Suspicious Activity Reports for accountancy firms: AML reporting guide

Professional reviewing documents as part of suspicious activity reporting process

Last updated: July 1, 2026

While Suspicious Activity Reports (SARs) are a rare event for small accountancy firms, the difficulty lies in knowing when an unusual client matter has moved beyond a routine query.  

This judgment is fundamental because the wrong response can create real anti-money laundering (AML) compliance problems for the firm. 

Staff must know when to escalate a potential AML concern, and the nominated officer, commonly referred to as the Money Laundering Reporting Officer (MLRO), needs a clear basis for deciding whether to report.

Firms should also ensure they manage client work without revealing that a SAR or defence request may be under consideration.

Key takeaways

  • Staff do not need to prove money laundering before raising a concern internally.
  • The MLRO should separate the facts from the judgement being made about those facts.
  • A Defence Against Money Laundering (DAML) request is only relevant if the firm needs a defence for a specific future act.
  • Client communications should stay within normal professional enquiries and avoid revealing the reporting process.
  • Decisions not to submit a SAR should be recorded just as carefully as decisions to report.
  • SAR procedures function best when they are built into onboarding, ongoing monitoring, and routine file work.

SAR basics for the UK accountancy sector

A SAR alerts law enforcement to possible money laundering or terrorist financing. SARs are submitted to the UK Financial Intelligence Unit (UKFIU), which sits within the National Crime Agency (NCA).

The intelligence report helps law enforcement connect information and spot risks that are not visible from public sources. In accountancy work, that intelligence can be valuable because the firm may see financial and ownership information that others are not privy to.

In addition, a SAR can protect the reporter or the firm where a statutory defence is available for a principal money laundering offence. This is a separate issue from the basic reporting duty and becomes especially relevant when firms are being asked to carry out a future act involving suspected criminal property.

Confusion around SARs

The NCA makes clear that SARs do not replace reporting a crime to the police or escalating a matter to another relevant government department. If another reporting avenue applies, the SAR route may sit alongside it.

This distinction ensures accountancy firms avoid common mistakes, such as treating every irregularity as a SAR issue without asking whether there is knowledge or suspicion of money laundering or terrorist financing. 

Moreover,  it helps firms avoid assuming that filing a SAR deals with every external reporting obligation connected with the same facts.

Why accountants are exposed to SAR decisions

Accounting firms can be exposed to SAR decisions because their work gives them an intimate view of a client’s finances. Accountancy services, particularly work involving records or client money, can reveal how funds flow through a client’s affairs.

HMRC identifies accountancy service providers as well placed to spot financial crime risks and highlights payroll and tax-related work as attractive for money laundering purposes.

While this does not mean every error or unexplained item becomes reportable, accountancy firms need enough structure to stop genuine concerns from being handled by informal judgement only. 

Supervisory context: As AML supervision of the accountancy sector becomes more centralised and evidence-led, firms are likely to face closer scrutiny of how concerns are escalated, reviewed, and recorded.

An overview of the SAR pathway

A controlled SAR process usually follows five stages:

  1. 01 A concern or unusual piece of information arises during client work.
  2. 02 Staff consider whether it may involve knowledge, suspicion, or reasonable grounds to know or suspect money laundering or terrorist financing.
  3. 03 An internal report is made to the MLRO.
  4. 04 The MLRO reviews the information, records their assessment, and decides whether an external SAR is required.
  5. 05 The firm manages defence requests and the related confidentiality and record-keeping issues around the client’s work.

This sequence is designed for uncertainty, as it enables staff to flag the issue while the appointed reviewer decides whether the reporting threshold is met.

Practical takeaway: Small firms often have few people involved in the practice, albeit, regulated businesses must appoint an MLRO (sole practitioners often act in this role themselves). The MLRO receives staff reports and decides whether to escalate to the NCA or request a defence.

From AML concern to suspicion: When staff should escalate

A concern does not always mean a SAR is required. Initially, staff might only know that something appears materially relevant to AML risk and needs to be escalated for review. Their task is to recognise that the AML matter belongs in the firm’s SAR process.

Per accountancy sector guidance, suspicion sits above idle speculation. Put otherwise,  suspicion is more definite than speculation but falls short of evidence-based knowledge. 

