What should an institution do upon receiving a SAR filing?

When an institution receives a Suspicious Activity Report (SAR) filing, maintaining confidentiality is crucial. This obligation stems from both legal and regulatory requirements, as SARs contain sensitive information regarding potential illicit activities and the individuals involved. Disclosing this information publicly or sharing it indiscriminately within the organization could jeopardize investigations, compromise the safety of individuals mentioned in the report, and violate legal stipulations under laws such as the Bank Secrecy Act (BSA) in the United States.

Ensuring confidentiality helps protect the integrity of ongoing investigations and maintains the institution's credibility and compliance with relevant laws. An institution should restrict access to SAR filings to only those individuals who are authorized to review or act on the information, thereby safeguarding the report's details and honoring the importance of discretion required in these matters.