Suspicious Activity/Transaction Report (SAR/STR)
What is a SAR / STR?
A SAR (Suspicious Activity Report) or STR (Suspicious Transaction Report) is a formal regulatory filing made by a financial institution or other obliged entity to the relevant national Financial Intelligence Unit (FIU). It is filed when the institution knows, suspects, or has reasonable grounds to suspect that a transaction or pattern of activity involves money laundering, terrorist financing, or a predicate offence.
The report is the primary mechanism by which private-sector intelligence feeds national AML enforcement. Our AML compliance complete guide sets out where SAR/STR filing sits inside the wider AML programme.
Filing a SAR or STR is a legal obligation under AML laws in every major jurisdiction. Failure to file when grounds exist, late filing, or materially incomplete filings all attract regulatory enforcement.
What does the "S" stand for?
In SAR, the S stands for Suspicious — Suspicious Activity Report. In STR, the S stands for Suspicious — Suspicious Transaction Report. The terms are sometimes shortened to "SARs" or "STRs" in the plural.
Difference between SAR and STR
The terms are often used interchangeably, but they have a precise distinction in many jurisdictions.
SAR — Suspicious Activity Report
A SAR covers a broader category — suspicious activity, behaviour, or patterns that may not yet be tied to a single completed transaction. SAR is the primary term in the United States (filed with FinCEN under the Bank Secrecy Act), Canada (filed with FINTRAC), and India (filed with FIU-IND).
STR — Suspicious Transaction Report
An STR focuses on a specific suspicious transaction or set of transactions. STR is the primary term in the European Union, United Kingdom, United Arab Emirates, Singapore, Hong Kong, and most of Asia and the Middle East.
Practical overlap
In practice, the conceptual distinction between activity-based and transaction-based reporting has blurred over time. Many jurisdictions accept (and in some cases require) both pre-transaction suspicions and post-event activity-based filings under whichever name the local law uses. The substantive content and obligations are broadly similar across regimes.
SAR vs STR vs CTR: quick comparison
| Filing | What it reports | Trigger | Common terminology |
|---|---|---|---|
| SAR | Suspicious activity, behaviour, or patterns | Suspicion of money laundering, terrorist financing, or predicate offence | US, Canada, India |
| STR | Specific suspicious transaction(s) | Same as SAR — knowledge, suspicion, or reasonable grounds | EU, UK, UAE, Singapore, most APAC |
| CTR | Currency Transaction Report — large cash transactions | Cash threshold (e.g., USD 10,000 in the US); no suspicion required | US, Canada, Australia, similar |
When must a SAR / STR be filed?
A SAR or STR must be filed when the obliged entity knows, suspects, or has reasonable grounds to suspect that a transaction or activity involves money laundering, terrorist financing, or a predicate offence. The legal trigger does not require certainty — reasonable grounds to suspect is enough. Our overview of the five pillars of an AML programme sets out where SAR/STR filing sits in the wider supervisory framework.
Filing deadlines
Filing deadlines vary by jurisdiction. In the United States, SARs must be filed with FinCEN within 30 days of detecting the suspicious activity (extendable to 60).
In most other major jurisdictions — the EU, UK, UAE, Singapore — STRs must be filed as soon as practicable after the suspicion arises, with no fixed numerical deadline but a strong supervisory expectation of promptness.
Internal vs external STR
Many institutions distinguish between internal STRs (raised by frontline staff or systems and escalated to the MLRO for review) and external STRs (the formal filing to the FIU after MLRO decisioning). Internal STRs are part of the institution's case-management trail; only the MLRO-approved external filing reaches the regulator.
How SARs and STRs are filed
A typical SAR/STR filing workflow runs through five stages, from detection to recordkeeping:
- Detection — the institution's transaction monitoring system, frontline staff, screening hits, or external referrals raise an alert flagging activity that may be suspicious. Our transaction monitoring primer covers the detection layer in depth.
- Investigation — a compliance analyst reviews the alert, gathers supporting evidence (customer profile, transaction history, beneficial-ownership data, screening hits including outputs from AML screening) and assesses whether suspicion is warranted.
- MLRO escalation and decisioning — confirmed cases are escalated to the Money Laundering Reporting Officer (MLRO), who makes the final decision on whether to file. The MLRO has the authority to file without management approval.
- Filing — the SAR/STR is filed with the relevant FIU through the prescribed channel — FinCEN's BSA E-Filing System in the US, goAML in the UAE and many other countries, national e-filing portals elsewhere. The filing captures the parties, the transactions, the basis for suspicion, supporting evidence, and the reporting officer's narrative analysis — supported where relevant by guidance from our sanctions screening AML guide.
