The Small Business Administration (SBA) estimates that 10 million individuals in the United States are victims of identity theft each year. But this crime doesn’t affect only individuals; it can also strike businesses — including those in the construction industry.
Recently, a plumbing contractor learned this the hard way.
A Costly Exception
The married couple owning the business kept a close handle on the books. The couple and their accountant and attorney were typically the only ones with access to the company’s tax and accounting records.
But there was one exception: About five years ago, the owners opened the books to a long-time manager who’d gained their trust. He eventually oversaw payroll and other transactions.
About two years after assuming this role, however, the manager had a disagreement with ownership over compensation. Although they resolved the dispute, the employee resigned soon thereafter. About a year later, the company began receiving collection letters for debts the owners weren’t aware of.
The Paper Trail
The owners called their accountant, who immediately began investigating the sources of the mysterious debts. After weeks of forensic work, she presented a summary of findings and recommended that the owners contact law enforcement.
Months later, the former manager was charged with a series of crimes related to business identity theft. Turns out, he’d stolen sensitive company information to file a fake tax return and claim a sizable refund. He’d also used the taxpayer ID and other company data to obtain credit cards in the business’s name.
5 best practices
The accountant recommended that the owners review the SBA’s five best practices for preventing small-business identity theft:
- Develop a protection plan. A step-by-step strategy can outline the ways the company can prevent identity theft and serve as a response guide should it happen.
- Protect business documents. All records should be secured. Sensitive information should be shredded before disposal.
- Stay safe online. Sensitive data should never be put online, whether in an e-mail or on an unsecured server.
- Scrutinize company credit. Monitoring services can give peace of mind while preventing major fraud from going unnoticed.
- Use unique passwords. The same login and passwords shouldn’t be used for every business account.
The owners worked with their accountant to apply these practices to their specific situation. They also implemented other changes, such as dedicating one computer to banking and other secure transactions.
Far More Aware
Unfortunately, this plumbing contractor spent a lot of time, energy and money fighting one fraud perpetrator. But, going forward, the company was far more aware of threats to its identity.
If you feel your business has been compromised due to identity theft, let’s talk. I can help you to pinpoint the issue and offer guidance on the right remedy for your company.