facta1104_qanda - BOL Learning Connect

Suspicious Activity Reporting 

2004 

Questions and Answers 

by 

Ken Golliher 

SAR FILING AND ADMINISTRATION 

Question: What is really suspicious activity? Does it mean we have to think 

there is illegal activity? Example, we have someone who is depositing $5,000 

into each kid's account (cash). Although we don't think she is suspicious, but 

since it is cash do you report it? 

Answer: As noted during the presentation, the paragraph at the bottom of page 

18 is the best description of what is “suspicious.” In addition to that, you look for 

a violation of federal criminal law that involves an amount above any applicable 

dollar threshold. The fact that cash is involved is a factor, but the presence of 

cash alone does not make your decision. 

Question: Is a name used by a suspect sufficient to "identify a suspect" for SAR 

reporting purposes even though it may be bogus? In other words, is he a "known 

or unknown" suspect? 

Answer: Oftentimes, you are not in a position to verify the identity of the 

suspect. As long as you do not believe that the suspect has stolen the name of a 

victim, I suggest you consider the information you have as identifying a known 

suspect. 

Question: Does the dollar threshold apply in true ID cases? 

Answer: Yes, the dollar threshold applies. In most ID theft cases, you 

generally only know the identity of the victim, not the suspect so the threshold for 

reporting is high.. 

Copyright, 2004, Pegasus Educational Services, LLC. 1

Question: What SAR reportable activities do not have a $ threshold other than 

computer intrusion and terrorist financing? Are there any others? 

Answer: A literal reading of the agency regulations indicates insider abuse is 

the only reportable activity that is not specifically tied to a dollar threshold. 

As a practical matter, a computer intrusion may not involve any specific dollar 

amount. However, considering the potential effects on the bank and its 

customers, it would not be difficult to hypothesize an enormous amount of 

damage. My suggestion is that you report all computer intrusions – do not stall 

while trying to precisely calculate an amount that is no more than hypothetical in 

any circumstance. While terrorist financing is technically tied to a dollar amount, 

filling a voluntary SAR is always permissible. It is one of the few instances where 

I believe voluntary SAR filing is unquestionably appropriate. 

Question: Is there a dollar threshold for Computer Intrusion SARs? 

Answer: Literally, yes. However, as noted above, assigning any specific dollar 

amount to a computer intrusion would be an exercise in subjectivity. Report it. 

Question: I was a little confused on a response you gave to a question in your 

first Q&A. From what I understood, the question was that the bank was 

encountering losses from Check Fraud and asked if they should be reporting 

these on a SAR. I understood you to say that they should, but I didn't hear you 

qualify that with any amounts (triggers). Is this correct? 

Answer: Dollar thresholds apply in all cases other than insider abuse. 

Question: How do we know which offenses are federal crimes? 

Answer: There is a link on page 36 of your materials to the SAR Activity Guide 

where the various federal crimes are explained. 

Question: What about sharing SAR with agents of the bank such as outside 

attorney or a bank underwriter? 

Answer: The statutory prohibition on SAR disclosure is aimed at assuring that 

the object of the SAR is not told of its existence. The regulation makes the 

prohibition seem more absolute. Obviously, limiting the information to those who 

“need to know” wherever possible helps assure the object of the filing does not 

learn of its existence. If “sharing” means allowing service providers to review the 

form in the ordinary course of their services, it is a practical necessity. However, 

my opinion is that sharing should stop short of providing copies that might leave 

your institution. 


Question: Relative to confidentiality of SAR's, is it appropriate for internal 

auditors performing a BSA/AML audit to request to see 'all SARS that were filed', 

or should they review the banks suspicious activity monitoring process and ask 

whether a SAR has been filed on specific accounts? 

