Posted on Aug 28, 2017

The IRS and state tax authorities have made significant strides in curbing individual identity theft over the last two years.

IRS Focuses on Preventing Business ID Theft

“The IRS, state tax agencies and the tax community have worked hard to turn the tide against tax-related identity theft. We’re making progress in protecting individuals but we still have more work to do,” said IRS Commissioner John Koskinen in a recent press release.

Trends in ID Theft

But cyber attacks against businesses are on the upswing. Here are some simple ways business taxpayers can help protect their data from hackers.

The IRS recently announced that the number of individuals reporting identity theft in the first half of 2017 has declined dramatically compared to 2015 and 2016. For the first five months of 2017, about 107,000 individual taxpayers reported stolen IDs. In comparison, 297,000 victims filed reports during the same time period in 2015 and 204,000 in 2016.

Put simply, individual ID theft dropped 47% over the last year. The IRS attributes the decrease to safeguards put in place during the 2016 Security Summit.

Unfortunately, the IRS has also noted an increase in ID theft involving business tax returns. While the number of businesses affected was relatively low, the potential dollar amounts were significant:

Year Estimated business ID theft cases through June 1 Estimated losses
2015 350 tax returns $122 million
2016 4,000 tax returns $268 million
2017 10,000 tax returns $137 million

The victims of business ID theft include corporations, estates and trusts, and partnerships. These days, hackers are bolder and increasingly tax savvy in their scams. For example, they may use stolen data to file bogus business tax returns and then collect refunds. Or they might post the stolen data for resale on the so-called “Dark Net” so other criminals can file fraudulent tax returns.

Tax professionals have been helping clients take appropriate security measures to prevent business ID theft, but problems persist. “We need help from the tax community to combat cybercriminals and raise security awareness,” IRS Commissioner John Koskinen noted.

Ways to Combat Business ID Theft

Because business ID theft can be so costly, prevention and early detection measures are critical. Here are some simple, but effective, security measures you should consider:

Make cybersecurity a top priority.

Similar to an annual business plan, your company needs a formal cybersecurity plan that identifies a step-by-step approach for detecting ID theft. When breaches happen, your plan should trigger a prompt, thorough response.

Safeguard intellectual property.

Companies should store all employee and customer data, along with other proprietary records, such as financial statements and prior years’ tax returns, in a safe location. Shred nonessential documents before throwing them out, and limit access to your employer ID number to parties with whom you initiated the contact. Share sensitive information via the Internet or email only if the recipient is trusted (such as your lender or tax preparer) and the site is secure.

Use the latest cybersecurity technology.

This includes firewalls, antivirus and antimalware software, and spam filters. Also exercise common sense: Don’t download files, click on links, or open pop-ups or attachments sent from unknown sources. Stored files should be encrypted for your protection and for the benefit of customers.

Educate employees.

Conduct periodic training sessions to remind employees about the latest scams, such as phishing emails where hackers pose as familiar businesses or colleagues to steal sensitive information. They should also be aware of your cybersecurity plan and each person’s role if a breach occurs.

Use prepaid credit cards for purchases.

Prepaid employee credit cards limit your potential for losses when employees make purchases from suppliers and vendors. If a card is breached, the company can lose only what’s prepaid and you can immediately deactivate the card.

Monitor business credit reports.

It doesn’t take much effort to monitor your company’s profiles from the three major business credit bureaus: Equifax, Experian, and TransUnion. Subscribe to their monitoring services for round-the-clock access. What’s more, you can choose to receive real-time email notifications about suspicious activities affecting your company’s credit rating.

Guard your master list.

Some companies track all their accounts and passwords in a master list, which can be convenient, but dangerous. A dishonest employee or hacker who manages to gain access to that list has the key to all your company’s information in one fell swoop, so you’ll need to be extra cautious with security measures.