Suspicion can arise from facts or observations that give the firm a grounded concern, yet at the same time, supervisory bodies warn against reports based purely on speculation.

Reasonable grounds add an objective element, as it asks what would be expected of a reasonable person in the same position, with the relevant professional background and information available. 

This means staff do not need certainty before escalating, but they should not ignore AML matters that a trained accountant would be expected to recognise as suspicious.

Accountancy examples that may raise a money laundering concern

Concerns often arise from ordinary accountancy work. 

For example, a client might provide incomplete records while pressing the firm to finalise accounts quickly. Tax work can also reveal concerns, such as unexplained financial information or a refusal to correct an irregularity, which can move the issue beyond normal error correction. 

The professional judgment to make is whether the facts known to the firm meet the reporting threshold.

HMRC gives examples of risks that might be relevant to this assessment, including activity that does not fit the client profile, lacks a clear business reason, or raises higher-risk relationship concerns.

Regulatory change can also affect how firms document and refresh these controls, particularly when AML procedures need to reflect updated requirements under the 2026 AML Amendment Regulations.

Why staff should report internally rather than investigate alone

Staff should not try to prove money laundering before they escalate, as this can delay a required report and may increase tipping-off risk if the client is asked unnecessary or unusual questions.

That said, normal engagement enquiries can still be appropriate. An accounts senior can ask for missing invoices, for example, because that is part of ordinary file work. 

However, the line is crossed if staff begin investigating suspected criminality outside the normal scope of the engagement, or say something that reveals a SAR could be made.

Internal SARs: How concerns should be escalated inside the firm

CCAB states that the MLRO must hold enough seniority and practical capacity to review internal SARs and make external reports in a timely way, which can be demanding in a small practice. 

If the MLRO also holds the main client-service and ownership roles, the process still needs discipline. The internal record should show that the nominated person paused to assess the AML concern, rather than simply approaching it as the partner trying to keep the job moving.

An internal report should also give the MLRO enough material to identify the client, alongside the concern and work affected.

The report should also record whether any urgent work is pending, because money movement, filings, or deadlines can affect the timing of the MLRO’s review. 

Beyond urgency, the report should stay factual and specific. For example, it is stronger to record that bank statements show unexplained cash deposits over a defined period than to state that the client is obviously laundering money. 

In other words, clear facts help the MLRO assess the position without importing assumptions.

Internal discussion and confidentiality

Internal escalation to the right person is part of the SAR process. 

This means that the tipping-off rules do not prevent a relevant employee from discussing the matter with another relevant employee of the same undertaking, provided the discussion is part of the proper internal procedure.

Even so, casual discussion should be avoided, particularly in a small office, which can easily blur the line between internal escalation and general conversation. 

The safest approach is to only share the concern with the MLRO, or with another person authorised by the firm’s SAR process to help with the review.

Those authorisations should also align with the firm’s employee screening under the Money Laundering Regulations, particularly for staff who may handle internal SAR material.

The MLRO review: Deciding what happens next

The review undertaken by the MLRO tests whether the internal report gives rise to suspicion of money laundering or terrorist financing and, if it does, whether an external SAR must be made to the NCA.

In that role, the reviewer applies professional judgement and the firm’s procedures to the information available, which, in a smaller practice, can require a conscious shift from client-service thinking to reporting-risk compliance.

A properly recorded MLRO review separates what the firm knows from the conclusion reached. 

For example, the record might show that the client received unexplained funds and could not give a credible source. From there, the MLRO can decide whether those facts create suspicion that the funds may be criminal property. 

Practical takeaway: Keeping the facts and conclusion separate helps ensure the AML outcome can be defended later.

Reasonable internal enquiries

CCAB guidance recognises that deciding whether something is suspicious often requires enquiries with the client or their records, provided those enquiries remain within the normal scope of the assignment or business relationship.

Judgement is especially important at this point, as routine checks against the practice’s work and client records may help confirm or remove the concern. 

However, pressing the client with unusual questions about criminal property, or suggesting that the firm is considering a report, can result in a tipping-off risk.