Answer: It is essential that auditors have access to all SARs filed. In criticizing 

AmSouth’s independent examination, FinCEN noted that the “…internal audit 

was inadequate and limited to a review of the ‘reasonableness and 

completeness’ check of the suspicious activity reports actually filed.” The point 

is, FinCEN is saying that merely reviewing the SARs is not enough; they do not 

even consider the possibility that any audit could take place without reviewing the 

SARs. The audit function must evaluate the SARs and the system that brings 

suspicious activity to the attention of bank personnel. 

Question: What SAR information or how much should be disclosed to board of 

directors. Should it be a general report or report each and every SAR? 

Answer: There is no formal regulatory advice on how much information should 

be reported to the board of directors. The manual illustrates two alternatives. In 

an institution where a great number of SARs are filed, a statistical summary or 

abstract should suffice for most cases. As we discussed in the Webinar, even 

when it is necessary to report information from an individual SAR to the Board of 

Directors, there should be a justification for disclosing identifying information 

regarding the individuals involved. 

The prohibition on SAR disclosure is generally aimed at assuring that the object 

of the SAR does not learn of its existence. Obviously, limiting the information to 

those who “need to know” is an internal control that helps assure that goal is met. 

Question: What does 'promptly' mean when addressing filing to the Board of 

Directors? Is the next scheduled meeting adequate even if they only meet 

quarterly? 

Answer: Reporting SAR filings to the board (or its appropriate committee) at its 

next regularly scheduled meeting (assuming they meet monthly) should suffice. 

Question: Would it be appropriate for a board member to be part of a committee 

to determine SAR filings? 

Answer: Any member of a SAR filing committee should be well trained and 

bring some form of relevant experience or expertise to the process. Being a 

board member alone does not necessarily incorporate either of those things. My 

opinion is that board membership is neither a positive nor a negative factor in 

deciding who is on the committee, consider experience and expertise only. 


Question: AmSouth seems to indicate a SAR is required on receipt of a grand 

jury subpoena. Please discuss. 

Answer: On page 3 of the consent decree FinCEN criticizes the bank for failing 

to make adequate use of outside information that could have served as a logical 

catalyst to internal investigations. One example that it cites is the fact that 

subpoenas were not shared with BSA personnel. 

However, I don’t think it suggests that receipt of a grand jury subpoena is a SAR 

filing trigger. Oftentimes, a subpoena requests the records of one person while 

the actual target of the investigation is another. In addition, even if the customer 

whose information is sought is the actual target of the investigation, there will not 

be any indication of what crimes are suspected. The proper effect of a bank’s 

receipt of a subpoena is to trigger a review of customer activity to see whether 

the bank should have suspicions of its own. 

Question: If a bank receives a subpoena, is it true that only the supporting 

documentation and not the actual SAR can be supplied? 

Answer: Yes, without calling them the “supporting documentation,” you can 

supply all documents requested, even if they were the basis for filing the SAR. 

The BSA FAQs I mentioned http://www.fincen.gov/reg_faqs.html discuss this in 

question 7. You are prohibited from disclosing the fact that the SAR was filed 

and, thus, any specifics about the actual SAR filing. 

Question: If a SAR has been filed and resulting subpoenas and investigations 

ensue, do we still need to file subsequent SARs every 90 days? 

Answer: Yes, if the suspicious activity continues, you should continue to file 

SARs. Again, referring to the BSA FAQs, http://www.fincen.gov/reg_faqs.html 

see question 8. The necessity of continued filing is not conditioned on whether 

law enforcement has or has not indicated an interest in the fact situation. 

Question: When filing 'repeat SAR' - what amount should be completed in Part 

III box #34. The amount for the current 90 days or the amount from the 

beginning of the suspicious activity? Also, when involving 'structuring,' do you 

report only the amount of the 'structured activity' or the amount of all activity for 

that account/customer for the entire review period? 

Answer: The “repeat” SAR should stand alone in its rendition of the facts; i.e. it 

should reflect cumulative amounts, not just those for the period since the last 

filing. However, it should clearly indicate there have been a number of prior 

filings on this fact situation. 

