You do not just draw a line under the matter and move on. The SAR can have a variety of consequences, and your business needs to consider them and decide how to manage the client relationship from now on.

Some key tips

1. Do not do anything that might tip off the client that a SAR has been made.
2. do not carry out transactions for the client until you have had consent from the FIU (or, in some jurisdictions such as the UK, if enough time has passed for there to be deemed consent). And even then you may well decline to carry out transactions if you are on notice that this might expose you to civil liability.
3. do not assume that consent means you can shelve your suspicions about the client or the transactions he wants. You must continue to apply the relevant AML provisions while the relationship persists, and if further cause for suspicion arises you should consider making a further SAR.
4. it is a good idea for the MLRO to make direct personal contact with the relevant person at the FIU, and/or the regulator with the FIU’s consent, once the SAR is made. This builds a relationship of trust which may stand you in good stead if there are subsequent investigations arising from the SAR. It may also help to ensure a speedy and sympathetic response to the SAR. It should be the MLRO who establishes this contact. Any significant action you may subsequently take in relation to the client, for example exiting the relationship, should only be done with the knowledge and approval of the FIU.
5. Your business should seek to learn lessons from the fact that an SAR has been made. If you conclude that the facts underlying the SAR reveal deficiencies in your own policies and procedures, historic or current, it may be advisable to contact the regulator to inform them that you have identified such an issue and are taking active steps (eg paying for an external review) to address it.