CI-FIRST Initiative Brings Clarity to Check Fraud SARs
- A new weapon against financial crime has emerged
- CI-FIRST was launched this year to aid banks in sharing information
- Greater clarity, improved feedback, and a higher standard of communication are promised
In the ongoing battle against financial crime -- particularly check fraud -- new initiatives and systems are promising to reshape an industry that has long struggled with reactive, fragmented responses. A recent story from the Thomson Reuters Institute spotlights the emergence of CI-FIRST—an initiative by IRS Criminal Investigation—as a critical development with the potential to clarify, modernize, and ultimately make more effective the use of Suspicious Activity Reports (SARs) in fighting financial crime.
For decades, SARs have played a key role in financial crime detection. Auditors on the front line review questionable transactions and, when something seems amiss—such as unusual deposits or account activity—they file a SAR with the Financial Crimes Enforcement Network. These reports feed into a government database, accessible by agencies like the FBI and IRS, to fuel further investigation.
However, a common frustration has been the lack of feedback: Banks don’t know whether their alerts make a difference, what becomes of their efforts, or how they might improve future reports.
Transparency and Direct Communication
CI-FIRST (Feedback in Response to Strategic Threats), launched in 2025, aims to break this cycle by forging a genuine feedback loop. Instead of SARs existing as one-way communications, CI-FIRST provides banks with insights into the effectiveness and downstream results of their reporting. This transparency supports direct communication and collaboration between financial institutions and federal investigators, marking a fundamental shift in the landscape.
CI-FIRST fosters a more collaborative relationship between financial institutions and federal investigators, allowing for direct feedback and communication. This open dialogue could lead to more efficient and effective SARs processes.
But what does this mean for check fraud—a crime that refuses to die, even in the digital age? Recent SAR data underlines the challenge: More than 682,000 SARs related to check fraud were filed in the past year, with the threat stubbornly robust despite industry efforts. Not only do criminals exploit both old and new vulnerabilities, but financial institutions are also grappling with a surge in account takeovers, elder exploitation, and identity theft.
CI-FIRST’s most valuable offering in this context is clarity. By setting clear standards for how SARs should be prepared and what information is most useful, CI-FIRST improves the quality and utility of these crucial reports. Well-structured SARs help law enforcement connect cases faster, substantiate requests for subpoenas, and eventually build stronger prosecutions. As a result, criminals are identified and prosecuted more efficiently—serving as a real deterrent rather than just another statistic on a government spreadsheet.
Can the Industry Leverage SARs More Effectively?
By bringing greater clarity, improved feedback, and a higher standard of communication between the private and public sectors, CI-FIRST is taking real steps toward a smarter, more integrated, and possibly more effective approach to fraud detection and prevention.
They key will be FIs leveraging the data by both AML and fraud departments. In most cases, SARs are utilized in anti-money launder operations within FIs. While FIs have taken steps to break down silos to merge the two departments -- aka FRAML -- there are still many who maintain these as distinct departments that may collaborate at times, but not necessarily work in tandem with each other.
In the ideal case, both the fraud and AML teams will work out of the same case management system, where fraud and AML analysts can initiate SARs when fraudulent activity occurs, enabling more clarity on accounts and account activity. When a check item is flagged whether through the inclearing process or deposited into an account, this activity can be properly addressed, and a SAR can be created to help other make other institutions aware of this activity -- similar to how consortiums operate.
As addressing fraud has evolved from FIs protecting themselves to FIs collaborating to fight back against fraudsters, initiatives like CI-First and consortiums help the industry work harmoniously to stop fraud.