- Suspicious activity reports: A guide for fund compliance
- What is a suspicious activity report?
- How SARs fit into your AML program
- What triggers a suspicious activity report?
- Insider abuse
- Transaction thresholds
- Terrorism, money laundering, and cybercrime
- Red flags in fund operations
- Who is required to file a SAR?
- SAR obligations for fund managers
- What information is included in a SAR?
- How to file a suspicious activity report
- The BSA E-Filing process
- What happens after you file a SAR?
- SAR confidentiality rules
- Penalties for non-compliance
- How to detect and report suspicious activity
- SAR best practices for fund managers
- Staying compliant with SAR requirements
- Streamlining compliance with Carta
- Frequently asked questions about suspicious activity reports
- What is an example of suspicious activity for a fund manager?
- Can a SAR be filed anonymously?
- How does a SAR differ from a currency transaction report?
- Do SARs apply to special purpose vehicles?
- What happens if a SAR is filed about you?
- How long do financial institutions keep SAR records?
If you manage a private equity (PE) or venture capital (VC) fund, anti-money laundering (AML) compliance is no longer optional. One of the most important tools in that compliance framework is the suspicious activity report (SAR)—a confidential filing that alerts federal authorities to potential financial crimes. Until recently, SARs were primarily a concern for banks and broker-dealers. That’s changing. In 2024, the Financial Crimes Enforcement Network (FinCEN) finalized rules that will require investment advisers, including private fund managers, to file SARs as part of a formal AML program. Although FinCEN postponed the effective date to January 1, 2028, the rule's direction is clear, and fund managers should begin preparing now.
What is a suspicious activity report?
A suspicious activity report (SAR) is a confidential document that a financial institution files with FinCEN when it detects activity that may indicate money laundering, fraud, terrorist financing, or other financial crimes and illegal activity. Filing a SAR does not mean a crime occurred—it means the activity raised enough concern to warrant review by federal authorities. In 2025, financial institutions filed more than 4.1 million SARs, an increase of 8% over the previous year—a record that reflects both growing regulatory expectations and more sophisticated initial detection systems.
The SAR traces its origins to the Bank Secrecy Act (BSA) of 1970, the foundational U.S. law for financial crime reporting which first required financial institutions to report suspicious transactions. Suspicious activity reporting became standardized in 1996 when FinCEN adopted the SAR form to replace the earlier criminal referral form. After 2001, the USA Patriot Act expanded SAR requirements further to combat terrorism financing and broadened the categories of institutions required to file.
One critical point for fund managers encountering SARs for the first time: You may file based on suspicion alone. You do not need proof of a crime before reporting. The standard is whether the activity is unusual enough to justify alerting FinCEN, not whether you can prove wrongdoing.
How SARs fit into your AML program
SARs are one component of a broader AML and KYC framework. They do not operate in isolation. Your AML program includes several interconnected elements, and SAR filing is the step that connects your internal compliance work to federal law enforcement.
Here is how the components work together:
Know your customer (KYC): Verify investor identities and collect baseline information at onboarding.
Transaction monitoring: Flag unusual activity patterns that deviate from an investor's expected behavior.
Customer due diligence (CDD) and enhanced due diligence (EDD): Assess risk levels for each investor, with deeper review for high-risk profiles.
SAR filing: Report suspicious activity to FinCEN when monitoring surfaces concerns.
Record retention: Maintain SAR records and supporting documentation for five years.
KYC provides the foundation. You verify who your investors are and document their expected activity. Transaction monitoring watches for deviations. When monitoring surfaces something suspicious, the SAR is the mechanism that takes your internal findings to the authorities.
For PE and VC fund managers, this framework is on the regulatory horizon. In September 2024, FinCEN finalized rules requiring investment advisers—both registered investment advisers (RIA) and exempt reporting advisers (ERA)—to implement formal AML programs that include SAR filing obligations. FinCEN subsequently postponed the effective date to January 1, 2028, to allow time for further review, but the rule remains on the books. These requirements represent a significant expansion from the traditional banking-focused regime.

What triggers a suspicious activity report?
SAR filing is triggered by specific scenarios defined by federal regulators. Not every unusual transaction requires a SAR, but any activity that meets certain dollar thresholds or raises reasonable suspicion does. SAR triggers fall into specific categories, each with defined criteria.
Insider abuse
Any employee or official at a financial institution who misuses their position for financial gain triggers a mandatory SAR filing, regardless of the dollar amount involved. For example, a bank officer who waives fees or processes unauthorized transactions for personal benefit would require a SAR.
