The Financial Crimes Enforcement Network (FinCEN), together with the Federal Reserve, Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), and the Office of the Comptroller of the Currency (OCC), recently issued new guidance clarifying how financial institutions should approach the filing of Suspicious Activity Reports (SARs), see Frequently Asked Questions Regarding Suspicious Activity Reporting Requirements . The FAQs aim to refocus firms’ resources on “activities with the greatest value to law enforcement”, without altering legal requirements or creating new supervisory expectations
Clarifying the Threshold
The most immediate takeaway is that transactions near the Currency Transaction Report (CTR) threshold – USD 10,000 – do not, by themselves, require a SAR. FinCEN makes it explicit that “the mere presence of a transaction or series of transactions… at or near the $10,000 CTR threshold is not sufficient to trigger the filing of a SAR.” Only when a financial institution knows, suspects, or has reason to suspect that a transaction is structured to evade reporting requirements must a SAR be filed.This distinction is critical. Many institutions have historically erred on the side of filing, fearing regulatory second-guessing. This clarification endorses a risk-based approach, reducing unnecessary filings while focusing resources on activity that genuinely raises suspicion.
Context in Restructuring
The FAQs reaffirm that structuring – breaking down transactions to avoid CTR reporting – is still unlawful under the Bank Secrecy Act (BSA). FinCEN cites 31 U.S.C. §5324 and 31 C.F.R. §1010.100(xx), defining structuring as transactions “in any amount, at one or more financial institutions, on one or more days, in any manner, for the purpose of evading CTR reporting requirements.” That scope – “in any manner” – covers both small-sum transactions and multiple smaller deposits across institutions.
However, FinCEN underscores that monitoring must be commensurate with the level of money-laundering and terrorist-financing risk specific to each institution, reflecting its products, customer base, and geography. This reinforces the principle that surveillance should be proportionate and intelligence-driven rather than box-ticking.
Continuing Activity SARs are Optional
Perhaps the most significant operational clarification relates to “continuing activity” SARs. Since the early 2000s, many institutions have treated FinCEN’s 90-day guidance as a rule. The October 2025 FAQs correct this misinterpretation: there is no requirement to conduct a separate review – or to file a new SAR – on a fixed 90-day schedule after the initial report.
Financial institutions “may instead file SARs as appropriate in line with applicable timelines”. For those choosing to maintain the framework, FinCEN provides an illustrative timeline – Day 0 detection, Day 30 initial filing, Day 120 review, Day 150 continuation – but notes this is for reference, not obligation.
This shift gives compliance teams breathing room to prioritise based on risk and resource capacity. It also enables RegTech vendors to embed configurable “continuing activity” logic, rather than enforcing rigid schedules across cases of differing risk.
Documentation Relief
Equally significant for operational efficiency is FinCEN’s statement that institutions are not required to document every decision not to file a SAR. The FAQ states plainly: “There is no requirement or expectation under the BSA or its implementing regulations for a financial institution to document its decision not to file a SAR.” While firms may choose to note such decisions for internal control purposes, FinCEN adds that a “short, concise statement” will generally suffice.
This pragmatic approach aligns with the broader supervisory theme: compliance should be risk-based, not bureaucratic. Over-documentation consumes time without necessarily improving outcomes, and FinCEN’s clarification may reduce unnecessary internal review loops.
FinCEN explicitly states that “nothing in this FAQ should be read to conflict with OCC’s Interpretive Letter 1166,” which allows financial institutions to deploy “appropriately tailored automated monitoring systems”. This language is a quiet but important endorsement of innovation in anti-money-laundering (AML) monitoring.
By confirming that automation is permissible within a risk-based programme, the agencies effectively open the door to innovation around applications that assist investigators and produce more consistent narrative SAR content – provided these systems are well-governed, explainable, and auditable.
Governance & Workflow Improvements
Review thresholds and scenarios. Remove legacy triggers that automatically flag transactions near USD 10,000 absent corroborating risk indicators.
Update continuing-activity workflows. Treat 90/120-day cycles as optional. Use case-by-case risk assessments to determine when further reporting is justified.
Simplify documentation. Establish concise templates for “no-SAR” rationales aligned with internal policies.
Enhance automation governance. Ensure that automated monitoring tools and AI-assisted narrative systems operate within OCC and FinCEN guidance.
These steps not only align firms with the clarified expectations but also advance the efficiency goals implicit in FinCEN’s message: focusing effort on intelligence that law enforcement can act upon.
More Signal, Less Noise
FinCEN’s October 2025 FAQs reflect an evolution in regulatory thinking. Rather than layering new requirements, the agencies are signalling a cultural change – from equating compliance with volume, to equating it with value.
By endorsing risk-based monitoring, flexible reporting cadence, and pragmatic documentation, the guidance empowers institutions to use technology and judgment in tandem. In doing so, FinCEN reinforces what many compliance leaders have long argued: quality, not quantity, is what makes suspicious activity reporting effective.
Subscribe to our newsletter
