During a recent AML Effectiveness Review, C&G encountered a familiar but troubling pattern. The client — a well-organised Canadian MSB — had invested in strong onboarding controls. Their identity verification process was robust: AI-powered ID checks, biometric validation, and trained compliance staff reviewing each onboarding case before approval. Several suspicious attempts to open accounts with fraudulent or altered IDs were successfully blocked before onboarding was completed.

But no Suspicious Transaction Reports (STRs) were filed. The rationale?

“We didn’t onboard them. No account was opened. There were no transactions. So we assumed we weren’t required to file anything.”

This logic, while intuitive, misses a key regulatory requirement — and potentially exposes the reporting entity to compliance deficiencies.

What the Regulations Actually Say

According to FINTRAC’s Guideline 3, a transaction does not need to be completed to be reportable. Section 2.3 states:

“You are required to submit a suspicious transaction report (STR) even if the transaction was not completed, provided there were reasonable grounds to suspect that the transaction was related to the commission or attempted commission of a money laundering or terrorist financing offence.” FINTRAC Guideline 3, Section 2.3

Similarly, FinCEN in the United States requires MSBs to report any transaction or attempted transaction where there are reasonable grounds to suspect money laundering or terrorist financing. The UK’s FCA, via the Proceeds of Crime Act 2002, goes further — emphasising the obligation to disclose any suspicion of money laundering, even if no transaction occurs.

Why Attempted Transactions Matter

The intent to commit fraud, launder funds, or bypass controls is often evident at the point of attempted onboarding. A fraudulent passport. A stolen identity. A fabricated proof of address. Even if your systems stop the bad actor, the attempt alone may constitute suspicious activity for three important reasons:

  • Fraudsters often probe weak points in onboarding systems to identify vulnerabilities
  • Repeated failed attempts may indicate broader criminal schemes — such as account mule recruitment or synthetic ID fraud
  • Intelligence from attempted suspicious transactions can support law enforcement investigations

Scenarios That May Trigger Attempted STRs

Forged or altered documentsSubmission of fraudulent identification during the KYC process, even if detected and rejected.
Stolen identitiesUse of a stolen identity confirmed via fraud alerts or adverse media screening during onboarding.
Structuring attemptsAttempts to structure onboarding to avoid enhanced due diligence — for example, claiming false residential ties or concealing beneficial ownership.
Red-flag behaviour without completed transactionsIn-person or digital behaviour that raises suspicion but stops short of a completed transaction.

Best Practices for Reporting Attempted STRs

  1. Train frontline staff and onboarding teams to escalate suspicious patterns even if no account is opened
  2. Maintain detailed records of rejected onboarding cases, especially those involving red flags or fraud indicators
  3. Document your Reasonable Grounds to Suspect (RGS) analysis in internal notes, even if you are uncertain whether to file — seek compliance advice when needed
  4. Err on the side of caution: if there are reasonable grounds to suspect an offence, an STR should be filed
  5. Ensure your written policies explicitly include “attempted transactions” as part of your STR criteria
The Bottom Line When it comes to suspicious activity, “almost” counts more than you think. A well-functioning onboarding system is a critical part of AML risk mitigation — but it does not replace your obligation to report. Attempted STRs are a blind spot for many reporting entities. Regulators are clear: if suspicion exists and the activity attempted to touch your business, an STR may be required.

Need Support Strengthening Your STR Program?

C&G Professional Services encourages all MSBs, PSPs, and other reporting entities to review their STR procedures to ensure they capture both completed and attempted suspicious activities. We can conduct an AML Effectiveness Review and help close this gap.

Contact Our Team Book a Free Consultation
← FINTRAC & Title Insurers All Articles →