Transaction thresholds
Two primary dollar thresholds determine when a SAR is required. Transactions exceeding $5,000 where a known or readily identifiable suspect is involved in a potential federal crime require a filing. Transactions exceeding $25,000 where no specific suspect has been identified but the activity itself appears suspicious also require a SAR.
Here is how the thresholds break down:
Threshold | Suspect identified? | SAR required? |
Over $5,000 | Yes | Yes |
Over $25,000 | No | Yes |
Any amount | Insider abuse | Yes |
Any amount | Terrorism or money laundering | Yes |
Terrorism, money laundering, and cybercrime
Activities related to terrorism, terrorist financing, money laundering, identity theft, impersonation, or cyber hacking require SAR filing regardless of the monetary value involved. These categories reflect the expanded scope introduced by the USA Patriot Act.
Red flags in fund operations
For fund managers, suspicious activity looks different than it does in retail banking. Here are the patterns you should watch for in your limited partner (LP) and investment activity:
Wire transfers from high-risk jurisdictions: Transfers originating from or directed to countries flagged by FinCEN or the Financial Action Task Force (FATF), including regions with specific requirements like Cayman Islands KYC/AML.
Inconsistent subscription or redemption patterns: An investor whose activity does not match their stated profile or historical behavior, which you can cross-reference against their original subscription agreement.
Structuring: Breaking large transactions into smaller amounts to stay below reporting thresholds.
Rapid capital movement: Money flowing through fund vehicles quickly without a clear business purpose or investment rationale.
Reluctance to provide KYC documentation: LPs who resist providing required identity verification or who submit inconsistent information during data collection.
Opaque ownership structures: Transactions involving shell companies or entities where beneficial ownership is unclear.
Who is required to file a SAR?
Under the BSA, many types of financial institutions have long been required to file SARs. The traditional list includes banks, credit unions, securities broker-dealers, mutual funds, money service businesses, casinos and card clubs, insurance companies, precious metals dealers, and mortgage industry participants.
The common thread: any entity where money laundering, tax evasion, or criminal financing could occur within day-to-day operations falls under BSA reporting requirements.
SAR obligations for fund managers
For fund managers, SAR obligations apply when you conduct investor onboarding, process capital calls, or manage LP transactions. You may encounter suspicious activity that triggers reporting requirements during any of these processes. The connection between KYC checks during LP onboarding and SAR obligations is direct—the same due diligence that verifies investor identity also surfaces red flags.
What this means for you in practice:
Implement a formal AML program with written policies and procedures
Appoint a designated AML compliance officer
Conduct independent testing of your AML program
File SARs when suspicious activity is detected
This applies to PE fund managers, VC fund advisors, and managers of smaller private funds—not just large asset managers. The scope is broader than many fund CFOs realize, and it intersects with other regulatory obligations like Regulation D and the Investment Company Act exemptions you may already rely on.

What information is included in a SAR?
Every SAR must answer six fundamental questions: who, what, when, where, why, and how. The report itself is organized into five required sections:
Section | What to provide | Examples |
Subject information | Full identifying details for all parties involved | Names, addresses, Social Security numbers or tax identification numbers, dates of birth, passport numbers, occupations |
Suspicious activity details | Specifics about the flagged activity | Dates, FinCEN activity codes classifying the type of suspicion, transaction amounts |
Financial institution information | Details about the filing entity | Institution name, address, primary federal regulator, employer identification number (EIN) |
Contact information | Person responsible for the filing | Compliance officer name, phone number, email |
Narrative description | Chronological explanation of why the activity is suspicious | What red flags were observed, how the activity differs from normal behavior, what investigative steps you took |
The narrative section is the most important part. It gives law enforcement the context they need to evaluate whether further investigation is warranted. A vague or generic narrative reduces the report's usefulness, while clear, detailed narratives reduce follow-up requests from law enforcement and improve the report's usefulness for investigations. Be specific, be chronological, and explain your reasoning. A well-maintained audit trail makes it easier to construct a thorough narrative because you have documented records of each transaction and decision point.
How to file a suspicious activity report
You must file a SAR within 30 calendar days of initially detecting suspicious activity. This deadline starts from the moment of detection, not when your investigation is complete.
If you need additional time to identify a subject, a 60-day extension is available. But extensions should be the exception, not the default. File as soon as the activity is confirmed and documented. Waiting until the deadline creates unnecessary risk—if multiple SARs need filing simultaneously or external factors cause delays, late filings can result in regulatory penalties.
