As I used to wear both security/fraud and BSA/AML hats, I was responsible for reporting to the board. While I reported quarterly to the audit committee, I usually had a year end summary of both fraud loss totals for the year, security incidents for the year, and SAR filings for the year with a comparison to the previous year or two. This was a way for me to show that as we were growing - so were the number of incidents, losses, and SARs. It is not required outside of any policy that you might have, but it might be a good practice to continue.
Knowledge is knowing what to say. Wisdom is knowing when to say it.