Finally, contact your tax professional promptly if you believe you’ve been victimized. He or she can help you get in touch with the appropriate law enforcement authorities, business credit bureaus and financial institutions.

No Guarantees

No preventive measure is 100% fail safe. The IRS and tax preparers are expanding their efforts to educate businesses and prevent breaches. You can also help lower your risk by crafting a formal cybersecurity plan, educating employees and implementing various other proactive security measures.

Posted on Apr 30, 2015

In today’s complex world, every business owner should have a basic understanding of patents. Without this knowledge, you can’t protect your company’s inventions or defend yourself against lawsuits from other firms.

Supreme Court Defines a Patentable Process

In a computerized era, you may wonder: Can a business method (not tied to a machine or apparatus) be patented? The Supreme Court answered that question in a significant case.

In the case, the inventor came up with a method of hedging risk in the commodities trading field. Specifically, the invention explained how commodities buyers and sellers in the energy market could protect, or hedge, against the risk of price changes.

The Supreme Court ruled the inventor’s “application is not a patentable process.” (Bilski v. Kappos, No. 08-964, 6/28/10)

The court held that a claimed process is patent eligible if:

  •  It is tied to a particular machine or apparatus, or;
  • It transforms a particular article into a different state or thing.

In its decision, the Court noted the difficulty of answering questions like this in the Information Age. In an earlier time, patents were rarely granted for inventions that did not satisfy the machine-or-transformation test. This test would create uncertainty about the patentability of software, advanced diagnostic medicine techniques, and inventions based on linear programming, data compression, and the manipulation of digital signals.

This Age puts the possibility of innovation in the hands of more people and raises new difficulties for the patent law,” the court stated. With ever more people trying to innovate and thus seeking patent protections for their inventions, the patent law faces a great challenge in striking the balance between protecting inventors and not granting monopolies over procedures that others would discover by independent, creative application of general principles.”

The court added: “Nothing in this opinion should be read to take a position on where that balance ought to be struck.”

U.S. patents date back to the Constitution, where it says Congress can secure “for limited times to … inventors the exclusive right to their discoveries.” In other words, patents provide the owner with the right to exclude others from making, using, selling, offering for sale, or importing the invention for 20 years. Patents are granted by the U.S. Patent and Trademark Office.

Exclusive rights begin once a patent is granted and they expire 20 years after the application is filed. Most patents are owned by companies, inventors and universities. If your company is granted a patent, it is only good in the United States. Americans can apply for patents individually from foreign countries, but it is usually a complex process.

Applying for a patent involves more than just filling out a simple form. The application form is a legal document, which must be accompanied by the description and drawings of the invention.

A Provisional Application

It can be expensive, but there might be a cheaper alternative for your company. Since 1995, the Patent & Trademark Office has offered inventors the option of filing a “provisional application” for a patent.

With this lower-cost option, there are fewer requirements but you must provide a detailed written description of the invention, its intended use and, if appropriate, an informal drawing.

This allows you to claim “patent pending” status for one year. If you don’t follow up with a regular patent application, the provisional status will expire after that. You can still file for a patent on the same invention, but you won’t be able to benefit from an earlier effective filing date. (However, these applications can’t be filed for ornamental designs.)

What Can Be Patented?

The list includes machines, manufactured products, chemicals, computers, and applied technology. You can’t patent scientific principles and naturally occurring materials. Under U.S. law, there are three different patent types:

  1. A utility patent on the functional or structural aspects of an apparatus, composition of matter, method or process. (See right-hand box for a Supreme Court case defining a process.”)
  2. A design patent on the ornamental design of useful objects.
  3.  A plant patent on a new variety of living plant.

Contrary to popular belief, patents don’t protect ideas. Rather, they protect the structures andmethods that apply technological concepts. In return for receiving the right to exclude others, the inventor must relinquish the secrecy of the invention and fully disclose to the public the best mode of making and using the invention. For more information in your situation, consult with an intellectual property attorney.