The only activity you report is that which you believe is suspicious, not 

necessarily all of the customer’s activity. 


Question: Given the fact that there is a risk the SAR can become public, why do 

you believe it is necessary for a financial institution to 'hook' the reader and state 

conclusions about the suspected criminal activity. We take the position that a 

terse statement of facts, along with checking the appropriate boxes in Item 35, is 

sufficient. 

Answer: Aside from the fact that I would not act on a presumption that a SAR 

might become public, I’m not certain that we are disagreeing dramatically. The 

bank is always going to have to indicate a specific reason for filing the SAR in 

response to question 35; it’s not something that can or should be avoided. My 

primary suggestion is that the opening paragraph reiterate that reason and 

support it with a condensed statement of facts that indicates to the reader that 

your fact situation supports your categorization. 

Question: Part iv of the SAR form is the narrative portion. There is not a lot of 

room to type. Can this page be made to expand to hold all the narrative 

information so you don't have to make several page 3 and continue your 

narrative? It would be very helpful for a expanding page three to hold all 

information. 

Answer: You might make this suggestion to FinCEN. 

Question: If the lead bank on a participation loan files a SAR should the 

participating bank be informed of the filing? 

Answer: There is plenty of room for disagreement here, but my opinion is, 

“Yes.” On one side of the scale is the prohibition against disclosure. On the 

other is the fact that the suspicious activity may have a material effect on the 

value of the credit. In addition the party to whom the information is to be 

disclosed, another bank, is subject to the same prohibition on SAR disclosures. 

Question: If a lead bank in a multi-bank loan syndication group files a SAR on 

behalf of the group, are the other banks in the group required to file a SAR? 

Answer: My opinion is, “No.” The activity has already been reported by the bank 

that has the most effective grasp of the facts involved and it is highly unlikely that 

the participating banks had enough information to have suspicions of their own. 

The participants might be provided with a copy of the SAR and file their own if 

they find they have facts not included there. Any participating bank verify its 

conclusion not to file with its regulatory agency, not because I doubt the logic of 

the approach, but because I would like some protection from the possibility that 

an on site examiner might have a personal opinion to the contrary. 


Question: After this seminar, we will be reviewing some of our previous 

suspicious activity that we had previously thought to be unreportable. We now 

believe that we should have reported these transactions as suspicious. What are 

the ramifications for reporting these past the 30 day threshold and are there any 

penalties? 

Answer: Your analysis should focus on a comparison of what happens if you do 

file them versus what happens if you do not. If, as you suspect, they should have 

been filed, leaving them for your regulatory agency to discover will likely result in 

being directed to file them at some future date and may include a possible 

enforcement action. The primary lesson to be learned from AmSouth is that it 

was systemic, not individual, failures that got punished. It sounds as if your 

problem, although attributable to a misunderstanding of what was reportable, 

might be categorized as systemic. 

If you file them now, without regulatory compulsion, you will lessen, if not 

eliminate, the regulatory impact. There are no “automatic” penalties for late filing. 

Without knowing the size of your institution or the number of SAR situations you 

are thinking about reviewing, it’s difficult to be specific. However, I believe you 

might look at all your possible SAR “cases” since your last on site examination. 

For those that you did not file where you determine the decision was appropriate, 

document the reason for not filing; i.e. write a brief memo saying why the SAR 

was not filed. For those where you determine that the SAR should have been 

filed, file it promptly. I suggest you include a short paragraph in the narrative 

indicating why the SAR is being filed late. Involve your audit staff in the analysis 

and remediation of the problem. When the SARs that are being filed in arrears 

are reported to the board they should be accompanied by an explanation of why 

they are being filed late. 

The protocol generally followed in regulatory examinations is that if the bank both 

found and fixed the problem, the regulatory agency should not attempt to criticize 

the bank further. However, you must fully identify and fully repair the problem as 

well as put in controls to assure it does not recur in order to claim that “grace.” 

