Five key U.S. financial regulatory bodies, including the Financial Crimes Enforcement Network (FinCEN), jointly issued a set of Frequently Asked Questions (FAQs) on October 9, 2025, to clarify requirements related to Suspicious Activity Reports (SARs). Nasdaq Verafin convened a targeted session of our Customer Advisory Group (CAG) to meet with AML leaders from several prominent mid-sized financial institutions to gather their feedback and dissect the practical implications of this guidance.
SAR FAQ Feedback from our Customer Advisory Group
The consensus was clear — the FAQs largely serve as a validation of existing risk-based best practices rather than a mandate for radical change. The intent of the FAQs was likely to assist financial institutions with streamlining and making their SAR filing processes more efficient; instead, it confirmed current best practices while adding unnecessary ambiguity. The banks agreed that while the guidance opens the door for targeted efficiency gains, particularly in documenting “no-SAR” decisions and closing continuing activity reviews, it does not signal a need for wholesale programmatic shifts.
AML programs of mid-sized financial institutions ($10-$100 billion) tend to be highly nimble and progressive due to the experienced leadership of risk-focused professionals leading these programs. The CAG discussion highlighted a mature industry approach, focused on leveraging technology and sound judgment to focus resources on the highest-risk activities, while also keeping a wary eye on the potential unintended consequences of pending legislative proposals like the Streamline Act.
The CAG discussion focused on three questions from the FAQ. The question on Continuing Activity Reviews – Timeline, did not pose a material change to current guidance and wasn’t discussed.
SAR Filings for Potential Structuring-Related Activity: A Clarification, Not a Change
The guidance clarified that transactions “at or near the currency transaction reporting (CTR) threshold” do not require a SAR filing unless the institution suspects they are “designed to evade BSA reporting requirements.” For the meeting participants, this did not represent a change in process. Their programs are already designed to detect illicit activity beyond simple transaction amounts. One member of the group pointed out the nuance required in these investigations: “They’re asking us to determine intent here. That is not our job to determine intent. We’re here to determine a level of suspicion.” This highlights the core of the issue — the role of a financial institution is to identify and report suspicion, not to prove a criminal case or even intent.
This guidance was likely intended to reduce “defensive” filing of SARs, but the group members asserted that they already had sound policies in place to avoid such filing. A more efficient option was discussed, such as streamlining the structuring SAR process to a simple spreadsheet with pertinent customer information and the suspect transactions. The purpose of SAR filing is to pass on intelligence to law enforcement to use in their investigations. Taking the time to identify if a customer has criminal intent is not the domain of bankers but for law enforcement professionals to decide. To this end, FinCEN should devise a much more efficient process such as a simple spreadsheet of activity which should be implemented rather than reiterating current requirements
Continuing Activity Reviews: A Conundrum—To Review or Not to Review?
This FAQ received the most discussion on clarifications around whether a financial institution is “not required to conduct a separate review, manual or otherwise, of a customer or account following the filing of a SAR to determine whether suspicious activity has continued.” It suggests institutions “may rely on risk-based internal policies, procedures, and controls to monitor and report suspicious activity as appropriate, provided those internal policies, procedures, and controls are reasonably designed to identify and report such activity.”
The CAG panel agreed that they will not eliminate the continuing activity review processes at their banks. The current process acts as a kind of “safe harbor” allowing the bank to delay reviewing that customer and any AML Transaction Monitoring alerts for a 90-day period. Going to a different risk-based process could result in more work, requiring a review of individual alerts under standard policy requirements and resulting in more SARs being filed. A CAG member articulated the group’s concern: “I felt like removing the continuing activity review would actually create more work because we’d have to react to every alert as it got initiated.”
Instead of elimination, the focus could shift to significantly streamlining the closure of these reviews when no new suspicious activity is detected. Rather than a full investigation, a simple, concise statement will suffice.
The group agreed that the most impactful aspect of this guidance is for continuing SAR activity related to fraud. The follow up review process for many fraud investigations should be discontinued, particularly where a first party account has been closed/charged off or other mitigating actions that make a recurrence of the activity unlikely.
Using technology to continue automatically opening a follow-up case after SAR filing and attaching any alerts that appear in the 90-day review period to the case was also discussed. If no pertinent alerts (identifying the same type of unusual activity as the original SAR) occur in the review period, the case can simply be closed with a brief explanation rather than a robust narrative and strict activity review requirements.
No SAR Documentation: Streamlining Documentation—The “No-SAR” Decision
The new guidance explicitly states what many in the industry have long practiced: “There is no requirement or expectation under the BSA or its implementing regulations for a financial institution to document its decision not to file a SAR.” While FinCEN encourages documentation, it affirms that a “short, concise statement” is often sufficient.
This was a welcome clarification for CAG participants, who see it as a tool to affirm their streamlined processes against auditor or examiner pressure. A member of the CAG noted their institution had already moved in this direction:
“We got really aggressive a few years ago where we got rid of our SAR committee altogether. We allow our analysts to make risk-based decisions on their own and we monitor those decisions through quality control testing. We did this when we moved over to Nasdaq Verafin, as it gave us an opportunity to say, look all the information is right there. All I really need is, just in a couple of sentences, tell me your opinion based on your analysis and leave it at that.”
This sentiment was echoed by others who have worked to eliminate redundant documentation. The group also reached a consensus that the logic extends beyond formal case investigations. I personally believe that every alert decision is a no-SAR decision, not just the decisions made during escalated case investigations suggesting that the same principle of concise, risk-based documentation can be applied at the very top of the investigatory funnel, creating significant efficiencies if banks are not already there.
Affirmation and Optimization
The industry’s apparent reaction to the new SAR FAQs is not one of upheaval, but of quiet affirmation. The guidance validates the risk-based, technology-forward approach that leading institutions have already adopted. The key opportunities lie not in dismantling existing processes, but in refining them. By streamlining documentation, optimizing continuing activity reviews, and leveraging technology for greater efficiency, financial institutions can better focus their resources on detecting and reporting the suspicious activity that poses the greatest risk, fulfilling their crucial role in the fight against financial crime.
In my next blog, I’ll focus on the potential impact the Streamline Act could have on SARs for the financial industry.
About the Author:
CHUCK TAYLOR
CAMS, CAFP, Head of AML Commercial Strategy, Nasdaq Verafin
Chuck serves as the subject matter expert on AML regulations, industry trends, and best practices for financial crime prevention for Nasdaq Verafin. His role involves providing strategic insights to enhance the company’s financial crime solutions and assisting clients in navigating complex compliance requirements.
Prior to joining Nasdaq Verafin, Chuck served as Executive VP, Head of Financial Crimes Advisory (FCA) at AML RightSource. The FCA Practice at AML RightSource is a full-service advisory consultancy providing BSA Program support for all types of covered financial institutions.
Prior to Joining AML RightSource, Chuck was SVP and BSA Officer for City National Bank (CNB) a subsidiary of Royal Bank of Canada (RBC). Chuck had oversight responsibility for all aspects of the BSA function including maintenance of the Bank’s BSA program, BSA Risk Assessment, AML Transaction Monitoring, Currency and Suspicious Activity Reporting, Customer Identification Program, Sanctions filtering and BSA Training.
