Suspicious Activity Reports - what have we learnt from updated guidance?

Suspicious Activity Reports (SARs) form a fundamental part of the UK’s anti-money laundering regime and when used effectively, provide vital intelligence to law enforcement agencies to help combat organised crime. Given the prevalence of fraud (which can only be likely to continue to increase in the current economic environment), it is perhaps unsurprising that the National Crime Agency (NCA) continues to report year on year growth in the number of SARs submitted.

In its latest annual report for 2020/2021 and 2021/2022, the United Kingdom Financial Intelligence Unit (UKFIU) notes the challenges it has faced over the past two years with new and emerging organised crime threats, particularly fraud, against individuals and businesses. It also recognises the importance of continued engagement with law enforcement, government and regulated sectors to tackle crime and also improve the quality, and thereby effectiveness, of SARs.

In this article we provide some insight into the key findings of the annual report and briefly look at the most recent guidance issued by the UKFIU when submitting SARs.

The UKFIU Annual Report 2022 at a glance

The number of SARs submitted has increased by 21%, with the NCA receiving a total of 901,255 SARs in 2021-2022, compared to 742,317 2020-2021.

• The level of funds denied to suspected criminals from Defence Against Money Laundering (DAML) requests has more than doubled, increasing by 120% from £138.6m in 2020-2021, to £305.7m in 2021-2022.
•  However, the total number of DAMLs received and processed by UKFIU has fallen from 105,107 in 2020-2021, to 83,300 in 2021-2022. This represents a reduction of 21%.
•  Unsurprisingly, banks continue to account for the vast majority of SARs submitted when compared to other sectors, accounting for over 70% of SARs (although the report makes no comment on the relative volume of reports from the different sectors). However, the overarching trend for most sectors is a year-on-year increase.
• 65,505 cryptocurrency SARs have been reviewed since September 2021 and the report states that over 350 SARs are now identified each day (increasing from around 80 a day in September 2021). This upward trajectory is likely to continue as cryptocurrency platforms required to fall with the AML regime embed policies and procedures.
• The average turnaround time for responses to DAMLs increased slightly by 10% from 2.82 days in 2020-2021, to 3.1 days in 2021-2022. This remains well within the 7 working day period provided for by the Proceeds of Crime Act 2002 (POCA).
• The NCA continues to increase its headcount to deal with the volume of reports received, and to increase analysis and engagement. It has also set up a new Combatting Kleptocracy Cell to investigate criminal sanctions evasion and high-end money laundering, with SARs providing a valuable data source to that workstream.

Perhaps key from a practical perspective, is that development of a new SAR portal (said to be more user friendly), is nearly complete. It will reportedly improve the quality and utility of SARs.

Themes and trends

Although the increase in the number of SARs submitted is in line with previous year on year growth, the report identifies Fintech and Cryptocurrency platforms as a contributing factor in this uptick. That is unsurprising given the requirement for cryptocurrency platforms to now be regulated by the FCA for AML purposes.

What is perhaps most interesting is the significant increase the amount of funds denied to suspected criminals from DAML requests, notwithstanding the reduction in the total number of DAMLs submitted.

•  The reduction in the number of DAMLs received is said to reflect greater understanding within the reporting sectors that they do not need to request consent when returning funds to the victim of a crime. Given the significant sums of money reportedly lost to authorised push payment (APP) fraud, this clarification is important for financial institutions and understandably has assisted in reducing the number of DAMLs submitted.
• The report credits a rise in high monetary-value DAMLs submitted, together with the increased use of Account Freezing Orders as part of the reason for the increase in the amount of funds denied to suspected criminals. By way of example, it refers to 7 cases with restraint figures of between £10m-£50m in 2021-2022, which make up a significant portion of the funds denied.
• The improved quality of DAMLs (which we discuss further below) is also said to have significantly aided law enforcement.

Latest guidance

It is clear from the report that the quality of SARs submitted to the NCA remains a key focus for the coming year and beyond. The quality of SARs has of course long been the subject of discussion. A Law Commission report in 2019 identified failings in the quality of SARs submitted, many of which were said to contain limited or no useful intelligence. The Law Commission report also criticised the large number of ‘defensive’ SARs being submitted, (which were said to be overwhelming the NCA) and identified confusion regarding the concept of ‘suspicion’.  

The NCA previously issued guidance in September 2021 on submitting better quality SARs. As noted above, it appears from the latest annual report that the NCA is now starting to see some of the fruits of that labour, with the quality of DAMLs (and the circumstances in which they are required), said to be improving.

The NCA has now produced an updated guidance booklet “Submitting a Suspicious Activity Report (SAR) within the Regulated Sector January 2023”. Whilst this largely echoes earlier guidance the booklet provides advice and recommends best practice when making a SAR, including:

• The NCA prefers all SARs to be submitted via their SAR Online System (instead of using a reporting form). The advantages of this are that it provides an automated acknowledgment of receipt with a unique reference and assists in ensuring SARs are structured in a helpful way.
• The report should be structured in a logical format, and provide concise information about the event, activity or transaction in question, and how and why it led the reporter to become suspicious. For example, if a transaction deviates from a customer or businesses’ normal activity, provide further context. Avoid internal acronyms or jargon and provide layman explanations of any technical aspects of the report to assist investigators.
• Reports should contain all relevant information on the individual or business in question, taking into account information obtained from Customer Due Diligence. The information provided should be as comprehensible as possible, including full details about the individual or company involved (such as identity documents, addresses, bank accounts etc).
• If a report relates to a particular financial transaction, include all details of the beneficiary and remitter of the funds including full bank details (where known), the type of transaction in question and the details of any suspected associates.
• From 5 January 2023, the £250 threshold amount specified under s.339A of POCA increased to £1,000. It is possible to seek permission to vary the threshold amount for a proposed activity, but consideration should always be given to making a disclosure in respect of an initial opening of an account, or at the point the reporting entity first suspects property may be the proceeds of crime.

This publication is intended for general guidance and represents our understanding of the relevant law and practice as at February 2023. Specific advice should be sought for specific cases. For more information see our terms & conditions.