25.23.11 Business Master File (BMF) Identity Theft Procedures for Accounts Management

Manual Transmittal

September 13, 2017

Purpose

(1) This transmits revised IRM 25.23.11, Business Master File (BMF) Identity Theft Procedures for Accounts Management

Material Changes

(1) This IRM now contains the information formerly located in 21.7.14 Business Master File (BMF) Identity Theft Procedures for Accounts Management Employees.

(2) IRM sections have been added to provide guidance for Account Actions, Wrong/Bad Return Posted First and “Good” Return has a Balance Due and Lost Refund.

(3) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.1 added subsections for internal controls.

(4) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.2 added clarification for tax related impact.

(5) Various procedural and editorial changes for clarifications.

(6) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.3 added instructions to refer case if determined to be a fraudulent return.

(7) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.3 provided AM liaison mailbox information.

(8) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.4 changed the instructions for IMF employee to complete research to remain consistent with other IRMs. Provided AM liaison mailbox information.

(9) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.5.1 added new section Accounts Containing TC 130.

(10) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.6 added information on the posting of the TC 020 and new information for the subject line for the TC 971 AC 524 referrals. Provided AM liaison mailbox information.

(11) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.6 added section for ID theft indicators.

(12) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.6 change in email for TC 971 AC 524 input.

(13) IPU 16U1306 issued 08-17-2016 IRM 25.23.11.6.2 added new mailbox for Ogden ID theft cases.

(14) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7 added new RICS information to chart.

(15) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7 If and Then chart-last box- clarified procedures for cases remaining in AM.

(16) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.1 section moved from 25.23.11.7.3.1 for better flow and added information on data losses.

(17) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.1 added section for information for RICS program.

(18) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.2 added new section for Individual reporting to be victims of business ID theft.

(19) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.2 added section for individuals reporting BMF ID theft. Following sections renumbered.

(20) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.2 added procedures if TC 971 AC 522 already on module. Added review of case for no IDT determination.

(21) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.3 added caution for high risk disclosure on cases mark with ID theft indicator. Added input instructions for the TC 971 AC 522.

(22) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.2 clarified when the TC 971 AC 522 needs to be input.

(23) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.7.2 changed CIS category code from TPRQ to SPC3.

(24) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.3.1 added new section for non-tax related phones inquiries.

(25) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.3.1 moved to IRM 25.23.11.7.1.

(26) IPU 17U0922 issued 05-26-2017 IRM 25.23.11.7.3 added RICS fax number for forms 4442.

(27) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.4 added procedures for fabricated EIN referrals.

(28) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.4 added requirement to send 5017C on Non-IDT theft determinations.

(29) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.7.4.1 change in email for TC 971 AC 524 input.

(30) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.4.1 moved to 25.23.7.1 and renumbered following IRM sections.

(31) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.5 added IMF disclosure information.

(32) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.7.5 added reference for fabricated EIN and procedures for marking entity.

(33) IPU 17U1074 issued 06-28-2017 IRM 25.23.11.7.5 added Cincinnati BMF AM Potential ID Theft mailbox.

(34) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.6 information on closing control after referral accepted.

(35) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.6.1 added information for subject line on TC 971 AC 524 referrals and step order for better flow. Provided AM liaison mailbox information.

(36) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.7 removed step 10 in paragraph 3 as step was not appropriate.

(37) IPU 17U0163 issued 01-24-2017 IRM 25.23.11.7.8 added section Reversing TC 130.

(38) IPU 17U0044 issued 01-05-2017 IRM 25.23.11.7.9 added section for when taxpayer requests new EIN and is a victim of ID theft.

(39) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.10 clarified the needed for complete research on cases with TC 130.

(40) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.11 added IRM reference for additional information on reversing ID theft indicators.

(41) IPU 17U0876 issued 05-24-2017 IRM 25.23.11.7.12 added clarification for non-tax related request for new EIN.

(42) IPU 17U0876 issued 05-24-2017 Exhibit 25.23.11-1 added information for the completion of Form 14566.

(43) IPU 17U1074 issued 06-28-2017 Exhibit 25.23.11-1 added clarification in last Field Data box.

Effect on Other Documents

IRM 25.23.11 dated 04-21-2016 is superseded and includes the following IRM Procedural Updates (IPUs): 16U1306 issued 08-17-2016, 17U0044 issued 01-05-2017, 17U0163 issued 01-24-2017, 17U0876 issued 05-24-2017, 17U0922 issued 05-26-2017 and 17U1074 issued 06-28-2017

Audience

The provisions in this manual apply to all Accounts Management employees working BMF identity theft cases.

Effective Date

(10-01-2017)

Kevin Morehead
Director, Accounts Management
Wage and Investment Division

Program Scope and Objectives

  1. Purpose: This manual provides case procedures for use when working Accounts Management (AM) BMF identity theft inventory and providing assistance to victims of identity theft.

  2. Audience: The primary users of the IRM are all AM employees who are in contact with taxpayers by telephone, correspondence, or in person with business related ID theft.

  3. Policy Owner: Identity Protection Strategy and Oversight (IPSO) owns the policy relating to BMF ID theft under the directorship of Kevin Morehead.

  4. Program Owner: Identity Theft Victim Assistance (IDTVA) is the internal organization that is responsible for the administration, procedures, and updates related to Accounts Management BMF identity theft

  5. Program Goals: The provisions in this IRM are specific to quickly and effectively resolving Business Masterfile (BMF) accounts where ID theft is claimed or identified. This IRM outlines the steps to provide relief to those taxpayers whose accounts have be affected by ID theft.

Background

  1. BMF Identity Theft can involve the use of Business’s information to file fraudulent returns to support IMF ID theft or to obtain refunds from BMF accounts. An individual's stolen personal information can also be used to obtain an EIN which is used to file false BMF tax returns and income documents. BMF accounts includes the following entity types: sole proprietor, corporation, partnership, estate, trust, exempt organization, or government entity.

Authority

  1. The Taxpayer Bill of Rights adopted by IRS in June 2014 and codified at IRC § 7803(a)(3) , provides that taxpayers have the right to receive prompt, courteous, and professional assistance in their dealings with the IRS. They are to be spoken to in a way that is easily understood and any correspondence from the IRS must be clear and understandable. They have the right to speak to a supervisor whenever quality service is not received. For additional information refer to the Taxpayer Bill of Rights.

  2. Policy Statement 10-1, Assisting Taxpayers who Report they are Victims of Identity Theft

  3. A policy decision was made by Commissioner Koskinen to provide a redacted copy of the fraudulent return, redacting all personally identifiable information (PII) on the return. The exposed information is enough for the victim to review and determine what information of theirs was used on the fraudulent return. The authority used for the Fraudulent Return Request program (FRR) is IRC §6103(e), Disclosure to Persons Having Material Interest, provides a listing of persons who may generally request and receive returns and return information. IRC §6103(e)(1)-(6) and IRC §6103(e)(10) concern disclosure of returns. IRC §6103(e)(7) through (e)(9) as well as (e)(11) refer to disclosure of "return information."

Responsibilities

  1. All AM employees who take phone calls or work paper cases, where the taxpayer states they are a victim of BMF ID theft or the employee identifies BMF ID theft, are responsible for following the procedures set forth in this IRM.

Acronyms/Definitions

  1. Acronyms

    • AM- Accounts Management

    • AMS- Accounts Management Services

    • BMF- Business Masterfile

    • BOD- Business Operation Division

    • CC- Command Code

    • CIS- Correspondence Imaging System

    • EIN- Employer Identification Number

    • IMF- Individual Masterfile

    • LLC- Limited Liability Company

    • OAR-Operations Assistance Requests

    • PII- Personally Identifiable Information

    • RICS- Return Integrity and Compliance Services

    • SFR- Substitute For Return

    • SLA- Service Level Agreement

    • SSN- Social Security Number

    • TAS- Taxpayer Advocate Service

  2. Definitions

    • Fabricated EIN- This is an EIN that has been established for a fictitious business. The associated PII is usually stolen personal data. The creation of this business can be used to defraud the government or used for other illicit activities not related to the filing of federal taxes or forms.

    • Tax impact- The ID theft has caused a direct effect to the taxpayer’s account. This can include the filing of fraudulent tax returns and/or income documents.

    • Non-Tax impact- The business’s information has been stolen but currently there is no direct effect on the taxpayer’s account.

Related Resources

  1. Conduct thorough research when resolving account issues. While not all inclusive, the following IRM list may be helpful when researching account issues:

    • IRM Part 21, Customer Account Services

    • IRM 25.23.9, BMF Identity Theft Processing

    • IRM 20.1, Penalty Handbook

    • IRM 20.2, Interest

    • IRM 25.6.1, Statute of Limitations Processes and Procedures

    • IRM 1.2.10.37, New Policy Statement 1-236, Fairness and Integrity in Enforcement Selection

    • Pub 1, The Taxpayer Bill of Rights

BMF Identity Theft Overview

  1. This IRM provides procedural guidance for BMF Accounts Management (AM) personnel authorized to research and process BMF Identity Theft (IDT) phone and paper inquiries.

