jaws-2Our most popular blog post of last year was about writing a knockout SAR narrative (you can find part one here and part two here). But when reviewing suspicious activity reports, we’ve noticed a large number of issues associated with those troublesome beasts known as continuing SARs. As such, it seems that a guide to writing a knockout continuing SAR narrative is judicious.

What Is a Continuing SAR?

When a financial institution identifies a suspicious activity, it must file a suspicious activity report—or SAR. But if it later finds additional suspicious activity related to the initial instance and that activity is within a specified timeframe, it needs to file what is called a continuing SAR. Knowing what goes into a continuing SAR narrative frequently trips up financial institutions.
It is not enough for the continuing SAR narrative to merely reference the initial SAR or SARs. The narrative for the continuing SAR should include any narrative information from previously filed SARs that is needed to understand this new activity, along with the corresponding SAR numbers, dates, and amounts.
The guidance says to “describe the circumstances surrounding the suspicious activity for the 90-day period encompassing the report.” This is an important detail to remember, because we sometimes see that the person filing the SAR simply puts what happened but they don’t describe the circumstances for the entire period of time. Using a sentence like, “This is a continuing SAR. See previous SAR #___” doesn’t exactly cut it.
The narrative will need to include an introduction, body, and conclusion. Let’s review what that means:


  • How was the activity caught? (employee detection, AML detection, etc.)
  • Why is an investigation being conducted?
  • What is the investigation number?



  • How long has this customer/member been with the institution? When did they open their account?
  • What is their expected account transactional activity?
  • Other detailed information from your Customer/Member Identification Program, Customer/Member Due Diligence, and Enhanced Due Diligence


  • What are the transaction(s) and party(ies) involved?
  • Is the activity isolated or in addition to other activity?


  • When and how many times did the activity occur?


  • Where did the activity take place? Which branch(es)? Which account(s)?


  • Why is the activity considered suspicious?


  • What was/were the amount(s) involved?
  • What was their source?
  • How were the funds applied?


  • Why is the continuing SAR is being filed?
  • What is the amount being filed?
  • What further action is needed?
  • What are the names and contact info of relevant people?

However, FinCEN doesn’t want you to just copy and paste the full narrative from previous reports – just whatever is necessary to understand the activity, including the new information that triggered the continuing SAR and the reasoning behind it. Given this requirement, expect your continuing SAR to be as thorough (or more so) than the narrative on the applicable initial SAR. Specifically, the guidance says you should fill out the SAR form in its “entirety.”
Just as with a regular SAR, a thorough continuing SAR narrative demonstrates the strength of your BSA program.

For more information on how AffirmX can help you with your BSA compliance, including the proper filing of SARs and continuing SARs, please visit AffirmX.com.