Data breaches are on the rise and many businesses are being reactive instead of proactive. It is hard to recover from bad publicity and loss of consumer trust. Not only is sensitive customer information at risk, but your business’s information is at risk too. According to the IRS, businesses are now becoming victim to identity theft and tax fraud. With the increased use of technology in filing tax returns, it is more important than ever to know how to keep your information safe.
How it Works
In tax identity theft, a taxpayer’s identifying information (such as Social Security number) is used to fraudulently obtain a refund or commit other crimes. Business tax identity theft occurs when a criminal uses the identifying information of a business to obtain tax benefits or to enable individual tax identity theft schemes.
For example, a thief could use an Employer Identification Number (EIN) to file a fraudulent business tax return and claim a refund. Or a fraudster may report income and withholding for fake employees on false W-2 forms. Then, he or she can file fraudulent individual tax returns for these “employees” to claim refunds.
The consequences can include significant dollar amounts, lost time sorting out the mess and damage to your reputation.
There are some red flags that indicate possible tax identity theft. For example, your business’s identity may have been compromised if:
- Your business doesn’t receive expected or routine mailings from the IRS,
- You receive an IRS notice that doesn’t relate to anything your business submitted, that’s about fictitious employees or that’s related to a defunct, closed or dormant business after all account balances have been paid,
- The IRS rejects an e-filed return or an extension-to-file request, saying it already has a return with that identification number — or the IRS accepts it as an amended return,
- You receive an IRS letter stating that more than one tax return has been filed in your business’s name, or
- You receive a notice from the IRS that you have a balance due when you haven’t yet filed a return.
Keep in mind, though, that some of these could be the result of a simple error, such as an inadvertent transposition of numbers. Nevertheless, you should contact the IRS immediately if you receive any notices or letters from the agency that you believe might indicate that someone has fraudulently used your Employer Identification Number.
Businesses should take steps such as the following to protect their own information as well as that of their employees:
- Provide training to accounting, human resources and other employees to educate them on the latest tax fraud schemes and how to spot phishing emails.
- Use secure methods to send W-2 forms to employees.
- Implement risk management strategies designed to flag suspicious communications.
Of course, identity theft can go beyond tax identity theft, so be sure to have a comprehensive plan in place to protect the data of your business, your employees and your customers. Contact your local Blue & Co. advisor with any questions regarding identity theft or how to keep your sensitive information safe.