Business Security Roundup: ID Theft & EIN Updates


We’ve had a number of recent reports from customers and employees who have received letters from the WI Department of Revenue (DOR), indicating that their application for a Wisconsin Tomorrow Small Business Recovery Grant has been denied due to suspected identity theft. In one instance, we know the application was submitted in the name of a business, using an individual’s Social Security number. 

The Department of Agriculture, Trade and Consumer Protection (DATCP) has some additional information on its website regarding this situation. It doesn't have any further information on how DOR has identified these applications, so those affected need to contact DOR directly by email at wigrant@wisconsin.gov or phone at (608) 266-2772.

The DATCP site provides good information on the next steps individuals should take regarding the possible ID theft, including:

  • Placing fraud alerts or security freezes on their credit reports through the credit reporting agencies
  • Ordering a free credit report at  www.annualcreditreport.com
  • Closing accounts credit accounts that may be affected or fraudulently opened
  • Filing complaints through DATCP’s Consumer Protection Bureau.

Those affected can also report ID theft through the Federal Trade Commission-run site,  IdentityTheft.gov. This website helps walk individuals through creating an ID theft-recovery plan and putting it into action. It's also prudent for those affected to keep an eye on their deposit accounts for any other unauthorized transactions, and to report those to the bank if they occur.


Have You Updated Your Employer Identification Number (EIN)? 

When starting a business or forming an entity, one of the key steps is to apply for an EIN through the IRS. However, once you’ve obtained an EIN, it’s probably not something you think much about until you’re opening a new account, applying for a loan, or filing your taxes.  

Did you know that, when applying for an EIN, you’re required to list contact information and designate a responsible party? Did you also know that you’re required to keep that information up to date? If it's not, don’t be surprised if you see a letter from the IRS soon.  

Check out the below press release from the IRS on its new EIN awareness initiative.

IR-2021-161, July 30, 2021

WASHINGTON — Calling it a key security issue, the Internal Revenue Service today urged those entities with Employer Identification Numbers (EINs) to update their applications if there has been a change in the responsible party or contact information.

IRS regulations require EIN holders to update responsible party information within 60 days of any change by filing Form 8822-B, Change of Address or Responsible Party - Business. It is critical that the IRS have accurate information in cases of identity theft or other fraud issues related to EINs or business accounts.

The data around the "responsible parties" for business-type entities is often outdated or incorrect, meaning that the IRS does not have accurate records of who to contact for identity theft issues. This means a time-consuming process to identify the point of contact so the IRS can inquire about a suspicious filing.

As a result, the IRS intends to step up its awareness efforts aimed at businesses, partnerships, trusts and estates, charities and other entities that are EIN holders. Starting in August, the IRS will begin sending letters to approximately 100,000 EIN holders where it appears the responsible party is outdated.

All EIN applications (mail, fax, electronic) must disclose the name and Taxpayer Identification Number (Social Security number, Individual Taxpayer Identification Number or EIN) of the true principal officer, general partner, grantor, owner, or trustor.

The IRS defines the responsible party as the individual or entity who "controls, manages, or directs the applicant entity and the disposition of its funds and assets."

Unless the applicant is a government entity, the responsible party must be an individual, not an entity. If there is more than one responsible party, the entity may list whichever party the entity wants the IRS to recognize as the responsible party.

EINs are to be used strictly for tax administration purposes. Entities with EINs that are no longer in use should close their IRS tax accounts and follow steps outlined at Canceling an EIN - Closing Your Account.


Related Blogs

Sign Up For Our Newsletter