Types and Examples of Suspicious Transactions: A Closer Look

February 25, 2022

Subscribe to our Blog!

Please fill out the form below:

Banks and other financial institutions, first and foremost, have a duty to serve their account holders. In the ordinary course of business, banks will be responsible for managing their account holders’ accounts, making investments, managing liquidity, and more. 

However, there are plenty of financial activities that might seem beyond “the ordinary course of business,” and these examples of suspicious transactions might not only put the financial institution’s clients at risk, but they can also create potential legal and financial problems for the bank itself. 

Suspicious and malicious activity, unfortunately, is widespread. In fact, in less than two decades—between 1999 and 2017—American financial institutions identified more than $2 trillion of suspicious activities. That figure mirrors the entire annual GDP of Italy, the country with the eighth highest GDP in the world. 

Furthermore, keep in mind that this figure merely represents the level of suspicious activity filed via a SAR (Suspicious Activity Report)—it is highly likely that plenty more suspicious activity, perhaps as much as $1 trillion worth, occurred during this same period.

Since it’s not an exact science, there is always going to be some level of manual investigation into potentially suspicious transactions in order to determine whether a report must be filed. 

Here, we’ll dig into this topic to help you understand the nuances around what constitutes a suspicious transaction and what doesn’t, and how to identify reasonable grounds for action.

How to Implement the 5 Pillars of a BSA/AML Program CTA

What Makes a Financial Transaction Suspicious?

One of the problems with filing suspicious activity reports is that there is no universal definition of what constitutes suspicious activity. A given action might be deemed suspicious if it occurs within one account, while the same activity would be considered “normal” if it occurs in another.

For example, it might make sense for a petroleum supplier to receive a $100 million wire transfer from a foreign conglomerate, but if that same action were to appear in the account of a local non-profit, it would raise some red flags.

Finding the “threshold” for what constitutes suspicious activity is far from easy. However, by keeping a few basic principles and protocols in mind, financial institutions of all kinds can make some much-needed changes and improve how they monitor suspicious activity.

Generally speaking, a financial transaction might be deemed suspicious if it is unlike any other activity that has occurred within that account. Of course, an activity being new will not necessarily mean that any malicious actions have occurred. 

For example, an individual making a sizeable down payment on their first home is an activity that is unusual but not malicious. The processes involved in identifying suspicious activity are far from cut and dry. However, it is still a good idea to flag—and potentially follow up on—any action that seems far from the norm.

As FinCEN—the Financial Crimes Enforcement Network—has helped describe, transactions that “serve no business or other legal purpose and for which available facts provide no reasonable explanation” are one of the most common signs of suspicious activity. 

This means that, in some cases, financial institutions will need to monitor the size of transactions occurring within their system and monitor the types of transactions taking place and determine where these transactions originated from.

The Bank Secrecy Act (BSA) which was signed into law in 1970, establishes responsibility for financial institutions to keep an eye out for signs of suspicious activities and report them to the corresponding authorities (usually within 30 days). The purpose of this Act is to combat some of the most common forms of suspicious activity, including money laundering, theft, tax evasion, financial fraud, and more. 

However, the BSA, contrary to some other financial regulations, still contains a lot of gray areas. Financial institutions will want to ensure they are compliant and report these sorts of activities within a timely manner (or else face fines and possible legal consequences). But at the same time, they will need to balance their account holders’ fundamental rights to privacy.

Ultimately, no formula will clarify that a given activity must be reported or will never need to be reported. But carefully monitoring for a few common red flags—substantial transactions, transactions from an unclear location, foreign transactions, identity fraud, and others—will help these institutions better balance their seemingly “competing” interests.