  2. BMF IDT inquiries are complex and require extensive research. IRM 25.23.9, BMF Identity Theft Processing, provides Servicewide guidance for working cases. BMF taxpayers are often not aware their identities have been compromised until a notice is received from the IRS. The taxpayer may contact IRS after receiving an unexpected notice regarding an inactive employer identification number (EIN), a recently-established EIN they have no knowledge about, or a balance due notice for a BMF form they never filed with the IRS.

    Caution:

    What appears to be a BMF IDT case may actually be an inadvertent misuse of the EIN (e.g., mixed entity, tax return preparer error, etc.) or fraudulent filing by the EIN owner. This is why thorough research must be completed prior to inputting the ID theft Marker or referring the case to another inventory.

  3. Generally, individual identity theft victims contact the IRS as they attempt to file the current year income tax return and discover that someone else has already filed a return using their taxpayer identification number. However, it may be several years before a business victim becomes aware of criminal activity and contacts the IRS.

What is BMF ID Theft?

  1. BMF identity theft (IDT) is defined as creating, using, or attempting to use a business’s identifying information to obtain a tax benefit without authority.

    Caution:

    There must be a federal tax related impact (e.g., balance due, fraudulent refund issued, Taxpayer Delinquency Investigation (TDI) , etc.) before BMF IDT can be considered. . Examples of tax related impact include (this list is not all inclusive:)
    1. Fraudulent returns filed. This includes original or amended returns
    2. Fraudulent income documents filed. This would include Forms W-2, 1099, etc.

    If there is no tax related impact see IRM 25.23.11.7.1Non-tax Related ID Theft.

  2. The Service has identified potential ID theft scenarios (this list is not all inclusive):

    • ID thief files a fraudulent return to obtain a refund or

    • ID thief files fraudulent return or returns to support fraudulent individual identity theft filings

      Note:

      Be careful to watch for taxpayers who may claim BMF IDT to avoid paying taxes. This is not ID theft.

  3. The following scenarios provide examples of BMF IDT:

    • SCENARIO 1: An identity thief files a business tax return (Form 1120, U.S. Corporation Income Tax Return, Form 720, Quarterly Federal Excise Tax Return, etc.) to obtain a fraudulent refund using the employer identification number (EIN) of an active or inactive business without the permission or knowledge of the responsible party.

      Example:

      An identity thief locates the information of a corporation (EIN, name of company, address of company) and files a Form 1120 falsely claiming a refundable fuel tax credit. The identity thief is not authorized to act on the company’s behalf in any capacity. This is BMF IDT.

    • SCENARIO 2: An identity thief, using the EIN of an active or inactive business without the permission or knowledge of the responsible party, files Form 941, Employer's Quarterly Federal Tax Return, and Forms W-2 to support fraudulent refunds on individual (IMF) accounts.

      Example:

      An individual obtains the information of a business entity (EIN, name of company, address of company) and files Form 941 and Forms W-2. This activity allows the perpetrator to substantiate a claim of withholding on IMF accounts. However, the business owner is unaware of these filings until he gets either a notification that the Service intends to file a return under IRC 6020(b) or a notification of a potential Combined Annual Wage Reporting (CAWR) assessment. This is considered BMF IDT because the individual who committed these acts had no authority to act on behalf of the company.

    • SCENARIO 3: An identity thief applies for an EIN using the name and social security number of another individual as the responsible party without that individual’s approval or knowledge and then files tax returns ( Form 941, Employer's Quarterly Federal Tax Return, Form 1120, U.S. Corporation Income Tax Return, Form 1041, U.S. Income Tax Return for Estates and Trusts, etc.) for any of the purposes mentioned above. In this situation a fictitious business has been created in order to file fraudulent returns and obtain fraudulent refunds. This would be considered a fabricated EIN.

      Example:

      An individual applies for an EIN and lists the name and taxpayer identification number (TIN) of another person/corporation as the responsible party for the new business entity without that individual’s or entity’s approval or knowledge. The individual then files any type of federal tax or information return (Form 1120 to claim refundable credits; Forms W-2 to receive a refund on an individual’s account, etc.). At the point collection activity or an audit occurs, the responsible party of record will be contacted. Since this person is not the individual who established the EIN and committed the acts, this is BMF IDT.

Fraud vs BMF Identity Theft

  1. The fraudulent filing of a return or document allowing the filer to receive a refund on an existing account when the filer has the authority to file a tax return on behalf of the business is not considered BMF identity theft (IDT). Making the distinction between BMF IDT and fraud by an authorized party can be very difficult.

  2. The filing of a corporate income tax return with refundable credits by an authorized party may be considered fraudulent activity.

    Example:

    An employee who has the authority to file the corporate income tax return files an amended return to obtain a fraudulent refund based on a refundable credit not previously included on the original return. The employee also changes the company’s address of record in order to receive the refund or submits a request to deposit the refund into a personal checking account. This is an example of fraud because the individual who filed the amended return has the authority to act on behalf of the company.

  3. The filing of an unsubstantiated corrected Form W-2, Wage and Tax Statement, to report additional withholding by someone with the authority to file Forms W-2 on behalf of the business may be considered fraudulent activity.

    Example:

    The company vice-president, who has the authority to file Form W-2 and employment tax returns, subsequently files corrected Forms W-2 to report additional unsubstantiated withholding in order to request a fraudulent refund on his individual account. This is an example of fraud because this individual has the authority to act on behalf of the company.

  4. If the determination is that the fraudulent return has been filed by an authorized party and it is not a case of ID theft, complete Form 14566 and email to the AM BMF liaison mailbox, *W&I AM BMF IDT to be forwarded to the Frivolous Return Misconduct Program (FRP) for review. Make sure to include the rationale behind the determination. Do not close the case until the review is complete. If the return was filed by an authorized party but the tax data was altered without the authority party’s knowledge, the Service may provide relief through the Return Preparer (RPM) Program . See IRM 25.24.1Return Preparer Misconduct Program.

Potential BMF Identity Theft Referrals from Accounts Management (AM) IMF to AM BMF

  1. Potential BMF identity theft (IDT) inquiries may be received by IMF phone or paper Customer Service Representatives (CSR) and will need to be referred to BMF to be worked. The IMF CSR should research the account to determine if the case should be referred to the BMF ID theft inventory or moved/call transferred into the regular BMF inventory following normal procedures.

  2. If the taxpayer filed a Form 14039, Identity Theft Affidavit, with business data (e.g., employer identification number or business name) that is received in the IMF inventory, the receiving function will send the acknowledgement Letter 5316C to the taxpayer prior to forwarding the case to BMF.

  3. If the taxpayer is claiming his/her SSN was used to set up a business and he/she has no affiliation with the business, see IRM 25.23.2.15.2Individual Taxpayers Reporting to be Victims of Business Related Identity Theft.

  4. If the inquiry is received by phone, obtain all of the facts of the case including the EIN, business name and any other important information. For example:

    Example:


    1. What notice the taxpayer received.
    2. If there is a current or former relationship to the business.
    3. What has been affected by the BMF ID theft. (lien, levy, etc.)

    Document all of this information on the Form 14566BMF Identity Theft Referral. Do not advise the taxpayer to submit a Form 14039 or Form 14039-B Business Identity Theft Affidavit. Send the completed Form 14566 by secure email to the AM BMF liaison mailbox, *W&I AM BMF IDT (Both W&I and SB will send to the W&I AM liaison). See BMF ID Theft Liaisons. Advise the caller that the case needs to be referred to the business identity theft function.

  5. If the contact is a paper case, the taxpayer may have submitted Form 14039 to support the claim of BMF IDT. Send the Letter 5316C to acknowledge receipt of the claim. Do not mark the BMF account with an identity theft indicator. The AM BMF campus will determine whether additional documentation is necessary to resolve the inquiry. Send a referral on Form 14566 by secure email to the AM BMF liaison mailbox, *W&I AM BMF IDT and follow normal procedures for transferring CIS case to BMF inventory. If the case is being referred and the 5316C is being sent, use the open paragraph to advise the taxpayer their case is being referred to another ID theft function. If the 5316C letter is not being sent, send the taxpayer a Letter 86C to advise them the case is being transferred to another ID theft function.

BMF ID Theft Research

  1. It is essential to complete all account research prior to taking any account actions, transferring a call or reassigning a case. The initial Customer Service Representative (CSR) is responsible for researching the account to eliminate any routine account issue and placing a potential BMF IDT inquiry into the appropriate work stream.

