diff --git a/apiserver/apiserver/api/views.py b/apiserver/apiserver/api/views.py
index 376528b..01d6269 100644
--- a/apiserver/apiserver/api/views.py
+++ b/apiserver/apiserver/api/views.py
@@ -230,6 +230,17 @@ class TransactionViewSet(Base, List, Create, Retrieve, Update):
             raise exceptions.PermissionDenied()
         return super().list(request)
 
+    @action(detail=True, methods=['post'])
+    def report(self, request, pk=None):
+        report_memo = request.data.get('report_memo', '').strip()
+        if not report_memo:
+            raise exceptions.ValidationError(dict(report_memo='This field may not be blank.'))
+        transaction = self.get_object()
+        transaction.report_type = 'User Flagged'
+        transaction.report_memo = report_memo
+        transaction.save()
+        return Response(200)
+
 
 class UserView(views.APIView):
     permission_classes = [AllowMetadata | IsAuthenticated]