Employers Gain IRS Tax Relief For Identity-Protection Service

The Bloomberg BNA Payroll Library gives you reliable, up-to-date guidance and analysis in every area of payroll administration and compliance, and includes hundreds of interactive forms and links to related federal, state, and local sites.


By Keith M. Hill

Employers that provide identity-protection services to employees do not have to include the value of the benefit in employees’ wages and gross income, the Internal Revenue Service said Dec. 30.

Additionally, employers do not have to report the amounts on Form W-2 or Form 1099-MISC, the IRS said in Announcement 2016-02.

Identity-protection services provide clients with credit and fraud monitoring and help protect personal information such as Social Security numbers, credit card numbers and bank account information.

“Despite heightened efforts by organizations to prevent data breaches using traditional information technology security features, some organizations are making security decisions based on the belief that breaches of their information systems are inevitable,” the IRS said.

Many organizations are combating data breaches by providing identity-protection services to employees before a breach occurs, the agency said. Information systems containing the personal information of employees and customers often are the target of such breaches.

The provision does not apply to cash received in lieu of identity-protection services or to proceeds received under an identity-theft insurance policy, the IRS said. Although these identity protection services are excluded from federal taxation, employers should check state and local tax laws.

The IRS announcement extends the tax relief given to some taxpayers in Announcement 2015-22. In that notice, the agency provided some tax relief for identity-protection services provided after a breach and received requests to expand the relief to services provided before a breach to “allow earlier detection of a data breach and minimize the impact of a breach on operations.”

Data security is a concern for many organizations because of security breaches, the IRS said. The Bureau of Justice Statistics estimated that 16.6 million people were victims of identity theft in 2012, the latest year for which data were available, the IRS said. 

To contact the reporter on this story: Keith M. Hill at khill@bna.com

To contact the editor responsible for this story: Michael Trimarchi at mtrimarchi@bna.com.