Anti-money laundering (AML) practitioners can barely go a week without receiving an invitation to a presentation promising how to create the “perfect” Suspicious Activity Report (SAR). Unfortunately, these tend to be brought from either the granular perspective of the presenter’s business type, or from the broad strokes of the FFIEC BSA/AML Exam Manual.
A line must be drawn in the sand to say that there is not now nor will there ever be a truly “perfect” SAR. In an environment of ever changing standards, where there is a vast diversity of talent drafting the SAR, a plethora of reasons to file a SAR, and an array of quality assurance staff adjudicating the SAR, aiming for perfection is too much of an ethereal concept. Similar to many other efforts in the workplace and in personal life, the objective should be simply and elegantly stated in a single word — balance.
A Balanced Approach
Balance begins with understanding the twofold purpose of SAR filing: i) to report what the institution perceives as illicit finances; and ii) in so doing, (broadly) demonstrate the strength of the institution’s AML program. Therefore, having a balanced SAR approach means that the institution is doing the right thing in terms of the letter and spirit of the law, and the pleasant side effect will be the desired regulatory fitness level.
Usually, when a SAR filing is called out in an enforcement action, it’s because the reports were incoherent, insufficient, or inconsistent. Those same enforcement actions note that SAR-critical information was missing from the SAR too. Thus, SAR balance must come from having a SAR that is functional, meaning that it delivers the intended reader with a salient message about the client’s purportedly illicit activity and that it provides some level of assurance to a stakeholder that the AML program is regulatorily operational.
An Imbalance in the Force
The diagnosis of imbalance can be easily found somewhere in the traditional AML compliance pillars of the Bank Secrecy Act, broken down into two broad categories:
Processes, Systems & Controls — Absent a data-feed issue, the most common types of errors are caused by manual input. In the SAR form, these manifest as typos, transpositions, or omissions. To a tester, this means that either the underlying Know Your Customer (KYC) information that is being fed into the SAR form was done incorrectly (e. a data quality issue), or that the SAR preparer does not have the time or an adequate manual to rely on for SAR completion. These issues will come about fairly consistently across a sample, and they need to be diagnosed at the root as either timing, data, or oversight related.
Procedures, Staffing & Training — SAR preparers tend to be some of the most diverse in background among the staff in an AML function, often bringing equally varied levels and depths of training. Staffing/training inconsistencies show themselves as, for example, the same illicit activity being described in diametrically opposed ways by two different preparers, or worse yet, the same preparer. These types of errors could also be rooted in understaffing of the SAR preparer role, meaning that there is more of an emphasis on SAR filing or dispositioning alerts, rather than on performing these functions accurately. Bringing alignment to these ailments requires the updating of operations manuals followed by training on those updated processes.
Maintaining Balance in an Ever Changing Environment
One last diagnostic consideration is within the quality control process itself. Many institutions have implemented either a prefiling quality control check or post-filing quality assurance analysis. These processes are designed to serve as a pseudo-audit of SARs, yielding a quality assurance report and often times a “grading” matrix for the SARS and their preparers. A major source of imbalance comes from the implementation of these programs because SAR preparers find themselves so concerned with getting a positive assessment of their SARs that they develop a SAR with the quality control/quality assurance analyst’s grading matrix in mind. As a result, the institution may come under regulatory scrutiny for essentially failing to get out of its own way.
Know Your (Law Enforcement) Audience
To revisit the premise again of why institutions file SARs, meaning the spirit of the law, it is so that institutions have a mechanism to highlight a client’s potentially illicit activity. There isn’t a requirement to align a SAR to the criminal elements of a purported crime, but the more closely a SAR can highlight not just why the institution believes that activity is suspicious but also why they believe it meets the essential elements of a reportable offense the more useful it will be to its true end users — law enforcement.
This effort can of course lead to our own self-satisfaction from doing the right thing, but ultimately the desire is for law enforcement to take notice and act.
If your SAR preparers or, more to the point, the head of the SAR preparation function at your institution, have never worked with law enforcement on developing a SAR-generated case from transaction alert through court adjudication, then a critically imbalanced perspective will permeate insidiously through the SAR filing process at your institution. This is because once a SAR preparer has gone through this process, it helps them envision the real world outcome of his organization’s AML program’s efforts.
If this sounds like a tremendous amount of change and dedication, it’s because it is. SARs filing necessitates balance, but as recent panelists from both the public and private sector have reiterated, if there is ever a need to tip the scales, the deference should be towards law enforcement first.
Michael Schidlow will be speaking on upcoming panels about #KnowYourData and #ArtificialIntelligence at ACAMS 18th Annual AML & Financial Crime Conference, in Las Vegas on Sept. 22-25.