Have you ever wondered when a routine payment becomes a signal that something is wrong?
An STR is a mandatory notice) used in the local AML/CFT framework to flag activity suspected to involve money laundering, terrorism financing, fraud or other illicit conduct. It is about reporting suspicion, not proving guilt, and is typically submitted to the Suspicious Transaction Reporting Office via the SONAR e-service.
This concise how-to guide targets companies, finance teams, compliance officers and professional advisers who handle day-to-day payments. You will learn how to spot odd behaviour, the legal framework that applies, who must file an STR and the steps to submit a report via STRO/SONAR.
We also explain how internal controls and recordkeeping affect account continuity and risk management, and why local statutes and FATF standards create a strict, rules-based regime for timely escalation.
Key Takeaways
- STRs are mandatory notices to flag suspected illicit money activity; suspicion, not proof, triggers a report.
- Practical steps include spotting red flags, escalating internally and filing via STRO/SONAR.
- Robust internal controls and records support continuity of service and meet compliance expectations.
- Local statutes and FATF recommendations shape strict, rules-based obligations.
- Timely action and clear documentation reduce operational risk and protect the firm.
Why suspicious transaction reporting matters for Singapore businesses
Early detection keeps the financial system secure. STRs help spot patterns that indicate money laundering or terrorism financing and protect the wider market from abuse.
Suspicion, not proof, starts the process. FATF Recommendation 20 stresses filing promptly upon discovery when there are reasonable grounds to believe funds link to criminal activity. A suspected transaction should be escalated; the aim is to interrupt laundering, not to adjudicate guilt.
Banks use automated monitoring, screening and behavioural analytics to flag odd flows. Unusual volumes or opaque transfers can trigger enhanced due diligence, temporary holds or even account restrictions. Firms should expect operational disruptions when their transactions diverge from normal activity.
There is a clear business case for timely action. Good STRs reduce exposure to penalties, preserve banking relationships and demonstrate robust internal controls. Failing file obligations can bring legal trouble and closer scrutiny, so it is safer to report suspicious activity than to self-judge.
Legal and regulatory framework for STRs in Singapore
Understanding the statutory backdrop helps firms know when to escalate unusual activity. Two primary laws set out mandatory duties: the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) and the Terrorism (Suppression of Financing) Act (TSOFA).
Core statutory obligations
These laws create an obligation to file a suspicious transaction report when there are reasonable grounds to suspect links to serious crime or terrorist financing. The duty focuses on suspicion, not proof, and aims to protect the financial system.
The central reporting hub
The Suspicious Transaction Reporting Office (STRO) acts as the national centre for STR intake. Centralised submissions—normally made through SONAR—help authorities spot patterns and share vital intelligence with enforcement agencies.
FATF standards and risk-based practice
Global FATF guidance shapes local framework and regulations, notably Recommendation 20 on STRs and Recommendation 10 on customer due diligence. Firms adopt a risk-based approach that adjusts monitoring by customer profile, product or service, geography and channels.
Good compliance pairs legal duties with clear governance: written procedures, staff training, secure handling of sensitive information, retention of records and defined internal escalation. For practical policies see the terms and conditions.
Who must file a suspicious transaction report in Singapore
Several categories of firms and individuals face an obligation to notify authorities when they detect red flags in day-to-day operations.
Financial institutions and regulated providers
Banks and licensed financial service providers operationalise the duty through compliance teams, automated monitoring and internal escalation committees. Front‑line alerts move to investigators who decide whether to file suspicious transaction report via the national portal.
Designated non‑financial businesses and professions
- Legal practitioners, public accountants, corporate service providers, real estate agents and dealers in precious stones and metals must meet enhanced requirements.
- These gatekeepers handle client funds and structure dealings, so regulators expect clear policies, recordkeeping and timely escalation.
Any person in the course of trade
Notably, the duty can apply to any person who encounters unusual activity while serving clients or suppliers. Staff outside compliance—sales, finance or operations—may spot patterns and should escalate.
Foreign‑owned companies
Foreign firms often face stricter bank due diligence. Provide up‑to‑date corporate documents, explain the commercial rationale for flows, and respond promptly to bank queries to avoid disruptions to accounts and service continuity.
What counts as a suspicious transaction for business accounts
Spotting a risky payment requires comparing live flows against the baseline the client provided. A suspicious transaction is any payment or series of payments that creates mistrust because it departs from the customer’s normal behaviour or industry practice.
Document the baseline on onboarding: nature of trade, typical counterparties, invoice sizes, expected geographies and sources of funds. Keep this information current so reviewers can spot divergence quickly.
Risk factors to assess
- Customer risk: unusual ownership, new beneficial owners, or unexplained identity changes.
- Product/service and transaction risk: high-value transfers, rapid movement of funds, or complex layering across multiple accounts.
- Geographic risk: flows to or from jurisdictions with weak controls or opaque tax arrangements.
- Distribution channels: third-party payment processors or opaque intermediaries that mask the real source.
Translate these factors into simple review questions: Does this transaction match the customer’s declared activity? Is there supporting information such as invoices, contracts or shipping documents? If credible paperwork is missing, the level of concern rises.
“A single payment can be legitimate — but the absence of a clear commercial purpose or documentation increases suspicion.”
Integrate this assessment into internal controls. Regularly update onboarding records, train finance staff to recognise pattern shifts, and escalate early so service continuity is preserved and risks are managed promptly.
Common red flags that trigger STR filing
Practical warning signs guide reviewers when to preserve evidence and consider filing an STR. These markers help staff decide whether to escalate internally and involve compliance teams for formal evaluation.
