Client Alert: FinCEN Clarifies SAR Filing Expectations

What Is New?

In October 2025, the Financial Crimes Enforcement Network (FinCEN), in coordination with federal banking agencies, released updated guidance clarifying expectations around suspicious activity report (SAR) filings under the Bank Secrecy Act (BSA). The frequently asked questions (FAQs) address common compliance challenges and reinforce a risk-based approach to SAR reporting. The guidance confirms that financial institutions are not required to file SARs solely due to transaction amounts near the $10,000 currency transaction reporting (CTR) threshold unless there is clear indication of reporting evasion. It also clarifies that institutions may rely on their risk-based protocols to identify and report suspicious activity and that a separate review for continuing activity is not required unless new information emerges.  

FinCEN provides clear timelines should a financial institution file on continuing suspicious activity in line with previous FinCEN guidance. Notably, the FAQs state that decisions not to file SARs are not required; but, should a financial institution decide to document such a decision, in non-complex cases a concise statement is sufficient.  

These updates reflect FinCEN’s broader effort to reduce low-value filings and enhance the utility of SARs for law enforcement and national security purposes. The FAQs also further implement Executive Order 14219, which focuses on rescinding regulations and guidance that the administration considers exceed the underlying statute or impede private enterprise. The challenge for financial institutions—banks in particular—is to understand how or if this guidance will change how examiners on the ground conduct their regulatory exams and what examiners expect to see. 

Highlights

Current State 

Under the current regulatory framework, financial institutions are generally required to file SARs when they detect known or suspected violations of law or suspicious transactions involving $5,000 or more. However, ambiguity around what constitutes “suspicious” has led to over-reporting, particularly in cases involving transactions just below the $10,000 CTR threshold. Institutions often file SARs out of an abundance of caution, fearing regulatory scrutiny for non-filing. Under Secretary for Terrorism and Financial Intelligence John K. Hurley recently highlighted this: “We’ve also heard repeatedly that financial institutions are expected to maintain an increasingly onerous level of documentation supporting the decision not to file a SAR.” This has resulted in a high volume of SARs with limited investigative value and documentation processes that strain institutional resources. Continuing-activity SARs have posed challenges due to confusion around when to file follow-up reports. Hurley also highlighted the complexity around the current state of SAR filings: “The fact that instructions on completing a SAR that’s 170 pages long illustrates the challenge.”  

Future State 

The updated guidance encourages institutions to adopt a more targeted, risk-based approach to SAR filings: 

• FinCEN confirms that SARs are not required for transactions near the $10,000 CTR threshold unless there is evidence of structuring or intent to evade reporting requirements, or other suspicious activity.  
• Institutions are not expected to review continuing activity unless there is a material change or new information. They still must file on any suspicious activity that meets the requirements set out by regulations, but they may use their risk-based procedures to detect and report additional activity. FinCEN also clarifies and amends timelines for those that do continue to conduct separate reviews for continuing activity.[1]
• FinCEN’s expectation on decisions not to file a SAR—should an institution continue to document such decisions based on internal policies—is a concise statement documenting rationale for non-complex cases. Financial institution investigation units should spend more time enriching SARs than defending decisions not to file SARs. 

Importantly, the FAQs do not alter the underlying SAR thresholds or filing timelines but clarify how discretion should be exercised within existing rules. These clarifications are intended to improve the consistency and utility of SARs, reduce ambiguity for filers, and enhance the investigative value of SARs for law enforcement agencies.  

However, financial institutions, especially banks, should note that the Federal Financial Institutions Examination Council BSA/AML Examination Manual’s section on SAR decision-making was not concurrently rescinded or amended. Financial institutions should be prepared that, absent additional guidance, examiners may continue to evaluate decisions not to file in line with the manual, which states, “Banks should document SAR decisions, including the specific reason for filing or not filing a SAR.”

What This Means for Your Organization

Financial institutions should review their investigation and SAR policies and procedures to consider alignment with the new expectations. Compliance teams may wish to update training materials to reflect the reduced need for SAR filings based solely on CTR transaction amounts; and ensure that employees understand what the guidance does—and does not—mean for the institution’s own protocols. Institutions may also consider revising their continuing-activity and CTR procedures to avoid unnecessary repeat filings and ensure compliance with the Right to Financial Privacy Act by shoring up processes regarding what could be considered voluntary filings. Given the emphasis on risk-based reporting, organizations should evaluate their transaction monitoring systems and investigative protocols to ensure they prioritize high-risk activity and support law enforcement investigative value.  

BRG recommends giving clear guidance to investigative staff on how and if senior leadership expects investigators to document decisions not to file a SAR that are made by your institution. Following the Pareto Principle, 80 percent of such decisions will likely be caused by 20 percent of the same or similar problems. A balanced approach that mitigates risk and optimizes efficiency could automate the “short, concise statement documenting a financial institution’s SAR decision” in many cases and provide for an often much-needed reduction in operating costs. A best practice would be to continue including a free text field and attachment capability or other mechanisms to enable explanations for complex investigation scenarios.  

BRG’s Financial Crimes team can assist institutions in streamlining their investigation and SAR reporting processes, ensuring that efficiencies gained do not lead to missed risk.

[1] In May 2012, FinCEN released guidance stating, “Financial institutions with SAR requirements may file SARs for continuing activity after a 90 day review with the filing deadline being 120 days after the date of the previously related SAR filing.” FinCEN, The SAR Activity Review Trends Tips & Issues, Issue 21 (May 2012). sar_tti_21.pdf. The timeline in the new guidance puts the filing deadline at 150 days.