Question: If a teller is the person discovering the suspicious activity, shouldn't 

they be trained to correctly fill out the SAR since he/she is the person who knows 

the 'story' about the suspicious activity? 

Answer: Many banks have forms that all employees are required to complete 

when they are aware of suspicious activity. Some even base those forms on the 

SAR. Those in-house forms may instigate and serve as the source document for 

investigations. However, I do not believe that SAR completion responsibilities 

should be extended to any significant number of employees or that any contact 

personnel would be up to the task. Nor would I suggest that the employee most 

intimately familiar with the fact situation is necessarily the one who should 


complete the form. I think completing the form requires its own kind of expertise 

and the author can verify his or her understanding of the facts pretty readily. 

Question: How does a bank file a copy of a SAR with local law enforcement 

agencies? I thought it was required to keep SAR filings confidential? 

Answer: The regulations only “encourage” you to file SARs with state or local 

law enforcement. Purely as a matter of personal opinion, I do not think it is 

usually necessary or advisable. First, state and local law enforcement have 

access to the SAR data base through the Gateway program. Second, 

presumably they have their own internal controls over who can have access to 

that system and what use can be made of that information. When you give the 

information to the individual of your choosing, you subvert those internal controls. 

Third, any decision to provide the information state and local law enforcement 

should be conditioned on an evaluation of relevant state law. 

Question: It states that any bank subpoenaed shall decline to produce the 

suspicious activity report or to provide any information that would disclose that a 

SAR has been prepared or filed but you stated that local law enforcement can 

request information involving a SAR & we should release information to them? 

Please explain. 

Answer: As noted, purely as a matter of personal opinion, I do not suggest that 

you file SARs locally. However, see paragraph (e) on page 8 of your materials, 

particularly the last sentence: 

“A bank must make all supporting documentation available to appropriate law 

enforcement authorities upon request.” 

If local law enforcement has the SAR you have pretty much made the decision 

that they are an appropriate law enforcement agency. Are you going to give 

them the supporting documentation like you would an FBI or DEA agent even 

though they do not have a subpoena? I would not, but I would be dealing with a 

problem of my own making when I was explaining the refusal to do so. 

Question: We are a non-deposit mortgage lender, are we required to file a SAR 

when we find fraud committed by our borrower… 

Answer: “Banks” as defined in the BSA regulation are required to file SARs. 

Here’s a link to the relevant section: http://www.bankersonline.com/regs/103/103- 

11.html My reading is that your organization is not included in the definition. 


ANTI MONEY LAUNDERING PROGRAM 

Question: From a regulatory exam standpoint, how important is a 

product/business line risk assessment in establishing a financial institution's 

BSA/AML policy, how detailed does documentation of the risk assessment need 

to be, and have the regulators published any guides for internal auditors to 

facilitate the review of policy documentation? 

Answer: It is critical. It is the second document requested in the FDIC’s recently 

revised pre-examination questionnaire. In the Amsouth decree one of the 

internal control deficiencies cited was that “…AmSouth failed to conduct a risk 

assessment of its customer base to identify categories of high risk customers, 

products and geographic locations.” 

As a practical matter, it is impossible to design an effective AML program without 

first conducting a risk assessment. 

The regulators’ only attempt at providing guidance on what is acceptable 

documentation is that which they provide to their own personnel through 

examination procedures. Auditors should consider them the equivalent of 

generally accepted auditing standards and, when they are not sufficiently 

detailed, enhance them based on their own knowledge and experience. 

Question: Is there a sample written AML risk assessment anywhere we could 

view? 

Answer: I’m not aware of any. Those looking for a “go by” might consider that 

developing a written risk assessment is analogous to developing a written policy 

– the value is in developing it, not in having it. The information the bank has to 

pull together is about the bank, its clientele and its community – no outsider 

should know more about that than you. That real value of the exercise is to help 

you decide what the right AML program for your institution would look like and to 

help you defend that decision to an outsider who might disagree with you. 