  2. Complete all research to rule out the potential mixed entity/period or other account situations. Use IRM 25.23.9.4, BMF Identity Theft Research (Inquiry received via paper or phones) and IRM Exhibit 25.23.9-7, BMF Identity Theft Research Requirement, as a research guide.

  3. Document the findings on CIS or AMS that support the suspected ID theft claim.

  4. The examples below are possible research paths that may need to be considered prior to making a BMF IDT determination:

    1. Example 1: The taxpayer received an unexpected balance due notice and claims no knowledge of the tax return and/or business account. The balance due may have been created by an inadvertent tax return filing, return preparation error, IRS processing error, or another entity using the same employer identification number (EIN). An explanation of the balance due may need to be provided to the taxpayer. Review the entity section of the documents and determine who signed the returns. If the taxpayer signed the returns, forward copies of these documents to the taxpayer for review.

    2. Example 2: The taxpayer has an active or inactive business but did not file the return generating the balance due or refundable credit. The balance due may have been created by an inadvertent tax return filing, return preparation error, 6020(b) submission, Substitute For Return (SFR) submission, IRS processing error, or another entity using the same EIN.

    3. Example 3: The account only has one or two Form 941, Employer’s Quarterly Federal Tax Return, modules in balance due status without any payments. The taxpayer claims no knowledge of the business and did not request an EIN. Use Command Code IRPTR with definer I to determine whether Forms W-2 were filed for the business. One or two Form 941 modules in balance due (no payments) with matching Form W-2 data may be a sign of BMF IDT.

  5. Research should include (this list is not all inclusive):

    1. All related IMF and BMF accounts. Use CC BMFOLE to obtain the X-REF TIN/EIN. Review of the X-REF EIN will help rule out mixed entity or successor corporation. Researching the IMF association may show the taxpayer utilized the EIN on a Schedule C or H. This may help rule out ID theft. Researching the IMF account may also show ID theft indicators on the individual account. This may help support the ID theft claim. See IRM 25.23.2.15,Tracking and Reporting Identity Theft Cases - Identity Theft Indicators, for IMF account markers.

    2. Research any payments on the account. This might provide additional information. Utilize RTR to research for paper checks and CC EFTPS for electronic payments. If the taxpayer states he/she did not make the payment and it can not be determined where the payment belongs, do not leave the payment on the account. Move the payment to excess if unable to determine where it belongs.

    3. Review all case histories on CIS and AMS for prior taxpayer contacts. This includes a review of prior closed CIS cases for the EIN.

    4. For employment taxes, use CC IRPTRI to view any Forms W-2 filed under the EIN. If the taxpayer claims no Forms W-2 should have been filed, research the IMF side of the SSNs on the Forms W-2 to determine if there are any returns filed using this information. Checking these returns to see if they were identified as bad returns will help support the BMF ID theft claim. If IMFOLI shows an MFT 32 for the year in question, this means a potential bad return was identified and moved to MFT 32. CC TRDBV will show the return information which can be compared to the Form W-2. If there are returns filed, check to see if there is IVO (Integrity & Verification Operation) involvement (see IRM 25.23.4.12.2TIN Related Problem Cases with Previous IVO Involvement). If there is IVO involvement it will help support the BMF ID theft claim.

    5. Review the returns. Use CC TRDBV or MeF to review returns. If returns are not available on-line, request the document. Reviewing the returns may provide additional information. Compare the information on the returns to what the taxpayer is stating.

    6. If available use Google Maps as a potential tool for determining if address listed on the account is a valid address.

Accounts containing TC 130

  1. If there are balances owed resulting from BMF ID theft, research for BMF ID theft to determine the effects it has had on the IMF side of the X-REF SSN owner.

  2. This would involve reviewing the account to determine if there is a TC 130 on the IMF entity. The posting of a TC 130 stops any overpayments from offsetting or refunding from the account. A V- freeze (outstanding liability freeze) will be set and there may be refunds being held on the account.

  3. Research all associated accounts for outstanding balances. Balance due accounts can also reside on the Non-master File (NMF) accounts as well. Indications there is a NMF account are:

    1. TC 130 in blocking series (BS) 200-299 indicates a NMF account.

    2. M- freeze. The module balance will appear to be zero. This is caused by the posting of the TC 400 with a false credit which brought the balance to zero. The balance was then moved to NMF.

    1. TC 400 with BS of Indicates
      00 A transfer from MF to NMF
      05 Offer in compromise, MF to NMF
      09 A transfer from MF to NMF but is a special project
      99 An overflow account necessitating a move to NMF
  4. If the resolution of the ID theft issue will alleviate the balance on the BMF account, research the IMF Non-master File (NMF) account to determine if there any other possible balances are owed by the taxpayer. Use CC TXMOD, SUMRY and ENMOD with definer “N” after the TIN to research the NMF.

  5. If the determination is made that this is a fabricated EIN and the SSN owner has no association with the business, the TC 130 relating to the business must be reversed.

  6. If dealing with a legitimate business but BMF ID theft did occur, ensure there are no outstanding liabilities for the business prior to reversing the associated TC 130.

  7. For procedures to reverse any TC 130 relating to the ID theft, See IRM 25.23.11.7.10 Reversing TC 130.

BMF ID Theft Indicators

  1. BMF ID theft indicators are used to track the progress of an ID theft claim. If there is a high probability ID theft exists or a Form 14039 or 14039-B is received, an ID theft indicator needs to be input. The function working the ID theft case must input the appropriate indicator. If a Form 14039/14039-B is received the receiving function will place the indicator on the account prior to referring the case.

  2. Once it is determine there is a high probability of ID Theft, input the indicators only if there is tax related impact, such as fraudulent returns or income documents filed.

  3. To input the ID theft indicator, use Command Code (CC) REQ77 initiated from TXMODA. The BMF indicators work differently from IMF indicators, the TC 971 AC 522 does not appear on the entity. Ensure the secondary date and “MISC” sections are correctly input. Indicators must be input on all MFTs and tax periods where ID theft is suspected and/or confirmed.

  4. The Secondary Date field will reflect the IRS receive date or the date of the taxpayer's inquiry. (Due to a programming issue if using today’s date and you receive an error message, use the prior day’s date.). If the identity theft issue was internally identified, use the date you recognized the taxpayer was a victim of identity theft. The ID theft indicators are only input on the TXMODA not the entity section.

  5. MISC- In the MISC field enter WI AM XXXXXX. See below for the definitions of the tax administration codes to be used. See IRM 25.23.9-1 BMF Acronyms and Definitions for additional information.

    Action Code Tax Administration Code Definition
    522 IDTCLM No taxpayer documentation provided. Research has established ID theft exists or there is a high probability that ID theft exists, refer to IRM 25.23.9.6.1Allegation or Suspicion of BMF Identity Theft - TC 971 AC 522 IDTCLM, for additional information. Taxpayer may still need to complete Form 14039-B.
    522 IDTDOC Taxpayer provided a Form 14039, Identity Theft Affidavit or Form 14039-B, Identity Theft Affidavit-Business. Taxpayer Supporting Documentation. For additional information see IRM 25.23.9.6.2Taxpayer Supporting Documentation. If a loose Form 14039-B is received and no TC 971 AC 522 IDTCLM is on the module, input only the TC 971 AC 522 IDTDOC to indicate ID theft claim received from taxpayer.
    522 CLSIDT BMF ID theft case resolved. Refer to IRM 25.23.9.6.3,Closing BMF Identity Theft Issues - TC 971 AC 522 CLSIDT, for additional information.
    524 EINFAB EIN is fabricated and the account has been locked. This TC 971 can currently only be input by IPSO analyst. Send referral to the AM BMF liaison mailbox, *W&I AM BMF IDT if it is determined the entity is fabricated.
  6. When the input of the TC 971 AC 524 posts it will generate the posting of the TC 020 on the entity and lock the accounts. The TC 020 will post one cycle after the TC 971 AC 524 and is only visible on CC BMFOLE. A TC 020 generated by a TC 971 AC 524 will not delete the entity but will prevent the posting of anything to that account.

  7. For the input of the TC 971 AC 524, send the completed referral form and email to the AM BMF liaison mailbox, *W&I AM BMF IDT for referral to the IPSO. The liaison will review the form and if the form is complete, the liaison will send it to Jill.Zeffiro@irs.gov. On the subject line enter: TC 971 AC 524, last 4 digits of the EIN and the name control. Refer to IRM 25.23.9.8.4 Referrals to Lock the Account of an EIN Deemed Fabricated. Be certain to include on the referral all appropriate research completed. Document the sending of the referral on AMS along with the details of the request. If working a CIS case, attach the referrals to the CIS case. If the account has been locked in error, send a referral to the AM BMF liaison mailbox, *W&I AM BMF IDT to have the TC 971 AC 524 reversed.