After filing, you must retain SAR filings and all supporting documentation for five years from the filing date. You do not need proof that a crime occurred before filing. Reasonable suspicion alone justifies and requires a SAR.
The BSA E-Filing process
Since 2012, all SAR filings must go through FinCEN's BSA E-Filing System. Legacy paper forms are no longer accepted. The process involves four steps:
Create an account on the BSA E-Filing System
Complete the electronic SAR form with all five required sections
Submit the report electronically
Retain a copy of the filed report and supporting documentation
The electronic system standardizes information and allows FinCEN to process reports more efficiently than the previous paper-based process.
What happens after you file a SAR?
Once you submit a SAR, FinCEN analyzes the report and shares relevant information with law enforcement agencies. These include the Federal Bureau of Investigation (FBI), Drug Enforcement Administration (DEA), Internal Revenue Service (IRS), and Immigration and Customs Enforcement (ICE). More than 90% of surveyed partners—including law enforcement, intelligence, and regulatory agencies—rated BSA information as valuable to their work, confirming that SAR data plays a meaningful role in federal investigations.
The information in SARs also produces tangible results for victims. FinCEN's Rapid Response Program has returned over $991 million to fraud victims since 2015, including $95.5 million in fiscal year 2025 alone.
SARs cannot serve as direct evidence in court proceedings due to banking privacy protections. If law enforcement needs additional information beyond what you filed, they must issue a subpoena to your institution.
Filing a SAR does not mean the subject is guilty. It means there is sufficient suspicion to warrant review. This distinction matters if you are concerned about the impact on LP relationships. You are fulfilling a legal obligation, not making an accusation.
SARs also help law enforcement identify patterns across multiple institutions. A single SAR may not trigger an investigation on its own, but when combined with reports from other firms, it can help connect seemingly unrelated incidents and build cases against organized financial crime networks.

SAR confidentiality rules
Federal law strictly prohibits disclosing SAR filings to the subject or any unauthorized party. This rule is non-negotiable. You cannot tell customers a SAR was filed, discuss it with unauthorized employees, or reference it in communications.
"Tipping off"—informing an investor or account holder that a SAR was filed about their activity. Violating SAR confidentiality is a federal criminal offense that can result in significant penalties for both the institution and individual employees. The prohibitions are specific:
You cannot tell the subject a SAR was filed
You cannot discuss the SAR with unauthorized employees
You cannot reference the SAR in communications with the subject
You cannot hint that reporting occurred
There are protections for filers as well. Individuals and institutions that submit SARs receive immunity for statements made in the report. Your identity as the filer is protected from disclosure to the investigation subject. Internal discussion is permitted only among authorized personnel directly involved in the investigation and filing process.
Penalties for non-compliance
Failing to file required SARs carries serious consequences:
Civil penalties: Substantial monetary fines imposed by regulators
Criminal penalties: Imprisonment for willful non-compliance
Regulatory restrictions: Loss of licenses, charters, or the ability to operate
Reputational damage: Effects on LP relationships, fundraising, and market standing
The Anti-Money Laundering Act of 2020 increased penalty provisions and expanded the scope of enforcement. Penalties apply to both institutions and individual compliance officers. This is personal liability, not just organizational risk. Maintaining compliance across your fund operations is the most effective way to mitigate these risks.
How to detect and report suspicious activity
Automated transaction monitoring systems flag unusual patterns by scanning for transactions inconsistent with customer profiles, unusual volumes or frequencies, geographic red flags such as transfers to high-risk jurisdictions, and structuring attempts—breaking large amounts into smaller transactions to avoid reporting thresholds.
Staff training is equally important. Your employees need to recognize behavioral red flags, including vague or inconsistent explanations for transactions, reluctance to provide required information, and transactions lacking a clear business purpose.
For fund managers, detection connects directly to your broader AML/KYC compliance program. Integrating SAR awareness into your existing investor onboarding and transaction monitoring workflows strengthens your overall compliance posture. Funds that operate as RIAs or ERAs face additional scrutiny, making a well-integrated detection process even more valuable.
Carta's fund administration platform, for example, provides integrated compliance tools that help funds maintain KYC checks and flag potential issues during LP onboarding.
Firms that have scaled their investor onboarding workflows demonstrate how technology and compliance can work together. One example: Carta Law helped a firm streamline investor due diligence to handle growing LP volumes without compromising compliance standards.

SAR best practices for fund managers
Building effective SAR procedures into your fund operations requires a proactive approach. Here are six recommendations:
Implement transaction monitoring tools that can flag unusual patterns in LP activity—unusual subscription amounts, irregular redemption timing, and transfers from flagged jurisdictions. Accurate investor reporting data gives you the baseline you need to spot anomalies.