Question: Do you have any tales from the trenches that involve risk 

assessments and their impact in developing BSA/AML policies? 

Answer: http://www.fincen.gov/amsouthassessmentcivilmoney.pdf 

Question: Does connection with any of these countries include if they have 

family members over there? 

Answer: Yes. 

Question: What is a NAICS code? 


Answer: It’s a numeric code that identifies a specific industry. Its use allows 

banks to identify concentrations of credit or to develop lists of customers involved 

in particular types of businesses; e.g. check cashers. Page 26 in your materials 

contains a link to the NAICS web site and a detailed explanation of how the 

codes are established. 

Question: What is Vanilla version in Monitoring Section? 

Answer: During the Webinar I believe I referred to the Internal Controls 

paragraph on page 25 as the “vanilla” approach to an AML program; i.e. the 

lowest possible level of effort and sophistication. I referred to the possible 

ancillary internal controls at the bottom of the same page as “sprinkles.” 

Question: If we have a high risk business that we can not monitor, how do we 

legally tell them that we can no longer support their business? 

Answer: There is no prohibition on your simply telling them the truth. “Our 

bank’s federal regulatory agency requires us to monitor the activities of a 

[business]. We are unable to meet those requirements in a cost effective manner 

and, thus, regret that we must terminate this relationship.” 

Question: How do you determine if a customer is structuring to avoid CTR filing? 

Answer: When their cash activity appears to follow a pattern of avoidance. For 

example, multiple cash deposits made the same day but at different branches; 

consistent cash deposits of $9,900, but never a cash deposit exceeding $10,000 

etc. You should investigate to determine if there is an alternative explanation for 

unusual cash activity. 

Question: Is the $1,000 threshold with any one person on the same day Or is it 

the fact that they can engage in selling/exchanging money orders,etc. necessary 

to be defined as an MSB? 

Answer: The threshold is dollar based. From the MSB web site: 

1. Question: Who is required to register as a Money Services Business (MSB)? 

A business is an MSB and must register if it conducts more than $1,000 in business with 

one person in one or more transactions (in any category of activity listed below) on the 

same day in one or more of the following services: 

• Money Orders 

• Traveler’s Checks 

• Check Cashing 

• Currency Dealing or Exchange 

OR the business provides Money Transfer services in any amount. 


Question: When we have a mom & pop store that cashed a check over $1,000. 

We notify them they need to register as a MSB. We file SAR. Do we continue to 

file SAR anytime they cash over $1,000 until they get registered? Or do we need 

to close them out after the 2nd check that is cashed for $1,000? 

Answer: My interpretation is that you do not file a SAR for every single instance 

of check cashing for an MSB. You filed the first form because they were not 

registered. You continue to file a SAR every 90 days under the heading of 

continuing activity. The regulators will not give you any firm direction regarding 

SARs and account closure. See question # 5 

http://www.fincen.gov/reg_faqs.html 

In the case of an MSB, I suggest you consider the cost of continuing to monitor 

their activity and file SARs. In other cases, such as where you believe the 

customer is involved in illegal activity such as selling drugs, I suggest you 

evaluate whether you want to provide financial services to such people. 

Generally, if you plan to close an account on which you have filed SARs in the 

past I suggest you mention your plan in the last SAR you file, giving law 

enforcement 30 days notice of your plans. See the example on page 46 of your 

materials. 

Question: If you identify a customer as an MSB due to periodic activity of 

cashing checks in excess of $1,000, but the customer was unaware of the 

requirement, would you file a SAR if the activity immediately ceased? 

Answer: The regulatory guidance on this point only suggests a SAR is 

necessary if an MSB continues the relevant activity without registering. 

Question: If we see that a customer is structuring, but not involved in illegal 

activity, should we (and how should we) tell the customer to discontinue this 

pattern of activity. (A SAR was filed, but the account not closed. Of course, the 

customer would not be informed of the filing.) 