Safer enquiryHigher-risk communication
Asking the client to explain a change in trading activity needed for the engagement.Asking whether the change is linked to criminal funds.
Requesting support for a bank receipt that has not been explained in the records.Telling the client the receipt has triggered a possible SAR review.
Clarifying the source of funds when that is part of normal customer due diligence.Suggesting that work cannot continue because the firm is waiting for a DAML response.
Asking for ordinary information needed to complete the engagement.Warning the client that law enforcement interest could follow.

Additionally, the MLRO should decide what instructions staff need while the review is open, including whether any client action should pause until the AML risk position is clear.

Documenting the decision

The MLRO’s decision should be recorded irrespective of whether an external SAR is made. The record should capture the internal report, as well as the MLRO’s assessment and the instructions given to staff.

This record protects the firm in two ways. It shows that the internal report was taken seriously, and it helps the firm explain the decision if it is later challenged or reviewed.

Privilege and difficult cases

Some AML matters can raise privilege reporting exemption questions, particularly if the firm has received the information while providing tax advice. 

This is a technical area, so the MLRO should avoid assuming that tax-related work is automatically covered, particularly when the information came from bookkeeping, accounts preparation, audit, or standard tax compliance activity.

When privilege may be relevant, the MLRO should record how the information arose and what type of work was being carried out at the time. 

Sector guidance points to the importance of recording the provenance of the information, and legal advice might be needed if the position is unclear.

Submitting an external SAR to the UKFIU

External SARs are submitted to the UKFIU through the SAR Portal. 

Firms that have not used the portal before should check their access before an urgent report is needed, especially if they previously relied on the older SAR Online system. 

The MLRO’s portal details and cover arrangements should be kept current so that registration problems do not delay a time-sensitive report. 

Reports can be made at any time, and after submission, the portal provides an acknowledgement and reference number. 

What a defensible SAR should contain

A SAR should give law enforcement enough factual context to understand who is involved, what happened, and why the firm suspects money laundering or terrorist financing.

According to UKFIU guidance, the reason for suspicion must explain how the suspicion was reached, and the suspected criminal or terrorist property should be described clearly.

The SAR Portal also includes glossary codes, which help the UKFIU identify reports linked to particular threat types or reporting priorities. 

The UKFIU provides short guidance videos on SAR terminology, including glossary codes.

If a code is selected, the narrative should explain why it fits the facts of the report. The available codes can change, so the current portal list should be checked when submitting.

Instead of turning the SAR into a full case file, accountancy firms should aim for a concise narrative that connects the records seen to the suspected property and explains why the concern arose.

Practical takeaway: The NCA explains that because of the sensitive nature of law enforcement investigations, SAR reporters are not routinely provided with updates. Therefore, firms might only become aware of operational activity if law enforcement asks for further information.

DAML: When the firm needs to pause before acting

A DAML is relevant when a firm has suspicion about a future activity it intends to carry out, and proceeding could put the firm at risk of committing a principal money laundering offence. For terrorist financing concerns, the equivalent request is a defence against terrorist financing (DATF).

DAML request

What the request is for

Specific future act

A DAML request should identify the activity the firm is concerned about before it proceeds.

Defined defence

The request seeks a defence for that act. It does not validate the client or approve the wider engagement.

Work that must pause

The activity covered by the request should pause unless the relevant statutory position allows it to continue.

Nonetheless, the request must be specific. It should identify the act the firm is concerned about, such as a client money transfer or distribution, rather than ask for general permission to continue acting. 

Supervisory bodies warn that a poorly defined or too broad DAML request could be refused or treated as invalid because it does not show clearly which activities would otherwise be offences under sections 327 to 329 of the Proceeds of Crime Act 2002.

The SAR Portal treats defence requests as a separate part of the submission, so the MLRO needs to complete the relevant DAML or DATF question when a defence is being sought. UKFIU also highlights that a request written only in the reason for suspicion field will not be considered as a defence request.

What happens to client work while waiting

If a DAML request is made, the activity in question must pause unless and until the relevant statutory position allows it to continue.

Importantly, however, some work for the client can still continue if it sits outside the prohibited act. The firm should separate the paused activity from any remaining services and check that continuing work does not create a tipping-off risk or involve suspected criminal property. 

