FinCEN: FAQs on Suspicious Activity Reporting

KPMG Regulatory Insights

• Recalibration: Re-evaluate current policies and controls, and consider alternative approaches, including leveraging technology, to achieve a more risk-based, effective suspicious activity reporting. AML/CFT risks remain, and Treasury messaging is clear—institutions should risk-focus resources (including technology investment) but avoid reducing anti-financial crime efforts.
• Measured Steps: When considering programmatic changes, ensure appropriate governance routines are followed, perform requisite analysis to corroborate, and collaborate with legal counsel; changes should not be abrupt but rather take a measured step-by-step approach to ensure internal and supervisory buy-in.
• Communication: Socialize proposed changes early with internal audit and regulatory supervisors to ensure the program remains in good standing.
• More to Come: These FAQs and recent Treasury leadership remarks signal strong momentum in broader AML/CFT “modernization” efforts. Continue to monitor regulatory updates and socialize with senior management.  

________________________________________________________________________________________________________________________________

October 2025

The Financial Crimes Enforcement Network (FinCEN) along with the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), and the Office of the Comptroller of the Currency (OCC), jointly issued responses to four Frequently Asked Questions (FAQs) to provide clarity to certain requirements related to suspicious activity reports (SARs). The FAQs include:

1. SAR Filings for Potential Structuring-Related Activity
2. Continuing Activity Reviews
3. Timeline for Continuing Activity Review SAR Filings
4. Documentation of No SAR Decisions

FinCEN states that the answers to these FAQs do not alter existing Bank Secrecy Act (BSA) legal or regulatory requirements or establish new supervisory expectations. In public comments, the Treasury Secretary stated the FAQs are “commonsense yet consequential reforms that will ease regulatory burdens without undermining law enforcement efforts.” He added that they are part of a larger effort to reform supervision and enforcement of the BSA and the anti-money laundering/countering the financing of terrorism (AML/CFT) framework.

Notably, supervisory manuals and materials, including the FFIEC Bank Secrecy Act/Anti-Money Laundering Examination Manual, have not yet been updated to reflect the guidance provided by the FAQs. We anticipate further policy updates to align with FinCEN Director Gacki’s public comments that acknowledged an “urgent” need to modernize the AML/CFT regime and that AML/CFT programs should be “effective, risk-based, and focused on the greatest threats to financial institutions and national security.”

1.  SAR Filings for Potential Structuring-Related Activity

Clarification: For potential structuring-related activity, financial institutions are only required to file a SAR if the institution “knows, suspects, or has reason to suspect” that a transaction or series of transactions are “designed to evade CTR reporting requirements.”

2.  Continuing Activity Reviews

Clarification: Following a SAR filing, a financial institution is not required to conduct a separate review to determine if suspicious activity has continued. A financial institution may instead rely on “risk-based internal policies, procedures, and controls” to monitor and report suspicious activity, as appropriate, “provided those internal policies, procedures, and controls are reasonably designed to identify and report such activity.”

3.  Timeline for Continuing Activity Review SAR Filings

Clarification: If a financial institution elects to file a SAR in accordance with continuing activity guidance, the timeline when a subject has been identified is:

• Day 0: Detection of facts that may constitute a basis for filing a SAR
• Day 30: Filing of initial SAR
• Day 120: End of 90-day period
• Day 150: Filing of a SAR for continued suspicious activity

4.  Documentation of No SAR Decisions

Clarification: The BSA or its implementing regulations do not require a financial institution to document the decision not to file a SAR. If the financial institution chooses to document its decision not to file a SAR, the level of documentation may vary based on the specifics of the activity being reviewed and “need not exceed that which is necessary for the institution’s [risk-based] internal policies, procedures, and controls.”