Answer: Here’s a lengthy thread from BOL where this subject was discussed 

recently: 

http://www.bankersonline.com/ubbthreads/showflat.php?Cat=0&Board=cip&Num 

ber=224230&Searchpage=1&Main=223481&Words=Ken+kaybee&topic=&Searc 

h=true#Post224230 

By referring you to this, you will get the benefit of several opinions. Personally, I 

think that counseling a customer not to structure is acceptable and have laid out 

the conditions under which it might reasonably be done. 

Two speakers from the FDIC at the ABA MLES seminar did not feel counseling 

was acceptable. Although they gave no reason for their opinions, they felt the 


ank should only attempt to determine “what’s going on” not to talk to the 

customer about CTR filing. 

Question: Suppose the bank has a deposit and loan customer that they have 

heard is involved in drug sales. This customer also does construction work. He 

has wire activity. They have filed CTR's on this customer. He structured a 

transaction taking $9,999.00 in cash from a $20,000 check which was payment 

for construction work and deposited the remainder. The bank has to file a SAR 

because of the structuring. Based on the above information how much of that 

information should be put in the narrative? 

Answer: Although it is the obvious structuring that triggered the SAR, I would 

include the other information. The SAR should be as complete a rendition of the 

relevant facts as possible. Without it, reporting the structuring is required, but the 

report is a waste of time and effort. 

SHOULD WE FILE? 

In none of the questions that follow am I suggesting that the bank should 

or should not file a SAR. That decision is to be based on a significant 

amount of research and a full knowledge of the facts – in none of these 

cases do I have enough information to reach any conclusion which would 

be defensible by either myself or the questioner. 

Question: We have been receiving several fraudulent cashier checks from Ebay 

purchases. If the check is over $5,000 is this reportable on an SAR? We don't 

usually have the information of who the check was from without getting more 

information from the customer. They may question why we need that 

information. When we know we have a fraudulent cashier check in our hand, 

what can we do so that check does not get taken to another bank when we give it 

back to the customer. Can we write refused on it or mark it some other way? Is 

there a procedure for this? 

Answer: If the check was actually deposited to your institution and returned as 

“fraudulent” it would be check fraud. In that circumstance, I assume the 

customer would be cooperative in providing you with whatever information is at 

his disposal, but, as your question suggests, the dollar threshold would be 

$25,000 if you were unable to identify a suspect. If the fraudulent item was 

caught prior to deposit and returned to the customer, then I do not think a SAR is 

necessary or appropriate – there was no transaction through your bank. 

Your second question doesn’t actually relate to SAR filing, but it is intriguing and I 

have saved it until last in order to give it some thought. I do not think you can 

reasonably keep the check, but I’m not comfortable with marking it as 

“fraudulent” or “counterfeit” either – my opinion is that only the drawee bank 


could do that with confidence. In an effort to enlist other opinions, I have posted 

the question in BOL’s Security Forum. 

Question: We have a customer who was caught in a scam out of Canada. He 

received a $29,000 from Canada, which was counterfeit - he deposited it. He 

then took part of the money and deposited it at a bank that the letter instructed 

him to. Is this reportable? 

Answer: Since the check was deposited in your institution, it was check fraud. 

Question: If a customer is a victim of a lottery scam, should the bank file a SAR. 

The bank did not incur a loss. 

Answer: Although the SAR asks for the amount of any loss the bank may have 

incurred, reporting is not conditioned on that fact alone. The issue is whether 

your bank was used to further the transaction. 

Question: Should we be completing a SAR for any customers that we believe 

have given us an invalid ss #? 

Answer: An invalid taxpayer identification number may be evidence that you 

would cite as part of an attempt to commit a crime such as loan fraud or identity 

theft, but offering a false taxpayer identification number is not a crime in itself. 