- Recordkeeping and follow-up — the institution retains the SAR/STR and all supporting evidence for the AML recordkeeping period (typically five years or more). The FIU may request additional information through follow-up communications.
Tipping-off prohibitions
Every major AML regime makes it a separate criminal offence for the institution to inform the customer (or any unauthorised third party) that a SAR or STR has been filed or is being considered. The prohibition is strict: even hints, account-closure rationales that reveal the underlying reason, or acknowledgements in response to direct customer questions can constitute tipping off.
The penalties are serious — imprisonment and significant fines, with personal liability for the individuals involved. Frontline staff training must explicitly cover what can and cannot be communicated to a customer whose activity has triggered an internal escalation.
SAR / STR and AML typologies
The quality of a SAR/STR narrative is directly tied to the institution's understanding of money-laundering typologies. A strong narrative explicitly identifies the typology being reported — structuring, mule activity, trade-based laundering, layering through crypto — allowing the FIU and law-enforcement consumers to pattern-match across many filings.
Weak narratives that describe activity without articulating the typology or the basis for suspicion are one of the most common reasons FIUs request follow-up information or reject filings.
Common SAR / STR filing failures
Three failure patterns recur in regulatory enforcement actions. Under-filing happens when the institution detects activity that warrants a SAR/STR but fails to escalate or file — often driven by under-resourced compliance teams, weak alert dispositioning, or commercial pressure to retain valuable customers.
Late filing happens when the suspicion was identified but the filing was delayed beyond the regulatory deadline or the supervisory expectation of promptness. This is often cited in enforcement actions even where the eventual filing was well-prepared.
Poor-quality filing is the third pattern — filed on time but with a narrative that is incomplete, fails to articulate the basis for suspicion, lacks supporting evidence, or uses the wrong report type for the activity reported.
At a Glance
| SAR | Suspicious Activity Report — primary term in the US (FinCEN), Canada, India |
|---|---|
| STR | Suspicious Transaction Report — primary term in the EU, UK, UAE, Singapore, most of Asia and the Middle East |
| Filed with | The relevant national Financial Intelligence Unit (FIU) |
| Filing trigger | Knowledge, suspicion, or reasonable grounds to suspect money laundering, terrorist financing, or a predicate offence |
| Tipping off | Disclosing a SAR/STR to the subject is a separate criminal offence in every major jurisdiction |
| Related concepts | BSA, goAML, Transaction Monitoring, Typology, CTR, FIU |
Stay ahead of risk with Signzy
Explore tools that help you onboard, monitor, and verify with confidence
Transaction Monitoring
Monitor transactions in real-time and analyse past behaviour to identify suspicious activities and ensure regulatory compliance across the user journey.
AML Screening
Screen users against Politically Exposed Persons (PEP), watchlists, sanctions lists, adverse media, and more through one-time screening and advanced monitoring.
Criminal Screening
Perform thorough background checks and verify criminal records to maintain compliance and strengthen onboarding security.
FAQ
What is a SAR or STR?
A SAR (Suspicious Activity Report) or STR (Suspicious Transaction Report) is a formal regulatory filing made by a financial institution or other obliged entity to the relevant national Financial Intelligence Unit (FIU) when it knows, suspects, or has reasonable grounds to suspect that a transaction or activity involves money laundering, terrorist financing, or a predicate offence.
What is the difference between SAR and STR?
SAR is the term used primarily in the United States, Canada, and India — covering suspicious activity, behaviour, or patterns. STR is the term used in the EU, UK, UAE, Singapore, and most of Asia and the Middle East — focusing on specific suspicious transactions. The substantive obligations are broadly similar across regimes.
What is the full form of STR?
STR stands for Suspicious Transaction Report — a formal filing made to a national Financial Intelligence Unit when an obliged entity knows, suspects, or has reasonable grounds to suspect that a transaction involves money laundering, terrorist financing, or a predicate offence.
Who is responsible for filing a SAR or STR?
The institution's Money Laundering Reporting Officer (MLRO) — sometimes called the BSA Officer or Compliance Officer — is responsible for making the filing decision and submitting the SAR or STR to the FIU. The MLRO must have the authority to file without management approval. Frontline staff and transaction-monitoring systems raise internal alerts that escalate to the MLRO for adjudication.
Can the customer be told about a SAR or STR filing?
No. Disclosing the existence or content of a SAR or STR to the subject of the report — or to any unauthorised third party — is a separate criminal offence in every major AML jurisdiction, with penalties including imprisonment and significant fines. Frontline staff training must explicitly cover what can and cannot be communicated to a customer whose activity has triggered an internal escalation.