Skip to Content
Menu Toggle
Why and What are Banks Prohibited From Disclosing Suspicious Activity Reports (SAR) of Fraud by Federal Law?
subscribe to legal alerts

subscribe to our blogs

sign up now

Media Contacts

Charles B. Jimerson
Managing Partner

Jimerson Birr welcomes inquiries from the media and do our best to respond to deadlines. If you are interested in speaking to a Jimerson Birr lawyer or want general information about the firm, our practice areas, lawyers, publications, or events, please contact us via email or telephone for assistance at (904) 389-0050.

Why and What are Banks Prohibited From Disclosing Suspicious Activity Reports (SAR) of Fraud by Federal Law?

August 14, 2012 Banking & Financial Services Industry Legal Blog

Reading Time: 7 minutes


In 1992, Congress passed the Annunzio-Wylie Anti-Money Laundering Act (the “Act”) which requires banks to report suspicious activities to the appropriate federal authorities. Cotton v. Privatebank and Trust Co., 235 P. Supp. 2d 809, 812 (N.D. Ill. 2002). The laudable goal of the requirements contained in the Act was to encourage banks to make such reports related to criminal activities. Id. In fact, the stated purpose of the Act is to:

require certain reports or records where they have a high degree of usefulness in criminal, tax, or regulatory investigations or proceedings, or in the conduct of intelligence or counterintelligence activities, including analysis, to protect against international terrorism. 31 U.S.C § 5311.

In line with this goal, and to encourage banks to provide such reports, the Act provides immunity to banks and further prohibits disclosure of a suspicious activity reports (“SAR”) or any information that would reflect the existence of a report disclosing the fraud. See 31 U.S.C. § 5318(g)(2); 31 C.P.R. § 1020.320. Specifically, 31 U.S.C. § 5318(g)(2) expressly provides:

(A) In general. — If a financial institution or any director, officer, employee, or agent of any financial institution, voluntarily or pursuant to this section or any other authority, reports a suspicious transaction to a government agency –

(i) the financial institution, director, officer, employee, or agent may not notify any person involved in the transaction that the transaction has been reported…

Likewise, 31 C.P.R. § 1020.320 provides, in relevant part:

(e) Confidentiality of SARs. A SAR, and any information that would reveal the existence of a SAR, are confidential and shall not be disclosed except as authorized in this paragraph (e). For purposes of this paragraph (e) only, a SAR shall include any suspicious activity report filed with FinCEN (Financial Crimes Enforcement Network of the United States Department of Treasury) pursuant to any regulation in this chapter.

(1) Prohibition on disclosures by banks–

(i) General rule. No bank, and no director, officer, employee, or agent of any bank, shall disclose a SAR or any information that would reveal the existence of a SAR. Any bank, and any director, officer, employee, or agent of any bank that is subpoenaed or otherwise requested to disclose a SAR or any information that would reveal the existence of a SAR, shall decline to produce the SAR or such information, citing this section and 31 U.S.C. 5318(g)(2)(A)(i), and shall notify FinCEN of any such request and the response thereto.

(ii) Rules of Construction. Provided that no person involved in any reported suspicious transaction is notified that the transaction has been reported, this paragraph (e)(1) shall not be construed as prohibiting:

(A) The disclosure by a bank, or any director, officer, employee, or agent of a bank, of:

(1) A SAR, or any information that would reveal the existence of a SAR, to FinCEN or any Federal, State, or local law enforcement agency, or any Federal regulatory authority that examines the bank for compliance with the Bank Secrecy Act, or any State regulatory authority administering a State law that requires the bank to comply with the Bank Secrecy Act or otherwise authorizes the State authority to ensure that the bank complies with the Bank Secrecy Act; or

(2) The underlying facts, transactions, and documents upon which a SAR is based, including but not limited to, disclosures:

(i) To another financial institution, or any director, officer, employee, or agent of a financial institution, for the preparation of a joint SAR; or

(ii) In connection with certain employment references or termination notices, to the full extent authorized in 31 U.S.C. 5318(g)(2)(B); or

(B) The sharing by a bank, or any director, officer, employee, or agent of the bank, of a SAR, or any information that would reveal the existence of a SAR, within the bank’s corporate organizational structure for purposes consistent with Title II of the Bank Secrecy Act as determined by regulation or in guidance.

       Simply put, the Act specifically and explicitly requires banks to decline production of a SAR or any information that would lead to the disclosure of a SAR in response to a non-law enforcement subpoena. The Act further requires banks to notify FinCen of any request for such information. In fact, the rules and regulations included in the Act are so significant that the Act includes considerable civil and criminal penalties including civil penalties of up to $100,000.00 and criminal penalties including fines of up to $250,000.00 and/or imprisonment of up to five years. 31 U.S.C. §§ 5321 and 5322.

        Florida law is clear that “the prohibition against disclosing a SAR protects from discovery not just the SAR and its contents, but also information that would disclose preparation of a SAR.” Regions Bank v. Allen, 33 So. 3d 72 (Fla. 5th DCA 2010) (citing Whitney Nat’l Bank v. Karam, 306 F. Supp. 2d 678, 682 (S.D. Tex. 2004)). The Act “creates an unqualified discovery and evidentiary privilege.” Id. (citing Whitney, 306 F. Supp. 2d at 682). However, it has been held that “supporting documentation” underlying a SAR that is discoverable is limited to information that is “generated or received in the ordinary course of a bank’s business is discoverable.” Id. (emphasis added)(citing Whitney, 306 F.Supp.2d at 682; U.S. v. Holihan, 248 F. Supp. 2d 179 (W.D.N.Y 2003)).

        In applying this analysis, it has been held that the Act essentially creates two separate categories or “buckets” of supporting documents described as follows:

The first category represents the factual documents which give rise to suspicious conduct. These are to be produced in the ordinary course of discovery because they are business records made in the ordinary course of business. The second category is documents representing drafts of SARs or other work product or privileged communications that relate to the SAR itself. These are not to be produced because they would disclose whether a SAR has been prepared or filed.” (Cotton, supra, 235 F. Supp. 2d at p. 815.) Thus, transactional and account documents such as wire transfers, statements, checks, and deposit slips are the types of documents generated in the ordinary course of business that are subject to discovery. (Cotton, 235 F. Supp. 2d at p. 814.) Such documents would be prepared regardless of whether a financial institution has an obligation to report suspicious activity to the federal government.

By contrast, a draft SAR or internal memorandum prepared as part of a financial institution’s process for complying with federal reporting requirements is generated for the specific purpose of fulfilling the institution’s reporting obligation. These types of documents fall within the scope of the SAR privilege because they may reveal the contents of a SAR and disclose whether “a SAR has been prepared or filed.” (12 C.F.R. § 21.11 (k) (2005). Unlike transactional documents, which are evidence of suspicious conduct, draft SAR’s and other internal memoranda or forms that are part of the process of filing SAR’s are created to report suspicious conduct.

Id. Regions, 33 So. 2d at 76; See also United States v. LaCost, 2011 WL 1542072 (C.D. Ill. April 22, 2011). In sum, any documentation or information that may reveal the content of a SAR or whether a SAR has been prepared or filed is prohibited from disclosure. Therefore, it does not matter if a bank accused of identifying a fraud did or did not file an SAR, or an internal report that lead to a SAR filing, or when, because as a matter of law, it is an incredible burden to show causation of the liability to any claimed damages pertaining to SAR filing.

we’re here to help

Contact Us