Question: Several months ago we had a counterfeit ring cash several counterfeit 

checks. Local law enforcement was notified and most of the suspects were 

apprehended. The question arose from our CEO about whether a SAR should 

have been filed. It is my understanding that a SAR only need be filled out if there 

is suspicion of criminal activity, not when criminal activity is known. Does a SAR 

need to be filled out or is this a situation where a SAR is unnecessary? 

Answer: Actually knowing that the customer is involved in illegal activity does 

not lessen the responsibility for filing a Suspicious Activity Report. In several of 

the SAR filing omissions cited in the AmSouth decree, the parties involved had 

not only already been convicted, not just accused, of committing crimes. The 

bank is required to report when it becomes suspicious, even if law enforcement 

became suspicious long before… 

Question: A former employee takes a customer's loan application to an 

institution where they are now employed. The application was never processed 

through our institution. It was processed through the new employer. 

Subsequently, an adverse notification was sent to the customer on the other 

bank's letterhead. The customer was confused and did not know what was going 

on. The customer refuses to provide evidence nor press any charges. Does the 

bank file a SAR on the employee? If so, under what scenario (explanation). 

We do not have any proof except the customer's word that this occurred. 


Answer: Clearly, the employee abused his position in the practical sense, but 

there does not appear to be any federal crime involved. 

Question: A non U.S. bank customer that is an import of consumer goods gets 

several cash advances on his non US visa card and deposits it into his acct with 

us. He does this because his US customers will only take US checks or currency. 

Should a SAR be filed? We don't think so. He does not get cash 

Answer: Clearly, his method of financing is unconventional. You should 

investigate further and make certain you understand how your customer’s 

business works – I do not. 

Question: In the credit card industry, we see cases of family fraud, where a 

family member uses the identity of another. Is this a SAR reportable activity? 

Answer: The legal relationship between the perpetrator and the victim; e.g. 

parent – child does not affect whether the crime is reportable. 

Question: Should a SAR be filed if the activity involves an indirect loan 

relationship where the dealer is inflating the salary of the applicant to get the loan 

approved? 

Answer: Lying about income, assets, liabilities etc. on a loan application would 

constitute loan fraud. 

Question: Is a SAR filing required for counterfeit checks received in conjunction 

with a Nigerian scam? Are there $ amount thresholds? 

Answer: If a monetary loss has not been incurred from an advance fee fraud 

scheme and there are no other indicators of illegal activity warranting the filing of 

a Suspicious Activity Report, a financial institution should not file a Suspicious 

Activity Report and no further action is necessary. See page 47 (document, not 

PDF page number) on SAR Activity Review # 7 

http://www.fincen.gov/sarreviewissue7.pdf 

Question: We had a part time teller who tried to pass a counterfeit 20 at a store. 

He was caught and the bank was questioned. He was prosecuted. Should we 

have reported it, or because it was actually caught can we pass on filing? 

Answer: Whether the employee was caught does not affect your filing 

responsibility. However, there is no indication that your bank was actually 

involved in the employee’s actions; i.e. there is no evidence that he abused his 

position in connection with passing the counterfeit currency. 


Question: A construction customer deposited 355,000.00 & has told the 

manager that the contract they were awarded will total 1 mil in cash, should we 

file an SAR? 

Answer: I am assuming that the $355,000 deposited to date was in currency. If 

that’s the case and you are looking at the prospect of another million dollars, I 

would focus on the last paragraph of the Treasury regulation on page 7 of your 

materials: 

(iii) The transaction …is not the sort of transaction in which the particular customer 

would normally be expected to engage, and the bank knows of no reasonable 

explanation for the transaction after examining the available facts, including the 

background and possible purpose of the transaction. 

It comes down to whether you think that either an individual or a business would 

actually pay for a project of this size in currency. 

Question: A contractor with several loans indicates that work is being done in 

the next few days, and the officer gives the draw. The work is not done, and the 

money is spent without paying for the materials or doing the work. Granted, it 

was poor judgment, but it appears that the officer was shocked that the work was 

not done, and not involved with the contractor. 