  8. If an indicator has been placed on the account and after research it is determined that ID theft does not exist, reverse the indicator per IRM 25.23.9.6.4Reversing BMF Identity Theft Indicators.

BMF Identity Theft Inquiries

  1. Once the required research is completed and ID theft is confirmed or there is a high probability ID theft exists, it is necessary to determine if the case should remain in AM inventory or be referred to another function.

  2. Use the table below to determine if the case will remain in AM or transferred to another function. This initial step is vital to ensure the case is placed in the appropriate identity theft treatment stream as soon as possible.

    Reminder:

    All referrals will go liaison to liaison. All AM referrals will go through the AM BMF ID theft liaison first. The AM BMF ID theft liaison will forward to the appropriate referring function.

    If ... Then... Additional Information...
    For a case closed in AM with a BMF IDT indicator (TC 971 AC 522, with IDTCLM, IDTDOC, CLSIDT, NORPLY, NOIDT, IRSERR, FALSE, or OTHER) on the tax module, Reassign or refer the case to the assigned or closing CSR. AM only cases
    Any of the account modules are in Status 22 and completed research indicates potential ID theft Forward the case to the team leadership for case review and approval to refer. If the referral is approved, refer the case to the AM BMF IDT Liaison. Prepare Form 14566 , BMF Identity Theft Referral and send it by secure email to *W&I AM BMF IDT. See Exhibit 25.23.11-1Accounts Management Form 14566 Instructions, for completion details. Doc 6209 section 8A - 3 MF and IDRS Collection Status Codes
    Any of the account modules are in Status 26 and completed research indicates potential ID theft Forward the case to the team leadership for case review and referral approval. If the referral is approved, refer the AM BMF IDT Liaison. Prepare Form 14566 , BMF Identity Theft Referral and send it by secure email to *W&I AM BMF IDT. See Exhibit 25.23.11-1Accounts Management Form 14566 Instructions, for completion details. If there are tax periods in notice status 21 or 56, in addition to the status 26 module(s), input CC STAUP 22 01 to accelerate those tax periods to Status 26. See IRM 21.3.3.4.9.2(4), Campus Collection Function Correspondence/Inquiry/Notice, and Doc 6209 section 8A - 3 MF and IDRS Collection Status Codes for additional information.
    There is an open or closed audit, and completed research indicates there is potential ID theft relating to the audit Forward the case to the team leadership for case review and referral approval. If the referral is approved, refer the case to the AM BMF IDT Liaison. Prepare Form 14566 , BMF Identity Theft Referral and send it by secure email to *W&I AM BMF IDT. See Exhibit 25.23.11-1 Accounts Management Form 14566 Instructions , for completion details. Prior to forwarding to Exam, input TC 470 to prevent erroneous balance due notices from being issued while the case is under review. SeeJob Aide 5.19.1-1 , Collection Status Codes and Definitions, for detailed information.
    The module shows Combined Annual Wage Reporting (CAWR) function activity and completed research indicates there is potential ID theft relating to the CAWR issue Forward the case to the team leadership for case review and referral approval. If the referral is approved, refer the case to the AM BMF IDT Liaison. Prepare Form 14566 , BMF Identity Theft Referral and send it by secure email to *W&I AM BMF IDT. See Exhibit 25.23.11-1 Accounts Management Form 14566 Instructions , for completion details. Prior to forwarding to CAWR, input TC 470 to prevent erroneous balance due notices from being issued while the case is under review. See Job Aide 5.19.1-1, Collection Status Codes and Definitions, for detailed information.
    The module shows Federal Unemployment Tax Act (FUTA) function activity ,and completed research indicates there is potential ID theft relating to the FUTA issue Forward the case to the team leadership for case review and referral approval. If the referral is approved, refer the case to the AM BMF IDT Liaison. Prepare Form 14566 , BMF Identity Theft Referral and send it by secure email to *W&I AM BMF IDT, See Exhibit 25.23.11-1 Accounts Management Form 14566 Instructions , for completion details. Prior to forwarding to FUTA, input TC 470 to prevent erroneous balance due notices from being issued while the case is under review. See Job Aide 5.19.1-1, Collection Status Codes and Definitions, for detailed information.
    RICS- Returns processed prior to January 2017 Form 1120 with -R Freeze and open control to 1486988888
    See IRM 25.23.9.4.1BMF Returns Selected For RICS
    Forms 1120, 1120S and 1041 filed after January 2017

    1 .For paper cases- Forward the case to the team leadership for case review and referral approval. If the referral is approved, forward the case to Friv Return Program, OSC Stop 4450.
    2. For phones- Advise the caller to respond to the letter. If the caller has no knowledge of the business advise them to submit a signed statement with a copy of the letter.
    Do not advise them to submit a Form 14039-B
    None of the conditions above are met, The case will remain in AM and extensive research must be performed to rule out other account issues. If there is a high probability of ID theft and you are untrained in ID theft, complete a Form 14566 and forward to the appropriate AM ID theft unit per IRM 25.23.11.7.5 (7)(1) BMF Identity Theft Phone Inquiry.

    Do not refer the case if the ID theft issue is not related to the functional issue.

    Example:

    There is a closed audit and a TC 300 on the account creating a balance due. An amended return comes in requesting a large refund from refundable credits. The ID theft issue is not related to the audit. The case should not be referred to Exam just because there is a TC 300 on the module. Review the ID theft claim and determine if it is related to an issue in another function prior to referring it.

Non-Tax Related ID Theft

  1. If the taxpayer states they are a victim of ID theft and research determines there is no tax related impact, provide the following guidance as applicable.

  2. If the business has been breached and the taxpayer is seeking assistance for their employees see IRM 25.23.1.9Data Breach- Business Entities Whose Employees or Clients PII was Breached, for information to provide the taxpayer.

  3. If the taxpayer is seeking advice for the business:

    1. If a business or payroll company contacts the Service to report a data loss relating to Forms W-2 information, advise them to go to IRS.gov and search using key word ”Identity Theft”. Click on “Identity Protection: Prevention, Detection and Victim Assistance”. In the chart under “Businesses” click on “Form W-2/SSN Data Theft: Information for Businesses and Payroll Service Providers”. This link provides the information on various agencies and how to contact them to report the loss.

    2. If a business or payroll company contacts the Service to report a theft in their office that could lead to a data breach, advise them to contact their local stakeholder liaison. The stakeholder liaison listing can be found on IRS.gov, search keywords “Stakeholder Liaison” then click on “Stakeholder Liaison Local Contacts IRS”. The liaisons are listed by state. The liaison will notify CI and other functions on their behalf. Advise the caller that they need to contact the liaisons as quickly as possible so the IRS can take steps to prevent the filing of fraudulent returns.

    3. Advise the taxpayer they may want to contact the Federal Trade Commission or the Social Security Administration at:

      Contact Web Address Contact Number
      Federal Trade Commission (FTC) www.ftc.gov/idtheft 877-438-4338
      Social Security Administration (SSA) www.ssa.gov search “Identity Theft” 800-772-1213
    4. Advise the caller they may want to contact one of the major credit bureaus. They may be able to assist them in obtaining information needed to pursue issue relating to the loss of the businesses PII information.

      Credit Bureau Web Address Contact Number
      Equifax equifax.com/business 800-525-6285
      Experian http://www.experian.com/business-services/business-services.html 888-397-3742
      Transunion http://www.transunion.com/business 800-680-7289
    5. Advise the taxpayer they may want to file a report with their local or state police and contact their state Attorney General’s office. Provide the web site information for a list of state Attorney General, http://www.naag.org/

    6. Provide the taxpayer the IRS website, irs.gov search “business ID theft”, for additional ID theft information.

Individual Taxpayers Reporting to be Victims of Business-Related Identity Theft

  1. There will be times when a taxpayer contacts the Service advising they have no association with a business but have received a CP 575 confirming the assigning of an EIN or a bill. It is possible that an ID thief used someone’s PII to obtain an EIN for a business.

  2. If a Form 14039 is received stating the taxpayer has no knowledge or association with the business, send the 5316C letter to acknowledge receipt of the ID theft claim. If the contact is by phone, do not advise them to submit a Form 14039/14039-B.

  3. Research the IMF side to determine if there is any past association with the EIN. This will include schedule C, Schedule H or possible wages utilizing the EIN in question. See IRM 25.23.9.4.2 Individual Taxpayers Reporting to be Victims of Business Related Identity Theft for additional information if needed.

  4. If you are not trained in working ID theft, refer to the appropriate the BMF ID theft unit per IRM 25.23.11.7.5BMF Identity Theft Phone Inquiry, using Form 14566. For instruction on how to complete the Form see Exhibit 25.23.11-1 Accounts Management Form 14566 Instructions.

  5. If trained to work BMF ID theft cases and it has been determined ID theft exists, research CC IMFOLE to determine if there is an existing TC 971 AC 504 MISC SPCL2. This marker on the IMF side identifies the association of BMF ID theft to the SSN owner. If there is currently no ID TC 971 AC 504 SPCL2 marker, the SSN entity must be marked on CC ENMOD using CC REQ77. Overlay the SSN ENMOD and complete the fields as follows:

    1. TC< 971

    2. Secondary Date< The date of the call or receive date

    3. TC 971/151-CD< 504

    4. XREF-TIN<EIN

    5. MISC<SPCL2

  6. See IRM 25.23.2.19.1.2TC 971 AC 504- Miscellaneous Field Code SPCL1, SPCL2, RPM and EAFAIL, for additional information.

BMF Returns Selected for RICS Review

  1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    1. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    3. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    4. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    5. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    6. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

  2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

  3. If a return is selected a TC 971 AC 711 will post to the account. This TC 971 code will cause the return to post as a TC 973 instead of a TC 150.

  4. The return will be suspended and a 5263C letter sent to the taxpayer requesting them to validate the filing of the return. If the taxpayer does not reply to the letter, the return will be suspended for one year. If no response after the year, the return will be deleted.

    Note:

    In both situations cross out the original DLN and forward the return for processing for a new DLN to be assigned.

  5. If a second return is filed and it does not hit the filters, it will be allowed to post as a TC 150. If a second return is filed and it also hits the filters, a second TC 973 will post to the account. There can be more than one TC 973 on the module.

  6. If the taxpayer responds and validates the return, a TC 971 AC 712, with the corresponding DLN of the TC 973 determined to be good, will be input. This will allow only the return with the matching DLN to post.

    Note:

    One- Return is identified as a potential IDT case. RICS issues letter and suspends their case for 45 days.

  7. If the taxpayer responds and validates the return but there are auditable items on the return, the return will be allowed to post, but a TC 971 AC 713 with the matching DLN will be input. The TC 971 AC 713 posts the return but will freeze any refund with a -R freeze.

  8. If the taxpayer responds after the return has been deleted:

    1. If the return was electronically submitted, print the EUP return and have it processed as paper using the original received date.

    2. If the return was paper ESTAB the TC 973 and send the return for processing

    No reply to letter is received, RICS closes potential IDT case as no reply. One year later there still has not been a reply from the business.

    1. Return was selected by filters and a TC 971 AC 711 is generated on the account.

    2. BMF MF sees the TC 971 AC 711 and posts the return as a TC 973. The return is placed into suspense on the SCRS (Service Center Replacement System) for 1 year.

    3. Taxpayer doesn’t respond to the notice sent.

    4. One year after the posting date, the return is deleted.

    Example:

    Two- Return is identified as a potential IDT case. RICS issues letter and suspends their case for 45 days

    No reply to letter is received. RICS closes potential IDT case as no reply. Business replies passing authentication and verifies return filing 9 months after TC 973 posted to the account. Further classification of the return shows no auditable items that would require the refund to be held.

    1. Return was selected by filters and a TC 971 AC 711 is generated on the account.

    2. BMF MF sees the TC 971 AC 711 and posts the return as a TC 973. The return is placed in suspense on SCRS.

    3. TP validates the return and a TC 971 AC 712 is input with the DLN of the TC 973 it is reversing.

    4. Returns posts as the TC 150 and refund released.

  9. If the taxpayer calls and there is a TC 973 on the module but the taxpayer states they did not receive a letter, send a Form 4442 referral to RICS advising them to reissue the notice. Include any information provided by the taxpayer on the referral. Explain to the taxpayer the return is under review and they need to provide the Service with the additional information requested in the notice.

  10. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

  11. If a call is received questioning the notice or asking for assistance, advise the caller they need to reply to the notice and provide the information requested. If the taxpayer has no knowledge of the business advise the taxpayer to submit a signed statement with a copy of their letter to the address provided on the letter. They may also fax the information using the fax number shown on their letter. DO NOT advise them to submit a Form 14039 or 14039-B. When they respond to the notice, RICS will ensure all of the appropriate account actions are taken on the account. Advise the taxpayer they should hear from the Service within 30 days from the received date of their information.

BMF Identity Theft Paper Inquiry

  1. The taxpayer may submit a paper inquiry after receiving an unexpected notice regarding an inactive or active employer identification number (EIN), a recently-established EIN they have no knowledge about, or a balance due notice for a BMF form they never filed with IRS. Since the contact is unexpected, the taxpayer’s correspondence may indicate they are a victim of business identity theft (BMF IDT).

    Note:

    If there is an open TC 971 AC 522 already on the module and/or an open ID theft control, see IRM 25.23.11.7 (2), BMF Identity Theft Inquiries, to determine if the case needs to be referred. If the case needs to be referred see IRM 25.23.11.7.6BMF Identity Theft Referrals, for referral procedures.

  2. If a Form 14039 or 14039-B is received take the following actions:

    1. Open a control base if one is not currently open. If case is to be referred, do not close the control until the referral is accepted by the receiving function.

      Note:

      The term “receiving function” is referred to throughout the IRM. This signifies the function where the referral is being sent and the ID theft case will be worked.

    2. Send 5316C letter to acknowledge receipt of ID theft claim

    3. Input the TC 971 AC 522 IDTDOC to indicate the receipt of ID theft documentation.

    4. If a Form 14039 or 14039-B is received, all research is completed and the determination is no ID theft exists, forward the case via secure email for review by the local SME . See IRM 25.23.11.7.5 (7) for the appropriate SME email. Once agreement is reached that no ID theft exists, if a TC 971 AC 522 was input, reverse with TC 972 AC 522 NOIDT and work the case following normal procedures. If IDT is the only issue, send a 5317C letter. Provide the taxpayer with a complete explanation as to why the Non-IDT determination was made.

    All of these actions must be completed prior to referring the case to another function when a 14039 or 14039-B is received.

  3. If there is a balance due on the account relating to the ID theft issue, input a TC 470.

  4. When working a paper case if:
    a. No 14039 or 14039-B is received and/or
    b. The case is going to be transferred to another function:

    1. Review the table under IRM 25.23.11.7 BMF Identity Theft Inquiries, to determine if the account needs to be placed in another function’s BMF IDT inventory. If the table indicates a referral is necessary, take the following action:

    2. Do not reassign or close the control base.

    3. Do not input a TC 971 AC 522. The receiving function will input the ID theft indicator after the referral is accepted in their inventory.

    4. Initiate the Form 14566, BMF Identity Theft Referral. See IRM 25.23.11.7.6BMF Identity Theft Referrals

    5. Send the Form 14566 to the AM BMF IDT Liaison (*W&I AM BMF IDT) by secure e-mail.

    6. Update the CIS History Notes to show: Potential BMF IDT - Case referral to [insert the function’s name].

      Example:

      Potential BMF IDT - Case referral to Field Collection

    7. Once the case is accepted by the referring function, close the control.

  5. If the case is to remain in AM inventory, take the following steps:

    1. If a control is not open, open the control.

    2. If the taxpayer sent the Form 14039 or 14039-B, send Letter 5316C , to acknowledge claim receipt.

    3. Input TC 971 AC 522 IDTCLM on all MFTs and tax periods involved in the ID theft when the taxpayer claims ID theft but no documentation is sent.

    4. Input the TC 971 AC 522 IDTDOC if the Form 14039 or 14039-B is received. If there is no previous TC 971 AC 522 IDTCLM present and a Form 14039/14039-B received, just input the TC 971 AC 522 IDTDOC.

    5. Update CIS notes providing facts behind ID theft determination.

    6. Once the research is completed and ID theft is established, the case must be reviewed by Manager or Lead, prior to taking any account actions. Follow local procedures for the review process.

    7. Once the review process is completed and ID theft is well established, see IRM 25.23.11.7.7Account Actions, for steps to correct the account.

    8. Review the account to determine if there are any other outstanding issues that need to be addressed. For example, collection issues, defaulted installment agreement, offsets or missing returns. (This list not all inclusive).

    9. Once account has been corrected and all issues addressed send Letter 5317CBMF Identity Theft Interim & Post Resolution Letter and input TC 971 AC 522 CLSIDT.

  6. If ID theft can not be established through internal research and additional information is needed, send the taxpayer Form 14039-BIdentity Theft Affidavit - Business using Letter 5317CBMF Identity Theft Interim & Post Resolution Letter. See IRM 25.23.9.7Form 14039-B Identity Theft Affidavit-Business for additional information. Give the taxpayer 30 days to respond to the notice. Suspend the case for 45 days to allow the taxpayer time to respond.

    1. If a response has not been received within that time frame, close the case and reverse the ID theft indicator with TC 972 AC 522 NORPLY. Reverse the TC 470 if one was placed on the account. Send Letter 5317CBMF Identity Theft Interim & Post Resolution Letter, using the appropriate paragraphs.

    2. If the taxpayer provides the needed information review it for completeness, legibility and determine whether all required information has been included. If the claim is complete, input a TC 971 AC 522 IDTDOC to indicator receipt of the Form 14039-B and send the Letter 5316C to acknowledge receipt of the claim and take all necessary account actions to resolve the ID theft issue. See IRM 25.23.11.7.7Account Actions for the steps to correct the account. If there are missing documents, attempt to call the taxpayer if there is a contact number provided. Document the CIS case notes with dates, times of the calls, the name of the contact and what information was requested from the taxpayer. If phone contact cannot be made within three business days or no number is provided, issue a Letter 5317C to the taxpayer requesting the needed information. In both cases, provide a 30 day time frame for submission of any missing information. If the follow-up response is not received within the 45 days, follow the procedures in (a) to close the case.

    3. If after receipt of the 14039-B, ID theft still can not be established, send Letter 5317Cusing the appropriate paragraphs to provide taxpayer a complete explanation as to why the Non-IDT determination was made.

  7. If a Form 14566 is received and the case is not on CIS, follow normal procedures for sending the case to be scanned with the activity code BMF IDT and appropriate category code: BID1-Employment Tax, BID2-Form 1120 or BID3-Other.. Once the case is scanned into CIS, send 5316C if not already sent and input TC 971 AC 522 IDTCLM if not already on the module(s), then follow the procedures stated above.

BMF Identity Theft Phone Inquiry

  1. The taxpayer may contact a BMF phone application after receiving an unexpected notice regarding an inactive employer identification number (EIN), a recently-established EIN they have no knowledge about, or a balance due notice for a BMF form they never filed with IRS. Since the contact is unexpected, they may claim to be a victim of business identity theft (BMF IDT).

  2. Follow the normal telephone and authentication requirements under IRM 21.1.1.7, Communication Skills, and IRM 21.1.3.2.3, Required Taxpayer Authentication.

    Caution:

    If there is an ID theft marker on the module, high risk disclosure may be needed to ensure you are speaking to an authorized party.

    Note:

    When the caller claims to be an identity theft victim and is unable to pass disclosure authentication, we will accept the taxpayer’s statement and not provide any account information. Update the history with the caller’s contact information and a brief explanation of the potential identity theft. The documentation must include the statement: Potential BMF IDT; caller unable to pass disclosure. Proceed with the required research to determine ID theft potential. If the taxpayer states they have no knowledge of the business, they may be unable to pass BMF disclosure. Utilize the information under the caller’s TIN to verify identity prior to disclosing any information.

    Reminder:

    IMF disclosures requirements are:
    1. SSN/ITIN
    2. Name(s) as they appear on the last return filed
    3. Current address
    4. DOB
    5. For additional information see IRM 21.1.3.2.3Required Taxpayer Authentication. If taxpayer cannot answer these questions see IRM 21.1.3.2.4Additional Taxpayer Authentication

  3. In many cases, a third party requested an EIN on the taxpayer’s behalf for a legitimate business purpose. When the caller indicates no knowledge of the EIN or business account, expand the normal probe questions to include:

    • Did a family member take over a previously-owned business and request an EIN in your name or continue to use an inactive EIN assigned to you several years ago?

    • Did you join a partnership or participate in the creation of a company where you provided your taxpayer identification number (TIN)?

    • Did you provide your TIN to a community association or accountant to prepare tax returns on your behalf or a third party?

    • Did you create a trust or other fiscal entity through a bank or executor?

    • Did you request an EIN to pay for home health care or other services in your household?

      Note:

      This list is not all inclusive and additional probes can be found at IRM 25.23.9.4(3), BMF Identity Theft Research.

  4. Complete all of the initial research to rule out normal account issues and determine if the potential for ID theft exists.

  5. Determine if the case needs to be referred. See IRM 25.23.11.7, BMF Identity Theft Inquires, to assist with determining if the case should be transferred or remain in AM.

  6. If the case is going to be referred to another function:

    1. Do not input a TC 971 AC 522 . The function that will be resolving the ID theft issue will input the indicator and open the control.

    2. Complete Form 14566BMF Identity Theft Referral and forward the case to the team leadership for case review and approval to refer. Once the referral is approved forward the case to the appropriate contact in paragraph 7 (1). See IRM 25.23.11.7.6 for additional referral information.

    3. If it is determined there is potential ID theft on an account with a balance due , input a TC 470 on all involved modules, if appropriate, to prevent the account from moving through the collection stream.

    4. Advise the taxpayer that due to the complexity of ID theft their case will need to be referred to the ID theft area and to allow 180 days for resolution. Advise them a hold has been placed if there was a balance owed relating to the ID theft issue. If the balance due is the taxpayer’s true liability or there are other outstanding account issues, follow normal procedures after handling the ID theft issue.

    5. If the required research has been completed, and additional information is still needed, only request the taxpayer complete Form 14039-BBMF Identity Theft Affidavit- Business if the case is going to remain within AM for resolution. Use Letter 5317C to send the Form 14039-B to the taxpayer. Advise the taxpayer they need to return the Form 14039-B within 30 days of receipt. If there is a balance due on the account and additional information is needed, input a 6 cycle STAUP to provide the taxpayer time to send in the information. Do not open a control. A control will be opened in CIS, Correspondence Imaging System, when the taxpayer submits the requested information.

    6. If an account related issue has created the problem and no ID theft exists, follow normal procedures to resolve the problem.

    7. Update AMS with the information that supports the ID theft determination or request for additional information.

  7. If, after research, a potential for ID theft is determined and the case is going to remain in the AM inventory:

    1. Complete a Form 14566. Forward the case to the appropriate site via secure e-mail advising the case needs to be scanned into CIS and moved into the BMF ID Theft inventory. The contacts for the sites are:
      ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡
      ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

    2. If a balance due on the account relating to the ID theft issue and the case is being referred to another function, input a TC 470 on all involved modules to prevent the account from moving through the collection stream.

    3. Input TC 971 AC 522 IDTCLM. Secondary date is the date of the call.

      Exception:

      Input one day prior to the date of the call if today’s date does not work.

      See IRM 25.23.9-2 BMF ID Theft Indicators for additional information). In the MISC enter WI AM IDTCLM, (see IRM 25.23.9-1 BMF Acronyms and Definitions for additional information).

    4. Open the control with activity code “BMFIDT-REF” and appropriate category code: BID1-Employment Tax, BID2-Form 1120 or BID3-Other. Case will be recontrolled once it is received into AM BMF IDT inventory.

BMF Identity Theft Referrals

  1. All the required research must be completed prior to referring the case to another function. This is to ensure the cases with the high probability of or confirmed ID theft can be placed in the correct inventory as quickly as possible.

  2. Due to the potential complexity of a BMF ID theft, it may be necessary to refer the case to another function for either resolution or assistance. All functions have established BMF ID theft Liaisons to assist in the working of ID theft cases. To find a list of the functional liaisons, see the BMF ID Theft Liaisons located on the BMF ID Theft Website.

  3. If working a paper case and the entire case is being referred to another function:

    1. DO NOT close the control until the case has been accepted by the receiving function. This is to prevent the case from slipping through the cracks when moving the case from one function to another. Once the referral is accepted by the receiving function and all account actions are completed close the control.

  4. All referrals will go functional liaison to functional liaison. See IRM 25.23.9.3, BMF Identity Theft Liaisons, for additional information.

  5. If the contact is received by phone, all of the required research is completed and the case is being referred, annotate the Form 14566 with “phone contact” so the liaison will be aware that no control will be open.

  6. When assistance is needed from another function the control will remain open until the response is received. The receiving function must respond to the request within 30 days of receipt. See IRM 25.23.9.8Referral of Out of Scope Issues for additional information.

Fabricated EIN Referrals
  1. A fabricated EIN occurs when an EIN is given for a business that does not exist. The fabricated EINis established for the sole purpose of filing fraudulent BMF or IMF returns. Usually the personal information used to establish the fabricated EIN is stolen and the X-REF SSN or EIN owner has no knowledge of the fabricated EIN. For fabricated EINs it is sometimes necessary to take additional actions and send separate referrals to CI, RICS and the AM BMF ID theft liaison.

    1. Document all of your findings on all the Forms 14566, BMF Identity Theft Referrals

    2. Send the completed referral forms to your BMF Identity Theft liaison using the *W&I AM BMF IDT mailbox, for referral to the Entity Fabrication (EF)Team in RICS. Be certain to include the referral form with all appropriate research completed and explain the IMF implications.

    3. Send the completed referral form to your BMF Identity Theft liaison, using the *W&I AM BMF IDT mailbox, for referral to CI to advise them of the fabricated EIN. See IRM 25.23.9.8.3Referrals to Criminal Investigation (CI) for additional procedural requirements. Be certain to include the referral form with all appropriate research completed and explain the IMF implications if applicable.