Download Transaction Monitoring Product Guide

Types and Examples of Suspicious Transactions

As the Federal Deposit Insurance Corporation (FDIC) helps explain, many different types of transactions might trigger the need to file a SAR. These can include, but are by no means limited to, the following transactions:

  • Money Laundering: This process involves taking money generated by an illicit activity and “cleaning” the money by falsely presenting it as if it were earned through a legitimate business. One of the largest money laundering schemes of all time, dubbed the 1MDB scandal, involving the theft of more than $4.5 billion from a Malaysian state fund that was then laundered through Goldman Sachs. Following trial, Goldman Sachs was forced to return most of the funds to Malaysia and pay a $600 million fine.
  • Cash Transaction Structuring involves splitting or otherwise altering financial transactions to avoid automatic reporting to tax authorities. Usually, structuring is done to avoid being subject to certain taxes or to conceal otherwise an organization’s wealth (which may help them qualify for certain loans, etc.).
  • Check fraud is a broad term used to describe any deliberate misrepresentation use or creation of checks. Check fraud can include writing fraudulent checks, altering checks, creating bad checks (checks you know will bounce), and more. According to one recent estimate, roughly 2 million bad checks are processed daily through the Automatic Clearing House (ACH) system.
  • Check Kiting: this is a form of check fraud that involves writing a check from an account with insufficient funds and depositing that check into another bank account. Due to “the float”—the time before checks are cashed between banks—this can temporarily give people access to uncovered funds. 
  • Wire Transfer Fraud: this is a broad term used to describe any situation in which malicious activity occurs during the course of a wire transfer. Perhaps one of the most well-known wire transfer scams was the “Nigerian Prince” email fraud, which happened in the early 2000s (and still makes a considerable amount of money today).
  • Mortgage and Consumer Loan Fraud: this sort of fraud involves consumers deliberately misrepresenting their financial position to secure a loan (usually, a large loan, like a mortgage). Misrepresenting income, overvaluing assets, and underreporting expenses are all types of consumer loan fraud.
  • Misuse of Position (Self-Dealing): this term describes any instance where a fiduciary—a financial agent acting on behalf of their client—takes action or makes a suggestion that is their own best interest, rather than the client’s. For example, if a fiduciary invests a client’s funds into their account, that would be considered self-dealing. 
  • Identity Theft or Fraud: while identity theft is used to describe an instance where someone is pretending to be someone else, identity fraud is used to describe any misrepresentation of a person’s identity. These suspicious activities can result in severe punishments, even if no financial transactions have occurred.
  • Terrorist Financing: while the federal government has laws and regulations banning financial transactions connected to any illegal activity, it is particularly strict about activity that could be linked to terrorism. Since the passage (and subsequent renewal) of the USA PATRIOT Act, regulators have a broad ability to monitor certain accounts.

These are just a few of the most common types of suspicious activity a financial institution can potentially encounter. Therefore, if there are any indicators that these, among other, suspicious activities have occurred, financial institutions are required by law to file a SAR.

When Should You Respond to a Potentially Suspicious Transaction?

There are several different types of suspicion that might, eventually, necessitate the need to file a report.

At first, a financial institution might have a “simple suspicion”—at this point in time, they might have a hunch or believe that suspicious activity might be occurring but do not yet have enough evidence or reason to file a report.

Eventually, this simple suspicion might grow into reasonable grounds to suspect—this occurs once they have a legitimate reason to suspect illicit activity is occurring. Then, they have some evidence to prove that their suspicion is more than an ordinary “hunch.” 

At this point, it is unlikely that the accused party could be convicted of any crime within the criminal justice system. Nevertheless, by law, even a tiny red flag or a single piece of tangible evidence should be considered enough to file a suspicious activity report. Keep in mind, only some SARs are followed up on (The Bank Policy Institute reports that as few as 4% are reviewed by law enforcement), and an even smaller fraction ever results in a criminal conviction.

As evidence continues to build—more suspicious transactions occur, there are signs of financial crimes, etc.—a suspicion might eventually become grounds to believe that illicit activity has occurred. By this point, financial institutions have a legal (and perhaps moral) obligation to report this activity to authorities.

Ultimately, while there is not an explicit cutoff for what constitutes suspicious activity, it is incumbent of these institutions to keep an eye out for the early signs that any of the activities listed above have occurred. It's important to incorporate transaction monitoring into your fraud and AML system to effectively combat threats.

Luckily, with technologies like Unit21, monitoring, investigating, and reporting these sorts of activities is easier than ever before. With diligence, a thorough understanding of the law, and a commitment to consistent banking, both large and small financial institutions can develop the SAR protocols they need to remain compliant and help in the fight against financial fraud. 

For more information about how Unit21 can help, get in touch today.

Getting started is easy

See first-hand how Unit21
can help bolster your risk & compliance operations
Close Subscribe Window

Subscribe to our Blog!

Please fill out the form below: