Small Businesses: Be Alert to Identity Theft

WASHINGTON – The IRS, state tax agencies and the nation’s tax industry joined together to warn small businesses to be on-guard against a growing wave of identity theft against employers. Small business identity theft is a big business for identity thieves. Just like individuals, businesses may have their identities stolen and their sensitive information used to open credit card accounts or used to file fraudulent tax refunds for bogus refunds.

Identity thieves are more sophisticated than they used to be. They know the tax code and filing practices and how to get valuable data. The IRS has seen a sharp increase in fraudulent business tax forms. These include Forms 11201120S and 1041, as well as Schedule K-1. These affect business, partnership, estate and trust filers.

Identity thieves have long made use of stolen Employer Identification Numbers (EINs) to create fake Forms W-2 that they would file with fraudulent individual tax returns. Fraudsters also used EINs to open new lines of credit or obtain credit cards. Now, they are using company names and EINs to file fraudulent returns.

As with fraudulent individual returns, there are certain signs that may indicate identity theft. Business, partnerships and estate and trust filers should be alert to potential identity theft and contact the IRS if they experience any of these issues:

  • The IRS rejects an e-filed return saying it already has one with that identification number.
  • The IRS rejects an extension to file request saying it already has a return with that identification number.
  • The filer receives an unexpected tax transcript.
  • The filer receives an IRS notice that doesn’t relate to anything they submitted.
  • The filer doesn’t receive expected or routine mailings from the IRS.

New Procedures to Protect Businesses in 2018

The IRS, state tax agencies and software providers have ways to detect suspicious returns. However, some new measures can help validate returns in advance. The IRS and states are asking businesses and tax professionals to help verify if a tax return is legitimate. These procedures are new for 2018.

For 2018, these “know your customer” procedures are being put in place that include the following questions:

  • The name and SSN of the company executive authorized to sign the corporate tax return. Is this person authorized to sign the return?
  • Payment history – Were estimated tax payments made? If yes, when were they made, how were they made, and how much was paid?
  • Parent company information – Is there a parent company? If yes, who?
  • Additional information based on deductions claimed
  • Filing history – Has the business filed Form(s) 940, 941 or other business-related tax forms?

Sole proprietorships that file Schedule C and partnerships filing Schedule K-1 with Form 1040 also will be asked to provide additional information items, such as a driver’s license number. Providing this information will help the IRS and states identify suspicious business-related returns.

More information

For small businesses looking for a place to start on security, the National Institute of Standards and Technology (NIST) produced Small Business Information Security: The Fundamentals. NIST is the branch of the U.S. Commerce Department that sets information security frameworks followed by federal agencies. The United States Computer Emergency Readiness Team (US-CERT) has Resources for Small and Midsize Businesses. Many secretaries of state also provide resources on business-related identity theft as well. The IRS, state tax agencies and the tax industry are working together to fight against tax-related identity theft and to protect business and individual taxpayers. Everyone can help. Take steps recommended by cyber experts and visit the Identity Protection: Prevention, Detection and Victim Assistance for information about business-related identity theft.