Answer: If you are asking if the officer should be included as a suspect on the 

SAR, your question seems to indicate that you have reached the conclusion that 

he is not suspected of involvement. If you do not suspect him of a criminal act, 

he should not be listed as a suspect. 

To say that many SAR filing decisions are subjective burdens the obvious, but it’s 

particularly true when employees are involved. In my opinion, you don’t file 

SARs every time a teller is short, nor do you do file a SAR every time a loan is 

charged off. An employee might be fired in either of those circumstances 

because he failed to follow procedures, but that does not mean his intentions 

were criminal. If you do believe the employee’s actions were criminal, you do list 

him as a suspect and then consider whether retaining him as an employee is 

advisable. 

Question: Under what conditions should a SAR be filed in regards to Kiting? Do 

you have to show malicious intent? 

Answer: Kiting is a federal crime that falls under the heading of “bank fraud.” 

Unlike the previous example, incompetence is not an alternative explanation – 

kiting is something that people do on purpose and it’s always a crime. See the 

discussion on page 47 (document, not PDF page number) of SAR Review # 7 

http://www.fincen.gov/sarreviewissue7.pdf 


Question: What about filing under the circumstances where an unsecured 

guarantor is transferring personal assets while the related corporate loan is in a 

workout or in default? 

Answer: If you conclude that the actions are intended to defraud your institution 

of resources from which the indebtedness could be paid you would file. I would 

assume that you would take civil action to stop the guarantor’s actions well 

before you considered filing a SAR. 

Question: Do you think we should file a SAR if we are aware that an outside 

source has taken graphics and logos, etc. from our website. In addition, we are 

aware that another Bank in our localiity has also had the same penetration into 

their website. No computer intrusion and no customer information impacted at 

this time. 

Answer: From the instructions to the SAR: 

For purposes of this report, “computer intrusion” is defined as gaining access to a 

computer system of a financial institution to: 

a. Remove, steal, procure, or otherwise affect funds of the institution or the 

institution’s customers; 

b. Remove, steal, procure or otherwise affect critical information of the institution 

including customer account information; or 

c. Damage, disable or otherwise affect critical systems of the institution. 

For purposes of this reporting requirement, computer intrusion does not mean 

attempted intrusions of websites (emphasis added) or other non-critical 

information systems of the institution that provide no access to institution or 

customer financial or other critical information. 

Question: Will you have a SAR presentation covering Credit Cards and many of 

the unique situations encountered by the industry? 

Answer: There are no current plans, but BOL is very responsive to member 

requests – if they think there is enough demand to support a Webinar on a 

particular topic they will do it. Any time you have a request for a program, let 

Mary Beth know what you are looking for. 

MISCELLANEOUS 

Question: How many CTR's are getting file monthly, particularly in my state of 

Iowa? 

Answer: That information is contained in the “By the Numbers” publication linked 

in page 2 of your materials. 


Question: Do all vendor payments need to be reviewed against the OFAC list? 

Answer: There is no legal requirement that you verify anything against the 

OFAC list. What you check against the OFAC list is a function of your bank’s 

unique tolerance for risk; i.e. your analysis of the possibility that one of your 

vendors may be on that list relative to the amount of time it would take you to 

check the list. 

Question: Can the bank open an account for an individual who has a passport 

from a country on the OFAC list? e.g., a customer with a passport from Cuba? 

Answer: The OFAC sanctions are not uniform from one country to another; i.e. 

you cannot generalize about the effects on the citizens of a particular country. 

The information on the sanctions against a particular country are found on the 

OFAC web site, but BOL contains a much more user friendly synopsis: 

http://www.bankersonline.com/ofac/ofacchart.html

facta1104_qanda - BOL Learning Connect

Create successful ePaper yourself

Delete template?

Save as template?