Case Management for Suspicious Activity Reports: Tracking and Managing Your Investigation


In the fight against financial crimes, filing Suspicious Activity Reports (SARs) is a key part of the financial business. However, optimizing these reports and making sure that supporting case reports are thorough and tell the entire story is key.


Recently, Laurie Kelly, former Director of Compliance for CoBank ACB, a $136B Farm Credit System institution, hosted a SAR writing webinar overviewing SAR creation. Once created, a SAR must be properly tracked and managed.


Need to first brush up on SAR basics? View our additional SAR resources:




What is a SAR Case Report?

“A case report is a comprehensive report that provides all the details of the suspicious activity case and its related SAR filings all in one place,” Laurie stated in the webinar. “We developed standard formats for these case reports for money laundering cases and fraud cases, and we found this tool had a number of benefits. First and foremost, it allowed us to quickly and efficiently deliver on law enforcement requests for full details of a SAR case.”


Case reports can also be an effective tool to document flagged activities that were not filed as SARs – questions that may be faced by compliance officers by an audit or a regulatory review team.  Having this readily available will improve collaboration with regulators, give enforcement meaningful insights that only the FI can provide and streamline and reduce the manual efforts associated with reporting for an AML team.




Critical Sections of a SAR Case Report

Based on Laurie’s experience, case reports should be comprised of six key sections.



Section 1 – Basic Reference Information

  • Customer name
  • Date case opened
  • Category of suspicious activity (cross-referencing the SAR form categories, perhaps)
  • Case number



Section 2 – Detailed Background Information In Narrative Form

  • How suspicious activity was detected
  • What follow-up, research and/or customer inquiries were performed and by whom
  • What prompted the SAR filing
  • Background details about the customer and/or subjects involved
  • References to other SARs on the same customer



Section 3 – Detailed Transaction History

  • Check numbers, wire transfer details, payees/payors, beneficiaries/originators, all banks involved, all textual fields on wires/ACH



Section 4 – Law Enforcement Communications Log

  • Track the date, name, title, contact details, and method of contact for each communication to or from any law enforcement representative regarding the case



Section 5 – SAR Filing Log

  • Tracking records to document all regulatory deadlines were met – especially important in ongoing cases
  • Record these dates for each SAR:
    • Activity detected
    • Decision to file SAR
    • SAR filed
    • Due date of next continuing activity SAR due date (120 days from date of last SAR)
  • BSA ID number for quick reference



Section 6 – SAR Narrative

  • Much easier to draft the SAR narrative outside of the form itself (or form-generating software)
  • Final narrative verbatim in the case report allows others reviewing and/or approving to read the narrative along with all supporting information.


As you can see, there is a lot of detail required to ensure a case report is thorough but maintains the practice of capturing this information to ensure proper investigation of suspicious activities as well as compliance to AML/CTF obligations.




Case Reports and Automated Environment

During the webinar, one attendee asked why there is so much effort to create a standalone case report document when an automated suspicious activity monitoring/SAR case management system exists.


Part of the answer to that question depends on your organization’s level of automation. A case report provides high value when an automated system:


  • Has limited capability to store freeform text notes; cannot print a full report of all notes entered
  • Does not retain the SAR narrative as a separate field
  • Cannot produce a summary report (with content like that of a case report) that can be provided to law enforcement, internal management, or examiners/auditors
  • Cannot maintain specific records of law enforcement communications


The more detail we can give the regulators and the more specifics we can provide the better. All too often, I have seen clients submit SARs with missing fields or invalid fields due to system issues. I have also seen many AML teams struggling to manually manage reports.


The challenges for FIs that have multiple business units are especially greater since the narrative can change from business to business. A FINRA-regulated sell-side broker-dealer, for example, will have a totally different feel than a loans services group or the overseas banking operations of a commercial retail bank.


Each of these case reports and associated processes needs to be automated and connected to the transaction monitoring system to reduce manual effort and mitigate risk, while at the same time giving the regulators meaningful insights that only FIs have.


However, be cautious. Even if you have the most automated system in the market, case reports are necessary because you need to document the human judgment made when interpreting the data provided for suspicious activities.  This human element of AML investigation is highly valuable for the regulators and a piece of the puzzle that cannot be left out.


We would be happy to discuss how our case management system and regulatory reporting software work, and how our AML compliance solution can assist with your compliance requirements. Please contact us today to learn more.



Schedule a free demo

See how Alessa can help your organization

100% Commitment Free

Schedule a free demo

See how Alessa can help your organization

100% Commitment Free

Recent Posts

AML geographic risk

Assessing AML Geographic Risk

Learn more about a methodology used by financial institutions on how to interpret an AML country risk rating assessment.

Please fill out the form to access the webinar: