In the US, companies must have identification numbers with the Internal revenue Service for tax purposes. These numbers for individuals are social security numbers, and for businesses, the numbers are called Employment Identification Numbers (“EIN Numbers”). A new company that wants to do business in the U.S. must apply for its own EIN number using the Federal SS-4 Form. To help prevent fraud, a company must also name its “responsible party” that manages, directs and/or controls the entity behind the EIN company. (The responsible party must also have its own EIN number, too!)

Generally, a company may delegate a third-party designee to receive information about the company over the phone directly from the IRS. However, effective as of this past spring, the IRS has quietly been implementing some unofficial changes to third-party designee phone authorizations.

In what has been described as a further effort to combat fraud, in order for a third-party designee to receive information by phone from the IRS, the caller must now provide his/her:
– Personal name,
– Personal social security number (!!!),
– Personal home address, and
– Personal birth date.

This policy comes on the heels of recent fraudulent scams that targeted the IRS during tax filing season in which scammers tried to gain access to other people’s tax refunds. For example, one such

phishing/cybercriminal scam

targeted tax professionals in North Carolina, New Jersey, Illinois, Iowa, and a Canadian accounting association.

To better verify the identity of the person calling the IRS and ensure sensitive information is not being distributed to just anyone, the new procedure is being implemented for company representatives, third-party designees, and POAs alike.