SAR, STR, CTR: what's the difference?
Banks, cryptocurrency platforms, and fintech companies encounter suspicious transactions on a daily basis. A mistake in assessment or the submission of an incorrect report can result in a business losing its license. Filing SAR, STR, and CTR reports is not a formality — it's a legal obligation that comes with real administrative and even criminal liability. But what’s the difference between these reports? When should each one be submitted? In this article, we explain how to correctly identify the type of report, what criteria regulators use, and how to avoid falling into the risk zone.
The role of SAR, STR, and CTR in the AML system
The financial monitoring and anti-money laundering (AML/CFT) system is based not only on technical controls but also on consistent regulatory reporting. SAR, STR, and CTR are the 3 main types of reports that help financial intelligence units (FIUs), tax authorities, and law enforcement agencies detect suspicious activity, monitor large cash movements, and identify potential financial crime schemes.
The purpose of these reports is to create an informational trail that FIUs can use to launch investigations. CTR reports are usually filed automatically when a cash transaction exceeds a legal threshold. SAR and STR reports are submitted when there is suspicion of unusual or potentially illegal activity.
According to FinCEN data for the 2023 fiscal year:
- Over 4.6 million SARs were filed
- 20.8 million CTRs
- 1.6 million FBARs (foreign bank account reports)
- 421,500 Form 8300s (for cash payments over $10,000)
- 143,200 CMIRs (currency or monetary instruments reports at the border)
These numbers show the scale of the reporting system and its importance as both a preventive and analytical tool. Correctly identifying and filing the right report is not just a legal requirement — it protects your business.
What is a SAR (Suspicious Activity Report)?
SAR is a report about suspicious client activity that is submitted to a Financial Intelligence Unit when there is a reasonable suspicion of a legal violation, such as money laundering, terrorist financing, or sanctions evasion. It does not require proof of a crime. A reasonable suspicion is enough to trigger the filing. A SAR can relate to many types of activity, from large unexplained transfers to attempts to bypass identity verification.
While there is no strict format in many jurisdictions, a SAR usually contains:
- Client or counterparty identification data
- Description of suspicious activity (written in free form)
- Details of transactions and any related parties
- Date, time, and source of the suspicion
- Internal actions taken (e.g., freezing or delaying a transaction)
- Documents related to the investigation
- Contact details of the person responsible for the report
Important! Employees must not inform the client that a SAR has been filed. Doing so could be considered tipping off, which is a criminal offense in many countries.
When must a SAR be filed?
A MLRO or CCO must file a SAR in situations such as:
- The client refuses to complete KYC or presents fake documents
- The client's transactions do not match their profile or make no economic sense
- There are signs of structuring or unexplained use of offshore companies
- The client is linked to a jurisdiction on the FATF blacklist or is under sanctions
- The client tries to influence the transaction terms or hide the true beneficiary
Once filed, the SAR is reviewed by the FIU and may lead to a formal investigation.
What is STR (Suspicious Transaction Report)?
STR is a type of report that is filed when a specific suspicious transaction is detected. Unlike a SAR, an STR is always linked to a particular financial action: a transfer, cash withdrawal, account deposit, asset exchange, cryptocurrency purchase, etc.
The format of an STR may vary by country, but its essence remains the same: if a transaction goes beyond the normal behavior of a client and raises concern, it must be documented and submitted to the relevant authorities.
A Suspicious Transaction Report includes the following information:
- Sender and recipient details
- Amount, currency, and date of the transaction
- Method of execution (online, via exchange, in cash, etc.)
- Suspicious indicators (in the justification)
- Documents related to the investigation
- Signature of the responsible employee and date of submission
Important! If needed, the STR may be accompanied by attachments — copies of documents, screenshots of messages, client requests, etc.
When is an STR filed?
A Suspicious Transaction Report is required in the following cases:
- The amount, method, or structure of the transaction does not match the client’s usual behavior
- The transaction involves persons or countries associated with high risk
- The client tries to bypass limits by splitting one amount into several smaller transfers
- The transaction appears overly complex, lacks a clear economic purpose, or is linked to jurisdictions under sanctions
The report is submitted to the Financial Intelligence Unit (FIU) and may initiate further investigation. Just like a SAR, the STR is submitted to the national FIU. In the EU and the UK, STRs are part of mandatory reporting practices for CASP providers and financial institutions. In many countries, reports are filed online through secure systems (for example, SAR Online in the UKFIU or FinCEN BSA E-Filing System in the U.S.).
What is a CTR (Currency Transaction Report)?
CTR is a report about a large cash transaction that must be filed automatically when it reaches the legal threshold. Unlike SAR and STR, a CTR is submitted automatically, even if the transaction does not appear suspicious.
The main goal of a CTR is to track large cash movements and prevent structuring — the deliberate splitting of amounts to avoid reporting.
A Currency Transaction Report includes the following information:
- Full name and identification details of the client
- Exact amount, date, location, and type of transaction (deposit, withdrawal, exchange, etc.)
- Source of funds
- Information about the institution that processed the transaction
- Signature of the responsible employee
CTR forms are often standardized (for example, Form 112 in the U.S.) and may be submitted electronically through official government platforms.
When is a CTR filed?
A Currency Transaction Report is required in the following situations:
- The client deposits or withdraws more than the established by the regulator (e.g. EUR 15,00o in the Republic of Lithuania) in cash
- The transaction takes place over one or several days, but the total amount exceeds the threshold
- Transactions are made through a cashier, an exchange office, or a cash terminal
- The client tries to avoid the limit by using multiple people or locations
According to FinCEN data for 2023, over 20.8 million CTRs were filed in the U.S., 4.5 times more than SARs. This high number is due to the automatic nature of the report and ongoing monitoring of large cash amounts, especially as regulators tighten control over structuring and the use of crypto for cash-out schemes.
SAR vs STR vs CTR: comparison table
Although all forms relate to the financial monitoring system and are submitted to financial intelligence authorities, their purposes, grounds, and submission procedures differ significantly. The comparative table below will help you quickly navigate the key differences:
|
Criterion |
SAR |
STR |
CTR |
|
Type of report |
Abnormal, unusual activity |
Abnormal, unusual transaction |
Large cash transaction |
|
Trigger for filing |
Behavior or activity patterns |
Specific transaction raises concerns |
Cash threshold exceeded |
|
Threshold amount |
No |
No |
Yes (depends on the jurisdiction) |
|
Suspicion required |
Yes |
Yes |
No |
|
Focus |
Customer actions, risk changes, KYC refusal |
Large, unusual, or structured transactions |
Large cash movements for regulatory tracking |
|
Is the client notified? |
No |
No |
No |
How Key2Law helps companies avoid risks?
We understand that responding to potential risks quickly and correctly is not just a duty — it is also a key part of protecting your business. The Key2Law team offers full support in matters of AML compliance and financial reporting.
We help integrate SAR, STR, and CTR reporting into your business processes: we create internal policies, train staff, set up reporting procedures, and prepare documentation that meets both local and international requirements. With our experience, your actions will be not only legally sound but also supported by proper evidence.
If you want to be sure your company fully complies with AML rules, contact Key2Law today. We will build a tailored strategy for your business, reduce regulatory risks, and strengthen your legal framework.