    4. Using CC ENREQ input “Identity Theft” on the second name line (sort name) to identify this account as fabricated.

      Caution:

      Do NOT delete EIN filing requirements without CI approval per IRM 25.23.9.8.3 .

    5. Send the completed referral form to the AM BMF Identity Theft liaison, using the *W&I AM BMF IDT mailbox, for referral to the IPSO. The liaison will review the form and if the form is complete, the liaison will send it to Jill.Zeffiro@irs.gov. On the subject line of the IPSO referral enter: TC 971 AC 524, last 4 digits of the EIN or if you have access to CIS, use the case ID in place of the last 4 digits of the EIN. Refer to IRM 25.23.9.8.4 Referrals to Lock the Account of an EIN Deemed Fabricated. Be certain to include on the referral all appropriate research completed. Document the sending of the referral on AMS along with the details of the request. If working a CIS case, attach the referrals to the CIS case.

    6. If the account has been locked in error, send a referral to the AM BMF ID Theft Liaison, using the *W&I AM BMF IDT mailbox, to have the TC 971 AC 524 reversed.

  2. There will be times when the fraudulent Forms W-2 have been filed under a good business’s EIN. An additional referral may be needed to the Combined Annual Wage Reporting (CAWR) group. See the following IRMs for these procedures:

    • IRM 25.23.9.9Referrals to Combined Annual Wage Reporting (CAWR)

Account Actions

  1. Once ID theft has been established and the case reviewed by the manager or lead, it will be necessary to correct the account.

  2. If the bad return has posted first and good return posted as a “DUPF”:

    1. Completely back out (nullify) the bad return first. This is to have the adjustment notice reflect the adjustment to the taxpayer’s figures. Do not net the returns. Input the adjustment with a HC 4 to hold the notice and any credit that may be on the module.

    2. If the refund was lost, input a TC 470 with a post delay of 1 cycle. This will prevent the issuance of any collection notices until the credit is moved in from the 1545 account.

    3. Reverse any offsets in or out of the module if appropriate. Always input a secondary TC 570 on any credit transfers being moved into the ID theft module. This will hold the credit if necessary.

    4. If any refund was lost as a result of the filing of the ID theft return additional procedures will need to be completed in order to balance the good taxpayer’s account. If the refund has already been released to the bad TP the backing out of the return will create a debit on the module. To balance the account, credit from the 1545 account will need to be moved into the account once the bad return is backed out. Complete Form 3809 and forward to the appropriate accounting function where the refund was issued. Suspend the case until the TC 841 posts back to the account. See IRM 25.23.9.10.2Lost Refund for procedures for the preparation of the Form 3809. The credit will be returned to the module as a TC 841- entire refund lost, TC 700 partial refund lost. Monitor the case until the TC 841/700 posts back to the account.

    5. Math verify the good return to ensure there are no errors. If there is a math error, follow normal adjustment math error procedures.

    6. Once the TC 841/700 posts back to the account, adjust the account to reflect the good taxpayer’s return. If the return is a refund or isn’t going to result in a balance due, use HC 0 to allow the adjustment notice to generate to the taxpayer. If the good taxpayer’s return is going to result in a balance due:
      1. Determine if the return was timely filed. If the return was late you will need to manually calculate and assess any applicable failure to file (FTF) penalty. See IRM 20.1.2.1.1When Timely mailing Equals Timely Filing or Paying (Received Date vs. Filing /Payment Date)
      2. Input adjustment using PC 2. This allows the computer to recognize the need to compute the FTP back to the return due date.
      3. Input the adjustment with the appropriate IRN 871 amount. The amount listed for the IRN 871 is the tax shown on the taxpayer’s good return.
      4. For more details on the procedures, see IRM 25.23.11.7.8Wrong/Bad Return Posted First and Good Return has a Balance Due

    7. Determine if the address is correct. If address was changed as a result of the ID theft return, correct it back to the taxpayer’s correct address.

    8. Once the TC 841/700 posts, review the account to ensure all account issues have been corrected or addressed with the taxpayer.

    9. Input TC 971 AC 522 CLSIDT.

    10. Send Letter 5317C to explain to the taxpayer all actions taken.

  3. Only the bad return is posted:

    1. Back out the bad return. Use HC 4 to hold the notice.

    2. Reverse any offsets in or out of the module if appropriate. Always input a secondary TC 570 on any credit transfers to hold any credits being moved into the ID theft module.

    3. If the refund was lost, Input a TC 470 with a post delay of 1 cycle. This will prevent the issuance of any collection notices until the credit is moved in from the 1545 account.

    4. If any refund was lost as a result of the filing of the ID theft return additional procedures will need to be completed in order to balance the good taxpayer’s account. Complete Form 3809 and forward to SP, Manual Deposit Unit where the refund was issued. Suspend the case until the TC 841/700 posts back to the account. See IRM 25.23.11.7.9Lost Refund for procedures for the preparation of the Form 3809. Monitor the case until the TC 841/700 posts back to the account.

    5. Determine if the address is correct. If address was changed as a result of the ID theft return, correct it back to the taxpayer’s correct address.

    6. Review the account to ensure all account issue have been corrected or addressed with the taxpayer.

    7. Input TC 971 AC 522 CLSIDT.

    8. If EIN is active but there are no filing requirements or the taxpayer has no filing requirements for that specific form, close the appropriate filing requirements.

    9. Send Letter 5317C to explain to the taxpayer all actions taken.

  4. ID theft return is an amended return:

    1. Reverse the adjustment input for the amended return. Use a HC 3 to hold the notice.

    2. Reverse any offsets in or out of the module if appropriate. Always input a secondary TC 570 on any credit transfers to hold any credits being moved into the ID theft module.

    3. If the refund was lost, input a TC 470 with a post delay of 1 cycle. This will prevent the issuance of any collection notices until the credit is moved in from the 1545 account.

    4. If any refund was lost as a result of the filing of the ID theft return additional procedures will need to be completed in order to balance the good taxpayer’s account. Complete Form 3809 and forward to SP, Manual Deposit Unit where the refund was issued. Suspend the case until the TC 841 posts back to the account. See IRM 25.23.9.10.2Lost Refund for procedures for the preparation of the Form 3809. Monitor the case until the TC 841 posts back to the account.

    5. Determine if the address is correct. If address was changed as a result of the ID theft return, correct it back to the taxpayer’s correct address.

    6. Review the account to ensure all account issues have been corrected or addressed with the taxpayer.

    7. Input TC 971 AC 522 CLSIDT.

    8. Send Letter 5317C to explain to the taxpayer all actions taken.

  5. In all cases where it has been determined the EIN is fabricated and the account needs to be locked, see IRM 25.23.11.7.6.1Fabricated EIN Referrals for procedures. Using CC ENREQ, input “Identity theft” on the second name line (sort name) to identify this account as fabricated.

Wrong/Bad Return Posted First and “Good” Return has a Balance Due

  1. There will be situations where an ID theft return posted first and the good taxpayer’s return is a balance due and the tax was paid late or still unpaid. In these situations failure to pay (FTP) penalties must be charged.

  2. ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡ ≡

  3. If the good taxpayer’s return was filed late, it will still be necessary to manually compute the FTF penalty.

  4. Math verify the return.

  5. It is important the correct information is entered on the adjustment to ensure the correct charging of the FTP penalty.

    1. Back out the bad return. DO NOT net the returns. Back out any associated penalties with the exception of bad check penalty (TC 280) or the FTP penalty charged on the TC 150. The FTP will automatically recompute once the back out adjustment posts.

      Exception:

      Netting can be done if the ASED is imminent.

    2. Follow procedures in IRM 25.23.11.7.7 (2) Account Actions for all other needed account actions. The only difference in working the balance due returns where FTP penalty needs to be assessed is on the REQ54 input for the good return. The new aspects of the adjustments are:
      1. The use of priority code (PC 2) on the adjustment- PC 2 advises the computer that the FTP needs to be computed back to the RDD.
      2. The IRN 871- The amount of the IRN 871 represents the “tax shown” on the good return minus refundable credits. The IRN 871 amount tells the computer to compute the FTP based on the lesser of the IRN 871 amount (what the taxpayer expected to owe) or the tax assessed (290 amount) on the return from the due date of the return. In the computation of FTP penalty, the computer will recognize FTD and ES payments and refund reversals (TC 841/700) and calculate the FTP penalty appropriately.

    3. Use HC 0 to allow the adjustment notice to generate.

    4. If multiple account actions are being taken, post delay the adjustment for 1 cycle to allow all actions to post prior to the adjustment.

