Two recent developments signal that momentum is building in Washington to recalibrate Bank Secrecy Act (BSA) reporting to produce higher‑value intelligence with less compliance friction. First, on October 9, 2025, the Financial Crimes Enforcement Network (FinCEN) and the federal banking regulators issued joint guidance in the form of Suspicious Activity Report (SAR) FAQs clarifying several long‑debated expectations that have driven defensive filings and documentation. Second, on October 21, 2025, Senate Banking Committee Chairman Tim Scott introduced the Streamlining Transaction Reporting and Ensuring Anti-Money Laundering Improvements for a New Era (STREAMLINE) Act, a legislative effort aimed at simplifying and rationalizing aspects of BSA reporting. Together, they signal a policy arc toward risk‑based efficiency. But for banks looking for revolutionary change overnight, the fine print matters: The SAR guidance largely harmonizes practice with existing regulations and prior advisories rather than rewriting them, and legislative proposals will take time to shape and enact.

What the New SAR FAQs Actually Change — and What They Do Not

FinCEN’s October SAR FAQs, issued jointly with the Federal Reserve, FDIC, NCUA, and OCC, target three pain points that have long driven SARs volume without necessarily yielding actionable insights for law enforcement.

First, FinCEN made clear that institutions are not required to file a SAR for a transaction or series of transactions with a value at or near the currency transaction reporting (CTR) threshold of $10,000, also known as “structuring.” Rather, the filing obligation arises only where the institution knows or has reason to suspect the activity is designed to evade CTR requirements. Practically speaking, the Department of Justice does not prosecute structuring, and structuring SARs offer little benefit to law enforcement. The SAR FAQs are welcome but doesn’t provide much guidance to determine how an institution should know the activity is designed to evade BSA requirements. To avoid overly cautious and defensive SAR filings, banks should review know your customer (KYC) files and determine whether the deposit activity makes sense in context. Absent additional, incriminating information, there is no reason to file a SAR on a cash-intensive business that happens to regularly deposit less than $10,000 per day.

Second, regarding continuing‑activity reviews after an initial SAR, the guidance clarifies that institutions are not required to conduct a separate post‑SAR review — manual or otherwise — solely to determine whether suspicious activity has continued. Prior references to a 90‑day cadence for “continuing activity” filings were intended to relieve repetitive reporting, not to mandate a stand‑alone surveillance cycle after every SAR. Institutions may instead rely on risk‑based policies, procedures, and controls to identify and report continued suspicious activity, and when they elect to file continuing activity SARs, the previously described timing framework remains available.

Third, on documenting no‑SAR decisions, the agencies state that institutions are not required to document a decision not to file a SAR. While many banks will continue to memorialize such determinations for quality assurance or governance purposes, the guidance affirms there is no regulatory expectation for exhaustive narratives explaining why activity is not suspicious. FinCEN suggests that where institutions choose to document, concise statements keyed to internal policy will generally suffice.

These clarifications matter in day‑to‑day operations. They should curb defensive filings based solely on proximity to the CTR threshold, reduce rote 90‑day lookbacks that add little value, and scale back extensive “no‑SAR” documentation that consumes resources. Importantly, the FAQs do not alter the underlying SAR regulations or supervisory authorities. They reaffirm that expectations are risk‑based and grounded in knowledge or reasonable suspicion of evasion or other predicate concerns. In that sense, the guidance feels evolutionary rather than revolutionary. It removes perceived “gotchas” that crept into practice over time without changing the core program obligations: detect, investigate, and report genuinely suspicious activity in a timely manner.

The STREAMLINE Act: Promise, but Details and Process Matter

In parallel, Senate Republicans have introduced the STREAMLINE Act, a bill aimed at simplifying and rationalizing BSA reporting obligations. The details are limited, but the thrust is consistent with Treasury’s stated direction: reduce duplicative or low‑value reporting burdens and sharpen risk‑based focus, including raising CTR thresholds from $10,000 to $30,000. The bill has received massive support from the banking industry, which has been calling on Washington to increase CTR thresholds for years to account for more than 50 years of inflation.   

It is worth underscoring that legislation necessarily moves on a longer runway than guidance. Introduction is the starting gun, not the finish line; committee process, potential amendments, and alignment with parallel regulatory initiatives will shape any ultimate statute. For banks calibrating near‑term compliance expectations, the FinCEN FAQs are the more immediate operational development. The STREAMLINE Act is the directional signal that Congress is engaged and broadly aligned with the executive branch on rationalizing the reporting framework.

Practical Implications for Institutions

For compliance officers and BSA/AML teams, the near‑term implications of the FAQs are concrete. Policies can be updated to reflect that SARs are not required for CTR‑threshold‑adjacent activity absent indicia of evasion. Monitoring, model tuning, and alert‑handling procedures can be reassessed, so they are commensurate with risk rather than designed around perceived bright‑line expectations. Case management workflows can remove automatic 90‑day review cycles triggered solely by the filing of an initial SAR, while preserving procedures to identify and file on genuinely continuing suspicious activity within applicable timelines. Documentation standards can be right‑sized so that “no‑SAR” rationales are concise and sufficient for internal governance, rather than exhaustive dossiers prepared out of defensive caution.

At the same time, banks should avoid interpreting the FAQs as a signal to relax core controls. The SAR rules still require timely reporting where there is knowledge, suspicion, or reason to suspect structuring, fraud, sanctions evasion, or other illicit activity. Risk assessments should continue to drive monitoring coverage. Where typologies or red flags are present, institutions should expect supervisory scrutiny not only of whether they filed, but of the quality and usefulness of the filings. The policy pivot is toward effectiveness, not leniency.

But the SAR guidance is not a wholesale rewrite. It clarifies and re‑centers existing rules and past advisories; it does not change the statutory filing triggers, the timelines, or the standard that institutions “know, suspect, or have reason to suspect” reportable activity. And while the STREAMLINE Act signals congressional appetite to simplify the regime, its contour, timeline, and interaction with forthcoming regulatory modernization will determine its ultimate impact.

For now, banks can reasonably recalibrate to reduce noise and invest scarce resources in higher‑value detection and reporting — exactly where the government wants attention focused. The strategic takeaway is as much cultural as technical: align programs to produce better outcomes, not bigger counts. That is a welcome shift, even if not the revolution some might have expected.