Skip to main content

What is the Right Number of SARs? Is Low Reporting a Sign of Weak Compliance?

Written on . Posted in , .
Is Your SAR Reporting Where It Should Be?

What is the Right Number of SARs? Is Low Reporting a Sign of Weak Compliance?
And how should they be used to demonstrate the ‘effectiveness’ of a firm’s framework of anti-financial crime controls? [Updated for 2025]

Financial crime professionals are increasingly challenged to demonstrate that a firms systems and controls are effective and are having a material impact on crime. Suspicious Activity Reports (SARs) SARs represent a goldmine of information and intelligence on the root causes of crime concerns when they are provided by employees.

But what is the ‘correct’ level of reporting; are low numbers indicative of a lack of awareness and vigilance, or that the firm is not attracting the attentions of criminals? Is the absence of reporting a sign that the framework is not being effective and should that be viewed as a sign of weakness, even non-compliance?

With increased scrutiny from regulators that will be driven by an enthusiasm to show the Financial Action Task Force (“FATF”) that a jurisdiction is combatting crime in the fifth round of mutual evaluation visits, firms that are regulated or supervised for compliance under the Money Laundering Regulations (MLRs”) by the Financial Conduct Authority need to ensure that their SAR reporting framework is robust and compliant, and that they have records to show what work has been performed to enhance the identification and reporting of unusual activity.

Understanding SAR Reporting

SARs are a crucial source of intelligence that can be used for alerting authorities to potential financial crime. Each SAR submitted can play a significant role in identifying money laundering or terrorist financing. However, the “right” number of SARs a firm should submit varies based on factors like the firm’s risk profile, business size, and the effectiveness of its compliance framework.

A low number of SARs might not indicate weak compliance. It may reflect strong onboarding procedures and client screening systems, preventing high-risk activities from entering your firm’s ecosystem. But it is vital to examine whether low reporting is due to effective risk management or if it points to staff underreporting suspicious activities.

Five Critical Questions for Financial Crime Professionals

To ensure your SAR process is effective, consider these five critical questions:

  • Are your SAR numbers reflective of the firm’s risk exposure? Firms should regularly assess whether their SAR volume aligns with the risk level associated with their business activities. A firm with high-risk clients or operating in high-risk jurisdictions should typically have a proportionally higher number of SARs. It’s essential to evaluate if the firm is effectively capturing risks through its monitoring systems.
  • Is low SAR reporting due to strong controls or lack of awareness? Low reporting may indicate strong preventive measures, but it can also point to gaps in staff awareness. Firms must ensure that their employees, particularly those on the front lines, receive regular training on identifying suspicious activity. A lack of reporting could stem from employees not recognising red flags, a significant compliance risk​. Consider areas of the firm that have never reported, and whether there has been sufficient training and communication of risks in that area. Do the staff understand their role and responsibilities, can they identify the risks, and do they know how to report them? These are critical questions that must be addressed.
  • Are your onboarding and transaction monitoring systems effectively mitigating risks? Regularly reviewing the firm’s onboarding procedures and transaction monitoring systems is crucial. Are they sufficiently robust to detect early-stage suspicious activity? Strong front-end controls can prevent suspicious transactions, but firms must ensure that these systems remain adaptable to emerging risks, such as new fraud schemes or money laundering typologies. A key question for firms is whether the transaction rules, provide both ‘hard’ rules and profiling that encourages the process to highlight ‘outlier’ transactions and activity when compared with the peer group, are adequate and sufficiently tailored to identify firm-specific risks.
  • Are you capturing declined transactions and suspicious activities effectively? A key element of compliance is maintaining a register of declined clients or transactions. If a firm turns down business that presents a high risk, it’s important to document these decisions. This demonstrates a proactive approach to risk management, showing that while fewer SARs are submitted, the firm is still actively managing risks at an early stage​. Firms that analysis the root causes of reports (rather like complaint handling) and use this data to inform the continuous development and updating of the business wide risk assessment register, will benefit from having in place a demonstrable and dynamic process of risk management that will differentiate their performance from other firms!
  • Can we justify our SAR numbers to regulators with data and examples? Being prepared to explain SAR numbers to regulators is critical. Firms should ensure they can point to specific controls and procedures that explain their SAR reporting levels. This may involve presenting examples of how suspicious activities were identified and mitigated before escalating to a SAR, or demonstrating how staff training and enhanced monitoring are addressing key risks​.

FCA Guidance on Account Freezing and Section 1.11

One critical aspect of the FCA’s guidance is section 1.11, which states that if a firm freezes an account due to suspicious activity, any investigation must be carried out in a reasonable timeframe. Delays in conducting these investigations can lead to regulatory risks. Freezing accounts to mitigate financial crime risks is vital, but firms must balance this with the need to avoid unnecessary harm to their customers. Overuse or misuse of account freezes, especially without a prompt resolution, could lead to potential breaches of FCA principles. The FCA’s report on UK Payment Accounts Access and Closures, published in September 2024 report places accountability on firms to maintain clear and fair procedures around account freezes.

GCAL now provides ONLINE and ON DEMAND programmes of learning for financial crime professionals.

Enhancing SAR Reporting with the GCAL Advanced SARs Compliance Certificate Course

For those aiming to have an effective SAR framework, the GCAL Advanced SARs Compliance Certificate Course offers in-depth training on identifying suspicious activities, filing accurate SARs, and ensuring compliance with FCA and NCA guidelines. This course will help your team become more confident and efficient in managing SAR-related tasks, enhancing both compliance and risk management across your firm​.

Learn more and enrol in the GCAL SAR Compliance Course to strengthen your firm’s SAR framework.

SARS CC Course Details.

Infographic: SAR Reporting Essentials

GCAL is offering a free infographic on SARs to help financial crime teams navigate the complex world of SAR submissions. This visual guide provides an overview of key topics such as important glossary codes, penalties for non-compliance, and best practices for filing accurate and complete SARs. It includes practical tips on how to provide detailed information for individuals and entities, helping ensure SARs are actionable and contribute to effective investigations. By using this infographic, your team can avoid common reporting mistakes and ensure compliance with UK regulatory standards​.

Leveraging Advanced Internet-based Investigation Techniques

The GCAL OSINT Course is proving to be a game-changer for financial crime professionals looking to enhance their investigation skills and higher risk client profile assessments.

Open-Source Intelligence (OSINT) enables risk professionals and SAR investigators to identify, assess validate and then use valuable data from public sources, helping to improve customer due diligence (CDD) processes and the timeliness and accuracy of SAR reviews. By using OSINT techniques, firms can better detect suspicious behaviour and make more informed decisions on whether to file a SAR or freeze an account. This course equips professionals with practical skills to support their investigations with actionable intelligence​.

Take advantage of the GCAL OSINT Course to improve your investigative capabilities and SAR decision-making.

OSINT Course Details.

Conclusion

The right number of SARs for your firm depends on several factors, but low SAR reporting doesn’t always signal weak compliance. By maintaining robust risk management processes, leveraging tools like OSINT, and investing in specialised training like the GCAL SAR course, firms can ensure they are both proactive and compliant. Keep your staff trained, your processes documented, and your compliance strategy adaptable to meet evolving regulatory expectations.

Related Posts

How often is AML training required?

Read more

Why Firms Are Still Struggling with FWRAs – And How to Get It Right

Read more

Is Your Team Ready to Tackle Financial Crime Head-On?

Read more