Moreover, the MLRO should give staff clear instructions about the paused work and related client communications.

Confidentiality, tipping off, and client communications

SARs and DAML requests are highly sensitive. They contain the firm’s suspicions and details of the people involved, including material that may be used by law enforcement. Access should be limited to people who need it for the firm’s reporting process.

SAR Portal guidance reflects that confidentiality concern. It states that SARs should not be emailed to the UKFIU and explains that the portal is the secure route for submission. It also notes that portal privacy settings affect who within the organisation can handle the report.

Confidentiality can be harder to maintain in small practices because people sit close together and roles overlap. Therefore,  SAR material should only be stored and shared through the controlled reporting process.

What tipping off means in practice

Tipping-off risk arises when a disclosure about a SAR or a possible money laundering or terrorist financing investigation is likely to prejudice an investigation. ICAEW’s tipping-off helpsheet summarises the offence in those terms.

The overarching risk is often in the wording used with clients. A member of staff should not tell a client anything that reveals the reporting process or a pending DAML response. Even a vague warning can create legal risk if it alerts the client to the possibility of law enforcement interest.

Normal professional enquiries

Normal professional work can typically continue within tipping-off constraints. 

ICAEW notes that a firm can make enquiries to a client when those enquiries fall within the normal scope of the engagement or business relationship. The same principle appears in CCAB guidance, which treats a question about why an invoice was left out of a tax return as an ordinary professional enquiry. 

The key control is the message itself, which should seek information needed for the engagement without revealing suspicion, a SAR, or a possible defence request.

Client communications

Normal enquiry or tipping-off risk?

Normal professional enquiry

The message asks for information needed for the engagement and stays within the ordinary scope of the work.

Higher-risk communication

The message reveals or implies that suspicion, a SAR, or law enforcement interest is involved.

Similar care is needed when advising a client to correct an error or avoid unlawful conduct. The firm can give proper professional advice, but the communication should focus on the client’s obligations and the accounting or tax treatment.

Discipline is also needed if the firm decides to disengage after suspicion has arisen. A short disengagement letter can be appropriate, but it should not disclose that a SAR has been made or suggest that the client is under investigation. 

Professional handover communications should be drafted on the same basis because they may be read by the client or a third party.

Record keeping: Evidence that the SAR process worked

SAR records should trace the matter from concern to decision. This means retaining a complete SAR process record that captures the MLRO’s assessment, any external reference, and, if applicable, instructions given to staff.

These records can form the basis of a defence against accusations of failing to carry out duties under the Proceeds of Crime Act 2002 and the Money Laundering Regulations 2017.

If the MLRO decides not to submit an external SAR, the AML record should identify the facts considered and why the threshold was not met. Without that, the firm might struggle to explain the decision in the event of a supervisory review.

The AML record becomes even more important if the matter later develops. It enables the MLRO to see what was known at each stage and whether the new information changes the assessment.

Retention, security, and access

SAR records should be kept securely and be readily retrievable by those who need access. They should not sit casually on open client files where unauthorised people could see them. 

When the firm uses a practice management system, access permissions need to reflect the sensitivity of the records.

As confirmed by CCAB, money laundering record keeping should also be handled in line with data protection requirements.

Embedding SARs into day-to-day accountancy work

Suspicion can arise before the firm is formally engaged with the client. During the onboarding procedure, a prospective client might raise concerns about ownership, trading activity, or source of funds.

The client acceptance process should therefore include escalation triggers. Accountancy practices must ensure staff know when an onboarding concern moves out of routine customer due diligence and into the SAR process.

This is because HMRC expects regulated businesses to have adequate internal controls and monitoring systems that alert relevant people if criminals try to use the business for money laundering.

Existing client reviews and ongoing monitoring

AML concerns often emerge during the client relationship, as routine accountancy work and customer due diligence refreshes can bring these matters to the surface.

Rather than leaving the matter as an unresolved file query, ongoing monitoring should feed the SAR process when a change in the client profile remains unexplained. 

Training and escalation culture

Adequate training helps ensure the SAR process is implemented effectively. Staff should understand red flags and the internal reporting route, and know when uncertainty should be escalated.

