Suspicious Activity Reports (SARs) are familiar to many of us as the mechanism used by obliged entities to report suspicion of money laundering or terrorist financing to relevant authorities. However, the SAR process can cause some challenges for early stage FinTechs who are trying to balance regulatory requirements with transparent and customer centric service. It is something we get a lot of questions about, so we thought we would outline some hints and tips on things to think about.
In the asymmetrical game of whack-a-mole that is the fight against financial crime, SAR’s are a useful but sometimes imperfect tool for generating intelligence about financial criminals. Notifying the appropriate financial crime enforcement unit such as the National Crime Agency (NCA) when a Defence Against Money Laundering SAR (DAML) is required is not only the right thing to do but also usually a regulatory and legal requirement. DAML SARs, as the name implies, are reports that describe the most important facets of activity that could be regarded as suspicious and indicative of money laundering. Their regulatory purpose can’t be understated, as they act a conduit between the events themselves, the handling of the questionable funds, and possible investigation by law enforcement.
However, the nature of SARs and the context they operate in can be challenging. This is especially true for companies and especially start-ups in the FinTech sector who are seeking to meet their regulatory and legal requirements while also providing a great customer experience. FinTechs are operating in an interesting era, where customer feedback on social media and review sites such as TrustPilot have tangible impact on the success of a product or service. They also provide a challenge to financial crime teams and those responsible for public relations (which we discuss below).
We aren’t going to dive deep in to the overall requirements of the SAR regime in this blog, we would be here for some time! Instead, we will focus on a few practical tips for FinTechs to consider when balancing customer experience and their regulatory and legal requirements. Wider SAR guidance is available from the likes of the NCA and the team at FINTRAIL are always available to offer advice.
1. It will happen
The first thing we stress to our customers who form part of the reporting regime is that, at some stage, you will to have to deal with a customer and the SAR process. You are better developing a simple internal process before it happens. Think about what your team needs to do when dealing with a customer subject to an investigation before you have the additional pressure of them asking for answers. Equally, ensuring you have clear customer off-boarding/exit process will also ensure this is done in a timely and fair way. Once you have a process established, ensure your team is well trained and understands the risks and challenges associated with customer investigations.
2. Don’t Panic
The language around SARs and things like “tipping-off” can be intimidating, especially when you see terms like criminal offence. Don’t panic about this. By doing step 1 first you will be able to make sure you meet your obligations. No one is perfect, and mistakes sometimes get made, just make sure to learn from those opportunities.
3. Have a strategy for customer engagement
It’s well known - particularly in the FinTech community, where customer interaction is vital, immediate and direct - that some of those who engage in financial crime are wily and tenacious. They can be hostile in their communications once transactions are blocked, or accounts are suspended pending investigation or the submission of a SAR. Those who must deal with them are presented an unenviable operational challenge: they cannot give anything away that would make the criminal suspect they are the subject of investigation/SAR (“tipping off”), but nor can they lie and treat the customer unfairly.
Each instance is different, but there are some suggestions that are practical for most encounters:
Don’t ignore customers, as positive engagement is a better strategy than ignoring them. Be polite, professional and responsive but have a clear line and stick with it.
Proactively provide your customer ops or support teams with standard lines or approaches to take in response to customer enquiries. Make sure they have training on these approaches and they are broadly consistent.
Trust in your policies and processes, they are there for a reason. However, if you find something has gone wrong make sure you capture the reasons and put it right.
Do not be swayed by threats. This is a tactic we have seen used on several occasions to try and force a response from the obliged entity and put those people dealing with them under increased pressure.
As an organisation, you should have a zero-tolerance policy to harassment or intimidation and if this occurs you should immediately involve your local law enforcement.
Just because they are subject to a SAR doesn’t mean their rights as a customer are suspended. Refer them to relevant departments, such as complaints, in the appropriate circumstances.
Sometimes it’ll be necessary to move the case up the chain to someone on the team with greater authority or more knowledge of the situation. Knowing when to do this, and when not to, is important.
Be responsive on social media and to customer reviews. The compliance/financial crime and PR/social media teams can collaborate to standardise responses to negative feedback from customers on the back of investigation or exit process, without the risk of tipping-off.
However, do not get dragged in to drawn-out back-and-forth with customers on social media. Provide a clear, well-judged and visible response but do not allow them to bait you.
4. Write clear and accurate SARs/DAML SARs
In the UK especially, the NCA receives hundreds of DAML requests every day and thousands of SARs. To help law enforcement process those requests as efficiently as possible and therefor provide you with the response you may be requesting, it is important to ensure you follow guidance and provide complete, well written and concise SARs. Equally, make sure you follow relevant guidance on when and when not to file a SAR or DAML SAR to avoid over filing and creating unwarranted operational challenges.
Without a doubt, SARs perform a valuable function, and they have proven their worth countless times by helping to start and inform investigations into criminal activity. However, the SAR process can cause operational and customer challenges that if considered before they happen, can be managed efficiently while still maximising a great customer experience.