To quote the Internal Revenue Service: Small business identity theft is big business. That’s because identity thieves have learned to use a business’s information to file bogus income tax returns or get credit cards. It’s not a problem only for individuals any more.
The IRS reports it’s seen a sharp rise in filings of fraudulent business tax forms, including Forms 1120, 1120S, 1041 and Schedule K-1. Business, partnership, estate, and trust filers should all be on alert.
Identity thieves have become far more sophisticated in their tactics and tools. They know the tax code and filing practices. So tax pros and small business owners need to be watchful and wary of the signs that can point to possible identity theft activity.
Small businesses should contact the IRS if they experience any one of these issues:
- The IRS rejects an e-filed return saying it already has one with that identification number.
- The IRS rejects an extension to file request saying it already has a return with that identification number.
- The filer receives an unexpected tax transcript.
- The filer receives an IRS notice that doesn’t relate to anything they submitted.
- The filer doesn’t receive expected or routine mailings from the IRS.
The IRS, state tax agencies and the tax industry are working together to fight against tax-related identity theft and to protect business and individual taxpayers. But it takes all of us, joining in the effort, to make any defensive measures work. Take steps recommended by cyber experts and visit the Identity Protection: Prevention, Detection and Victim Assistance for information about business-related identity theft.
Security Improvements Coming in 2018
Many suspicious returns can be identified as frauds by the bits of data that are transmitted along with the return when it’s e-filed. But the IRS and state taxing agencies are also asking that businesses and tax pros provide additional information that can help verify a return is legitimate.
In 2018, the following questions will become standard equipment on business returns:
- The name and SSN of the company executive authorized to sign the corporate tax return. Is this person authorized to sign the return?
- Payment history – Were estimated tax payments made? If yes, when were they made, how were they made, and how much was paid?
- Parent company information – Is there a parent company? If yes, who?
- Additional information based on deductions claimed
- Filing history – Has the business filed Form(s) 940, 941 or other business-related tax forms?
Sole proprietorships that file Schedule C and partnerships filing Schedule K-1 with Form 1040 also will be asked to provide additional information items, such as a driver’s license number. Providing this information will help the IRS and states identify suspicious business-related returns.
For small businesses looking for a place to start on cyber-security, the National Institute of Standards and Technology (NIST) has produced a helpful publication in Small Business Information Security: The Fundamentals. NIST is the part of the U.S. Commerce Department that sets the information security frameworks that are followed by federal agencies.
Another good resource is the United States Computer Emergency Readiness Team (US-CERT) which offers downloads of their resources for small and midsize businesses.