Training materials should determine when it is appropriate to make an internal report to the MLRO and how to do so. This benchmark turns SAR training from a legal overview into something staff can apply during client work.

Practice culture is another important aspect to consider. If staff believe that internal reports will be treated as an overreaction, they may hesitate to raise one when needed. Similarly, if the MLRO treats every AML concern as a nuisance, the SAR process will weaken.

A more appropriate message is that prompt escalation is part of professional scepticism and protects both the firm and the individual.

Sole practitioner guidance: Sole practitioners still need to document the SAR decision even though the internal reporting stage is effectively a self-assessment. This documentation can feel artificial because there is no separate MLRO to report to. Nevertheless, a dated note should identify the information, enquiries, and outcome so the decision does not depend on memory.

SAR pathway

SAR process checklist for accountancy firms

  1. 01 Identify the concern and record the facts clearly.
  2. 02 Avoid client comments that could reveal a SAR or possible investigation.
  3. 03 Escalate internally to the MLRO.
  4. 04 Review whether there is knowledge, suspicion, or reasonable grounds.
  5. 05 Decide whether an external SAR is required.
  6. 06 Consider whether a DAML request is needed before any future act.
  7. 07 Give staff clear instructions about work that can continue.
  8. 08 Record the decision, including decisions not to report.
  9. 09 Store SAR records securely with restricted access.
  10. 10 Feed lessons into training, onboarding, and ongoing monitoring.

In summary

Some SAR decisions are straightforward, while others are more challenging because they involve sensitive judgement areas such as privilege, client money, or a possible DAML request. 

The NCA cannot advise an individual or organisation whether to submit a SAR. Instead, it directs firms to their anti-money laundering supervisory channels or independent legal advice. 

A small firm’s strongest position is to have the escalation route agreed before a difficult case arises. This turns the SAR process from a last-minute judgement call into a controlled part of the practice’s AML controls.

Kane Pepi, Founder of Evidentia Compliance
Kane Pepi Founder, Evidentia Compliance

Kane Pepi is the founder of Evidentia Compliance, with a strong academic background in accounting, finance, and financial crime, and peer-reviewed research in money laundering and terrorist financing.

His work focuses on making AML compliance more practical for small regulated firms that face rising supervisory expectations and limited compliance capacity.

AMLWATCH BY EVIDENTIA
AML compliance updates and regulatory guidance for the accountancy sector

Stay informed on AML supervision, FCA developments, enforcement trends, and common compliance weaknesses affecting UK accountancy firms. AMLWATCH by Evidentia is written for small practices that need AML insight without the regulatory jargon.

    FAQs

    Does every unusual client issue need to be reported as a SAR?

    No. An unusual AML issue should be considered in context before any external report is made. For example, missing records or unclear figures may start as ordinary accountancy queries. They can become more serious only when the facts create a genuine concern about money laundering or terrorist financing.

    When should staff raise a possible SAR concern with the MLRO?

    Staff should raise the issue when something in the client work gives them a real AML concern. They do not need to prove money laundering before speaking to the MLRO. The internal report should explain what was seen, which client work is affected, and whether any urgent action is pending.

    Can an accountant ask the client questions after a money laundering concern arises?

    Yes, if the questions are part of normal accountancy work, a firm can still ask for records, explanations, or supporting documents needed for the engagement. The risk comes from saying or implying that a SAR, DAML request, or law enforcement issue may be involved.

    How does a sole practitioner handle SAR decisions?

    While a sole practitioner is often the person who spots the concern and decides what happens next, the AML outcome should still be written down. The note should explain the concern, any normal enquiries made, and whether an external SAR or DAML request was considered.

    When might an accountancy firm need to consider a DAML request?

    A DAML request may need consideration when the firm suspects criminal property and is being asked to carry out a specific future act, such as moving client money or making a payment. The request should relate to that particular act rather than general permission to continue acting.

    What should be recorded if the MLRO decides no SAR is needed?

    The firm should record the concern, facts reviewed, and why the MLRO decided that an external SAR was not required. The record should be clear enough to show what was known at the time and how the decision was reached.

    References and Source Material

    Leave a Reply

    Your email address will not be published. Required fields are marked *