When most small business owners think of being audited, they naturally imagine an audit by the Internal Revenue Service (IRS). Indeed, these can happen to any small business, but there are other types of audits too. For example, software companies have increased software license audits in recent years, making it imperative that businesses keep up with the status of their software licenses.
As for IRS audits, they really do happen, so you have no choice but to be prepared for them, because they can be extremely disruptive, even if you pass with flying colors. Common situations that increase the likelihood of an IRS audit of your small business include:
- Unusually high level of income for your line of business
- Excessive business deductions
- Intermingling personal and business expenses
Here are some small business ideas on how to cope with an audit and more importantly, what to do after an audit.
Types of Audits
IRS audits don't necessarily entail fearsome people showing up at your business to pore over your books. There are actually several different levels of audits, and the more forthcoming you are with minor issues, the better your chances of avoiding a major one.
- Correspondence audits are carried out by mail or phone and often concern a small dollar amount or a single line item on your return. These are the least disruptive and expensive audits.
- Desk audits are a bit more invasive. These are used for issues that are too complex or involve too much money for a simple correspondence audit, but that don't require an in-person audit.
- Office audits are the ones where the IRS sends people to your business to analyze your books. These are the "root canals" of audits in terms of inspiring dread and disrupting things.
Depending on your line of business, you might be subject to other types of audits in addition to IRS or software audits. For example, accounting businesses and financial services businesses may be subject to industry-specific audits, and healthcare businesses can be made to undergo a HIPAA audit concerning patient privacy practices. Nearly any kind of business can be targeting for OSHA or EPA audits. Companies registered to any of the ISO standards must undergo regular operational systems audits. Food manufacturers and distributors face regular FDA audits.
After the Audit
After an audit, getting back to business as usual requires that you take corrective action and do so with the utmost seriousness. With a correspondence audit, sending in appropriate documentation, correcting an error, or paying restitution are the main tasks, and it's important that you document these actions thoroughly to ensure the matter is resolved. Make copies of any checks sent and send any mail to the IRS via certified mail.
With larger audits, writing a Corrective Action Plan is a smart idea. Your corrective action plan acknowledges
- what the problem is,
- how you will address it, and
- how you will ensure it doesn't happen again.
It should explain what caused the problem in the first place, flaws in work processes that led to the error, and progress through corrective measures that resolve the issue completely.
Following Up on Corrective Actions
When you're required to take corrective actions as a result of an audit, you should document those corrective actions from beginning to end. Aave copies of all documentation, and once you have taken corrective action, follow up with the auditing agency to ensure the matter has been resolved to their satisfaction. A simple misdirection of correspondence could make it appear as if you're ignoring an audit's findings. You don't want this to happen. If the audit produced serious findings that affect your business's health, strongly consider enlisting professional audit help and tax negotiation. These services can more than pay for themselves by helping to ensure that addressing issues is done in the most cost-effective way possible.
Self-Auditing and Being Prepared
Self-audits are a wise business practice. It doesn't have to be all that formal, but should be documented and should be done by at least two people in your business, so that your self-auditors aren't responsible for monitoring their own actions. Nobody likes audits, but you can take some comfort in knowing you're not alone and you will get through it.