    Example:

    Bad return posted first. The taxpayer’s good return shows a balance owed of $1,000. However, after the good return was math verified the true balance owed is $1,500. The adjustment would be a TC 290 for $1,500 using the IRN 871 for $1,000 (tax shown on the good return) and PC 2. The computer will determine the lesser of the tax assessed ($1,500) and the “tax shown” ($1,000). The computer will compute the FTP on the IRN 871 amount of $1,000 back to the return due date. Since the taxpayer was not aware of the additional $500 owed the taxpayer has the 21 days from the 23C date to pay before FTP is assessed.

    Example:

    The taxpayer made ES payments totaling $5,000. The bad return posts claiming a $4,000 refund. With the ES payments made, a refund is issued for $9,000 to the identity thief. After the return is backed out and the $9,000 is credited from the 1545 account, there will be a $5,000 credit on the module. There is $7,000 “tax shown” on the good return with no refundable credits. Since there is no math error on the return the IRN 871 will be $7,000 also. The adjustment will be a 290 7,000, IRN 871 7,000 with PC 2 HC 0. The computer will recognize the $5,000 in ES payments and charge FTP on $2,000 from the RDD to the date the account is paid in full.

  6. For additional information, see IRM 25.23.9.10.1, Wrong/Bad Return Posted First and the “Good” Return is a Balance Due.

Lost Refund

  1. If an ID theft return (original or amended) has been processed and as a result a refund was issued to the Identity thief, credit back the ID theft refund amount into the taxpayer’s account in order to balance the account. This is done by moving credit from the ID theft 1545 account.

  2. Prior to moving the credit into the account, reverse all available offsets that occurred.

  3. To move the credit from the 1545 account, complete Form 3809

  4. If part of the refund was offset and the credit is being returned to the module, only the portion of the refund that is unrecoverable will be moved from the 1545 account.

  5. To complete the Form 3809

    1. Enter in the Name and Address:
      a. Debit portion- “1545 Account”
      b. Credit portion- Name as shown on ENMOD (do not enter the address)

    2. TIN: Credit portion only- Business EIN

    3. MFT- Credit portion only- MFT of account where the refund was issued

    4. Tax Period: Credit and debit portion-Enter the tax period where the refund was issued.

    5. Transaction Date: Credit and debit portion- Date of the refund (TC 846 date)

    6. 1st Transaction Code:
      a. Debit portion- leave blank
      b. Credit portion_ Use TC 841 when crediting the entire refund and TC 700 for crediting a partial refund.

    7. Amount: Enter the amount of the lost refund

    8. 2nd TC: Credit side only- enter a TC 570 to hold the credit on the module so an erroneous refund is not generated.

    9. Prepared by: Enter your initials, IDRS number and date

  6. Forward to SP, Manual Deposit Unit where the refund was issued

  7. Suspend case and monitor for the posting of the TC 841/700. This is usually 2-4 weeks.

  8. The preparation and posting of the TC 841 should be completed prior to backing out the return if possible.

Reversing TC 130

  1. Only those trained in working ID Theft cases can reverse a TC 130 and will follow guidance below.

  2. If identity theft is confirmed, thoroughly research all related accounts for legitimate outstanding balances prior to reversing any TC 130 on the account. Ensure there are no balances on the IMF, BMF or NMF account. See IRM 25.23.11.5.1, Accounts Containing TC 130 for research steps.

  3. Prior to inputting the TC 131, forward case to manager or lead for approval.

  4. The manager or lead will review the case information and determine if the reversal is appropriate. The manager or lead will leave a CIS message on the case with the facts that back up the decision to allow or disallow the reversal of the TC 130.

  5. If no liabilities remain on IDRS or NMF, input the TC 131 to ENMOD using CC REQ77.

Reversing BMF Identity Theft Indicators

  1. If a BMF identity theft (IDT) indicator (TC 971 AC 522) was erroneously entered on an account, subsequent research determines no ID theft has occurred or the taxpayer doesn’t respond to the request for additional information, reverse the ID theft indicator. Reverse using a TC 972 AC 522. Use the appropriate MISC to reflect the reason for the reversal.

    • NOIDT- After researching the account it is determine no ID theft exists

    • NORPLY- Taxpayer does not respond to the request for additional information

    • IRSERR- Indicator input incorrectly

    • FALSE- It is determined the taxpayer is falsely claiming ID theft

    • OTHER- Any reason not listed above. Document AMS/CIS with reason for reversal

  2. For additional information see IRM Exhibit 25.23.9-5 Reversing BMF Identity Theft Indicators- TC 972 AC 522.

Requests for a New Employer Identification Number (EIN) by Taxpayers Who Are Victims of ID Theft

  1. There are circumstances where a taxpayer requests a new EIN, stating they are a victim of ID Theft. These situations should be rare and consideration for a new EIN should not be suggested to the taxpayer. The request must be made solely by the taxpayer.

  2. For the Service to consider the issuance of a new EIN, the ID theft must have federal tax administration impact. These would include:

    • Fraudulent returns filed under the EIN. (This includes original or amended returns)

    • Filing of fraudulent income documents. (Forms W-2, 1099 etc.)

  3. If the taxpayer insists on a new EIN and research shows there has been tax impact on the account, advise the taxpayer they will need to:

    1. Complete a new Form SS-4, Application for Employer Identification Number.

    2. Complete Form 14039-B, Identity Theft Affidavit- Business. This form must be sent to the taxpayer.

    3. Advise the taxpayer to attach the Form 14039-B to the SS-4 and mail to the appropriate service center at the address listed below.
      Internal Revenue Service
      201 W Rivercenter Blvd.
      Covington, KY 41011
      Entity- Stop 343

  4. When the forms from the taxpayer are received in Entity, a new EIN will be assigned and the old EIN will be merged with the new EIN. The taxpayer will receive notification when the new EIN is assigned.

  5. Take all the required account actions that need to be completed to make the account whole.

  6. Situations where the taxpayer states their EIN was stolen and used in ways other than the federal filing of returns or income documents, the Service will not issue a new EIN to the existing business.

  7. If the taxpayer insists on a new EIN, advise them they will need to shut down the current business in order to obtain a new EIN. They will need to:

    1. File final returns for all open filing requirements. This will close out the current business.

    2. Contact the state for approval of the new business name.

    3. Submit a new Form SS-4 with a new business name or apply on-line for the new EIN. If they are submitting the Form SS-4: advise the taxpayer to check the “Other” box under line 10 and specify the reason for the new EIN. They will also need to supply the old EIN on line 18. This will help to prevent the research from showing a duplicate EIN if the new name is similar to the old.

    4. Advise the taxpayer to send the completed SS-4 to:
      Internal Revenue Service
      201 W Rivercenter Blvd.
      Covington, KY 41011

    5. They will receive notification (CP 575) when the new EIN is assigned.

Accounts Management Form 14566 Instructions

The table below will assist the Accounts Management Customer Service Representative with initiating the Form 14566. The Accounts Management BMF IDT Liaison will review the form, complete the remaining fields, and forward to the appropriate functional BMF IDT Liaison.

Form 14566 Field Name Field Data
Liaison Name Enter the name of the liaison where the referral is being sent
Liaison FAX Number
Open Case Respond By This is for assistance referrals. Set the date 30 days from the date of the referral for them to reply.
Correspondence Imagining System (CIS) Case Number In most cases, the phone inquiry will not have a CIS case open. If no CIS case, enter None.
Taxpayer Name Name as shown on the related EIN (master file). Input as it appears on CC ENMOD, INOLES or BMFOLE.
Taxpayer Identification Number Enter the related EIN.
Tax year(s)/MFT(s) If the inquiry is related to a balance due notice, enter the MFT and tax period. If no tax returns were filed under the EIN, leave the field blank.
Name Enter the name of the individual reporting the potential BMF identity theft. Depending on the type of business, this may be different than the taxpayer name.
Taxpayer Identification Number If available, enter the social security number of the individual reporting the potential identity theft.
Tax year(s)/MFT(s) If the inquiry is related to a balance due notice, enter the MFT and tax period. If no tax returns were filed under the EIN, leave the field blank.
Business Affiliation/Position If the caller indicates they are an employee, owner, officer, or partner of the related EIN, enter the position name. If the caller indicates no knowledge of the business or EIN, enter None.
Taxpayer or IRS Identified Check the appropriate box.
Documentation Received Unless the caller insists on submitting documentation by fax, do not request any documentation and do not check the box.
Research Completed If any of the shown items were used to determine the caller is a potential BMF IDT victim, check the appropriate box.
Supporting Research for Requested Actions Enter the reason for the referral to the function outside of AM (Example: Field Collection referral because tax module is in Status 26).
Actions Requested by the Originator Complete the section with actions to be taken by the referred function or notifications to that function.
Completed Actions by the Receiving Function Blank
Function Contact Information Enter name and IDRS number of employee submitting Form