the primary federal banking agencies issued “FAQs Regarding Suspicious Activity Reporting Requirements” to clarify four specific provisions that many financial institutions have incorporated into their Bank Security Act and anti-money-laundering (BSA/AML) programs to reduce the burdens related to SAR filings. We’ve summarized the FAQs below to help financial institutions understand what’s changed and what hasn’t, and what to do.

1. Is a financial institution required to file a SAR for every transaction or series of transactions with a value at or near the currency transaction report (CTR) threshold (i.e., over $10,000)? 

FinCEN has advised that, “No. The mere presence of a transaction or series of transactions by or on behalf of the same person at or near the $10,000 CTR threshold is not information sufficient to require the filing of a SAR.” This response reiterates the regulatory standards that financial institutions are only required to file a SAR if the institution “knows, suspects, or has reason to suspect that the transaction or series of transactions are designed to evade CTR reporting requirements. Without this knowledge, suspicion, or reason to suspect, financial institutions are not required to file a SAR.” 

Financial institutions should assess their existing procedures and rely on their transaction monitoring programs to identify structuring activity, as opposed to conducting manual transactional analysis.

2. Is a financial institution required to conduct a review of a customer or account following the filing of a SAR to determine whether suspicious activity has continued? 

   
   

Financial institutions had provided feedback to FinCEN that they were committing  significant time and resources to conducting customer, account, and transactional reviews to identify continuing activity. As a result of the feedback, FinCEN responded that, “No. Recognizing the burden that continued SAR filings on the same customer or account place on institutions, FinCEN suggested in October 2000 that institutions file a SAR for repeated and ongoing suspicious activity at least every 90 days. Over time, this suggestion has become interpreted as a requirement or expectation that financial institutions conduct a separate review of a customer or account following the filing of a SAR to determine whether suspicious activity has continued. A financial institution is not required to conduct a separate review—manual or otherwise—of a customer or account following the filing of a SAR. Financial institutions instead may rely on risk-based internal policies, procedures, and controls to monitor and report suspicious activity as appropriate, provided those internal policies, procedures, and controls are reasonably designed to identify and report such activity.” 

The FAQs advise that financial institutions can “rely on risk-based internal policies, procedures, and controls to monitor and report suspicious activity.” Financial institutions should review and ensure that their existing processes for identifying and reviewing continuing activity are risk-based. To the extent that additional measures were implemented to conduct reviews triggered solely by prior SAR filings, those controls should be reassessed.  

3. What is the timeline for a financial institution that elects to file SARs in accordance with FinCEN’s continuing suspicious activity guidance? 

   
   

FinCEN previously suggested that financial institutions report continuing suspicious activity via a SAR filing following a 90-day period with the filing deadline being 120 calendar days after the date of the previously related SAR filing. This FAQ clarifies that financial institutions that elect to file a continuing activity SAR can do so “in line with applicable timelines,” and extends the filing deadline to 150 days from the date of detection, providing an additional 30 days, as follows: 

• Day 0: detection of facts that may constitute a basis for filing a SAR

• Day 30: filing of initial SAR

• Day 120: end of 90-day period 

• Day 150: filing of a SAR for continued suspicious activity

Financial institutions should assess their procedures (including any workflow functions built within transaction monitoring or case management tools that have timeline attributions) for filing SARs for continuing activity when detected and investigated. They should also have a clear and documented distinction between this continuing activity as opposed to new reportable activity, which is reportable in accordance with established SAR timelines.

4. Is a financial institution required to document the decision NOT to file a SAR? 

   
   

In accordance with the FAQs, “No. There is no requirement or expectation under the BSA or its implementing regulations for a financial institution to document its decision not to file a SAR.” Of note in the FAQs is FinCEN’s guidance that it “has previously encouraged, but not required, financial institutions to document the decision not to file a SAR. Should a financial institution choose to document its decision not to file a SAR, the level of appropriate documentation may vary based on the specifics of the activity being reviewed and need not exceed that which is necessary for the institution’s internal policies, procedures, and controls, which should be risk-based and reasonably designed to identify and report suspicious activity.” 

While it hasn’t been required, it has for many years been a common practice for many financial institutions to document non-SAR filings for all alerts reviewed and decisioned without an escalation. Institutions have viewed this as an integral part of their program not only to memorialize the decision, but also to factor in any additional information or mitigating circumstances that help inform the decision to not file. In many instances, auditors and examiners have asked financial institutions for an explanation of the decision to file or not file and this documentation has helped provide the explanatory justification. The documentation of non-filing supports institutions in conducting a quality control review of the program to identify procedural gaps and opportunities to further train staff. 

5. What changes should a financial institution make in response to these and other FAQs?

   
   

It is critically important to assess the program documentation and review existing policies and procedures to ensure they align with the specific risk profile of the institution. It’s also important to fully document the current controls in place to mitigate the risks related to financial crimes. Any changes to these existing policies and procedures should be fully documented with a rationale for the reasons driving the changes and a record of any approvals that may be necessary (including that of the Board of Directors), and should be done in conjunction with conversations with both independent audit and examiners. 

It is important to keep in mind that the FFIEC will need time to align the BSA/AML Examination Manual  with these FAQs for examiners to incorporate into the examination process. As of now no clear timeline has been proposed for updates to the manual, but additional information will likely be forthcoming.