Train your team on fund-specific red flags. LP behavior patterns differ from retail banking transactions. Your compliance training should reflect the types of suspicious activity you are most likely to encounter.
File promptly. Do not wait for the 30-day deadline to approach. Filing as soon as you confirm suspicious activity reduces your regulatory risk.
Write clear narratives. Include what made the activity unusual, how it differs from the investor's profile, and what steps you took to investigate. Be chronological and specific.
Integrate SAR procedures into your existing KYC and AML compliance program rather than treating them as a standalone process. Your fund administration platform should connect compliance workflows with your broader operations.
Conduct periodic independent testing of your AML program to make sure SAR triggers are properly calibrated and your team is following established procedures. Your investor due diligence processes and SAR procedures should reinforce each other.
Staying compliant with SAR requirements
Meeting your SAR obligations comes down to a consistent set of practices. Use this checklist to keep your compliance program on track:
File within 30 days of detecting suspicious activity
Write clear, detailed narrative sections in every SAR
Never disclose SAR filings to subjects or unauthorized parties
Retain SAR records for five years
Train staff to recognize red flags and follow internal escalation procedures
Integrate SAR awareness into your broader AML/KYC compliance program
SAR compliance is not a separate function from running your fund. It is part of how you manage investor relationships, protect your firm from regulatory risk, and maintain the operational integrity your LPs expect. Centralizing compliance workflows within your fund management software—alongside tools for management company administration, LP CRM, and compliance solutions—helps your team stay ahead of obligations instead of reacting to them.
To see how integrated compliance tools can streamline your fund operations, request a demo of Carta fund administration.
Streamlining compliance with Carta
Managing SAR obligations alongside your other fund management responsibilities adds complexity to an already demanding workload. Carta's fund administration platform brings compliance tools—including automated KYC checks for LP onboarding, transaction monitoring, and AML compliance management—into a single platform alongside your fund tax reporting and investor reporting.
Rather than coordinating across multiple vendors and spreadsheets, you can manage investor due diligence and compliance workflows in the same system where you handle capital calls, distributions, and financial reporting. Whether you operate a traditional PE fund, a fund of funds, or a private credit vehicle, Carta consolidates your operations.
Carta Law also provides compliance solutions for transaction AML and investor due diligence.
Request a demo to see how Carta Law handles KYC and compliance workflows alongside your fund operations.

Frequently asked questions about suspicious activity reports
What is an example of suspicious activity for a fund manager?
An LP who has maintained a consistent investment pattern suddenly submits a large subscription followed by an immediate full redemption request, with wire instructions pointing to an unfamiliar jurisdiction. This pattern—rapid in-and-out movement of capital—is a classic indicator of potential money laundering through fund vehicles.
Can a SAR be filed anonymously?
The filer's identity is protected and cannot be disclosed to the subject of the report. However, the SAR form does require identifying information about the filing institution and compliance officer. Confidentiality protections shield the filer's identity from the investigation subject, not from FinCEN itself.
How does a SAR differ from a currency transaction report?
A currency transaction report (CTR) is filed automatically for any cash transaction over $10,000—it is threshold-based and routine. A SAR is suspicion-based and filed when activity appears unusual, regardless of whether it hits a specific dollar amount. CTRs are mechanical; SARs require judgment and analysis.
Do SARs apply to special purpose vehicles?
If you manage a special purpose vehicle (SPV) and you're subject to AML program requirements, your SAR obligations extend to activity within that vehicle. Apply the same monitoring and reporting standards to your SPVs that you use for your main fund entities.
What happens if a SAR is filed about you?
You will not be notified. A SAR is not an accusation—it flags activity for law enforcement review. If investigators need more information, they may issue a subpoena, but the SAR itself cannot be used as evidence in court.
How long do financial institutions keep SAR records?
Federal regulations require institutions to retain SAR filings for five years from the date of filing.

DISCLOSURE: This communication is on behalf of eShares, Inc. dba Carta, Inc. ("Carta"). This communication is for informational purposes only, and contains general information only. Carta is not, by means of this communication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services nor should it be used as a basis for any decision or action that may affect your business or interests. Before making any decision or taking any action that may affect your business or interests, you should consult a qualified professional advisor. This communication is not intended as a recommendation, offer or solicitation for the purchase or sale of any security. Carta does not assume any liability for reliance on the information provided herein. © 2026 Carta. All rights reserved. Reproduction prohibited.