Unusually large, complex or unexpected payments
One‑off spikes that do not match a client’s declared activity or historic flows deserve attention. Large or layered transfers often indicate layering stages of money laundering.
Structuring and frequent cash activity
Repeated small cash deposits intended to avoid thresholds are a classic red flag. “Small but frequent” cash movement can be more suspicious than a single transparent deposit.
Third‑party involvement and weak rationale
Payments from unrelated senders, sudden beneficiary changes or intermediaries without a contract trail raise concerns. Lack of a credible commercial reason increases the risk of laundering.
Refusal to identify or explain source of funds
Delays or refusal to provide ID, beneficial ownership or source‑of‑wealth details should prompt escalation. Non‑cooperation is itself a trigger to collect facts and preserve records.
False documents, dormant accounts and odd behaviour
Altered invoices, unverifiable documents or reactivated dormant accounts used as pass‑throughs suggest misuse. Record facts; do not confront clients directly.
High‑risk geographies and opaque cross‑border routes
Opaque routing, unusual currencies or links to high‑risk jurisdictions and complex distribution channels increase scrutiny. These patterns often form part of laundering typologies and should be documented for any potential suspicious transaction report.
“The aim is to record objective facts, preserve evidence and let compliance decide whether to file.”
How to file singapore business account suspicious transaction reporting via STRO
A clear, factual submission begins long before you log in: collect documents and build a timeline first.
Submitting an STR through SONAR: what to prepare before you start
Gather identifiers: account and transaction references, dates, times and currencies. Collate copies of invoices, contracts, SWIFT messages and any email trails.
Note internal case notes that explain why concern arose. Keep beneficiary and beneficial‑owner details ready for upload.
How to write a clear narrative: facts, timelines, parties, and reasons for suspicion
Stick to verifiable facts and build a concise timeline. Identify all parties and state known ownership links.
Explain deviations from expected customer behaviour and list steps taken to obtain explanations. Do not allege guilt; describe evidence and observable anomalies.
Related SONAR forms: CTRs and CMRs
SONAR also accepts Cash Transaction Reports (Form NP 759) and Cross‑Border Movement Reports (Form NP 728). Use these where cash limits or cross‑border movements apply alongside an STR.
Confidentiality and handling of sensitive information
Limit distribution to a need‑to‑know circle. Store files securely and avoid tipping‑off the subject when you file.
Keep communications with banks factual and consistent to preserve confidentiality and investigative value.
What happens after filing: follow-up and records
Expect follow‑up questions from authorities or banks. Respond promptly and keep documents organised to support account continuity.
Retain logs, copies of submissions and internal notes for the retention period required by law. Prompt, accurate replies reduce disruption and aid resolution.
| Step | What to prepare | Why it matters |
|---|---|---|
| 1. Collate identifiers | Account refs, TX IDs, dates | Speeds up review and cross‑matching |
| 2. Collect documents | Invoices, contracts, SWIFT, emails | Supports verifiable facts in the report |
| 3. Draft narrative | Timeline, parties, deviation notes | Helps analysts assess risk quickly |
| 4. File via SONAR | Upload evidence, submit forms | Official intake by STRO and linked units |
| 5. Archive & respond | Retention logs, reply to queries | Maintains continuity and regulatory compliance |
For a practical guide on submission templates see the reporting guide, and for internal process templates consider this workflow example.
Conclusion
Clear, timely escalation protects a firm’s access to banking and helps prevent illicit flows from moving through the financial system.
AML-driven review and fast action are practical safeguards against money laundering and terrorism financing. Firms and company teams should treat suspicion as the threshold to act, not as a barrier to engagement.
Maintain documented escalation paths, regular staff training and records that show why decisions were made. Banks frequently review unclear activity and may freeze or close accounts when patterns lack commercial rationale.
Be audit-ready: keep customer due diligence, transaction context and internal notes organised. Identify red flags, preserve evidence, escalate internally, and file where required to reduce the risk of penalties or failing file situations.
Consistent STR filing feeds enforcement intelligence — higher STR volumes show that compliant reports support national resilience and stronger AML outcomes.
FAQ
What is the purpose of this guide to Singapore business account suspicious transaction reporting?
Why does filing a suspicious transaction report matter for companies?
How do reports support AML/CFT and protect financial integrity?
What is the difference between suspicion and proof when deciding to report?
How can a bank’s monitoring affect an organisation’s accounts, such as freezes or closures?
Which laws form the core regulatory framework for reporting in Singapore?
What is the role of the Suspicious Transaction Reporting Office (STRO)?
How do FATF standards influence local expectations for due diligence and reporting?
Who must file a report when they encounter suspicious activity?
Are there special considerations for foreign‑owned companies operating local bank accounts?
What kinds of activity count as suspicious for business accounts?
What risk factors should firms assess when monitoring transactions?
What are common red flags that should trigger a report?
How should an organisation prepare before submitting an STR through SONAR?
What makes a clear narrative in an STR?
What related forms or reports can be filed alongside an STR in SONAR?
How is confidentiality handled when reporting suspicious activity?
What happens after filing an STR: follow‑up, recordkeeping and responding to queries?
What are the consequences of failing to file required reports?
Dean Cheong is a Singapore-based commercial growth architect and CEO of VOffice, known for helping B2B companies turn fragmented sales efforts into predictable revenue systems. He specializes in sales process optimisation, CRM-driven visibility, and market entry strategy, combining execution discipline with a strong academic grounding in business banking and finance from Nanyang Technological University. His focus is on building repeatable, data-backed growth frameworks that companies can scale with confidence.