Introduction
Business registration is supposed to identify the real owner, operator, address, and nature of a business. In the Philippines, a lawful business commonly requires registration with the Department of Trade and Industry for sole proprietorships, the Securities and Exchange Commission for corporations and partnerships, the local government unit for the mayor’s or business permit, and the Bureau of Internal Revenue for tax registration. Depending on the industry, additional permits may be required from barangay offices, zoning offices, health offices, fire authorities, professional regulators, or national agencies.
A serious problem arises when a person discovers that their name, identity documents, signature, address, tax identification number, business name, property, or credentials were used without consent to apply for or operate a business permit. This may be called business permit identity theft. It may involve fake businesses, unregistered operations, tax fraud, illegal lending, online selling scams, shell companies, rented identities, forged authorizations, dummy owners, or business registrations made by relatives, employees, fixers, tenants, partners, or strangers.
This article discusses business permit identity theft in the Philippine context: what it is, how it happens, what laws may be involved, what risks it creates, how to cancel or correct fraudulent registrations, what evidence to preserve, what government offices may be approached, and what remedies may be available.
I. Meaning of Business Permit Identity Theft
Business permit identity theft occurs when a person’s identity or personal information is used without lawful authority in connection with business registration, business permit issuance, tax registration, licensing, or commercial operations.
It may involve the unauthorized use of:
- Full name;
- Signature;
- government-issued IDs;
- Tax Identification Number;
- address;
- business name;
- barangay clearance;
- lease contract;
- title or tax declaration;
- authorization letter;
- Special Power of Attorney;
- community tax certificate;
- corporate position;
- professional license;
- email address or phone number;
- digital account credentials;
- photograph or selfie verification;
- bank account or e-wallet;
- DTI, SEC, BIR, or LGU registration details.
The unauthorized use may be done to make it appear that the victim owns, operates, manages, authorizes, leases to, or represents a business.
II. Common Scenarios
Business permit identity theft may happen in many ways.
1. Fake Sole Proprietorship
A person registers a business under another person’s name, making it appear that the victim is the sole proprietor.
2. Fraudulent Mayor’s Permit
A local business permit is obtained using the victim’s identity documents, address, or forged signature.
3. Unauthorized Use of TIN
A business is registered with the BIR using another person’s Tax Identification Number or personal details.
4. Use of Property Address Without Consent
A business permit is issued using the victim’s home, land, office, or commercial unit as the business address without permission.
5. Tenant Using Landlord’s Identity
A tenant or occupant uses the landlord’s name, title, tax declaration, or authorization without consent to secure a business permit.
6. Employee or Relative Registering Business Under Victim’s Name
A trusted person uses the victim’s documents to register a business, sometimes claiming it was “for convenience.”
7. Online Seller or Scam Store
A scammer uses another person’s name and address to register an online selling business or payment account.
8. Lending or Financing Scheme
A lending operation uses another person’s identity as registered owner to avoid accountability or regulation.
9. Corporate Dummy or Nominee Arrangement
A person is listed as incorporator, director, officer, stockholder, partner, or authorized representative without informed consent.
10. Forged Authorization Letter or SPA
A fixer or applicant submits a forged authorization letter, special power of attorney, or consent form to process permits.
11. Barangay Clearance Misuse
A barangay business clearance is obtained based on false information or forged documents.
12. Fake Lease or Occupancy Documents
A business permit applicant submits a fabricated lease contract, consent to use premises, or proof of occupancy.
13. Franchise or Branch Registration Abuse
A person registers branches or franchises under the victim’s name without authority.
14. Use of Deceased Person’s Identity
A business is registered under a deceased person’s name to conceal the true operator.
15. Use of Lost IDs
Lost or stolen IDs are used to support registration documents.
III. Why Business Permit Identity Theft Is Serious
Business permit identity theft is not merely an administrative mistake. It can expose the victim to legal, tax, financial, reputational, and criminal risk.
Possible consequences include:
- Tax assessments from the BIR;
- local business tax liabilities;
- penalties for failure to file tax returns;
- demand letters from suppliers, customers, or creditors;
- complaints from defrauded customers;
- subpoenas from government agencies;
- inclusion in lawsuits;
- blacklisting or negative records;
- difficulty obtaining future permits;
- misuse of the victim’s address;
- police or barangay complaints against the victim;
- reputational harm;
- unauthorized loans or accounts;
- liability for employees, permits, or violations;
- business closure orders affecting the victim’s property;
- data privacy harm;
- identity theft escalation to banking or e-commerce fraud.
A victim should act quickly once the fraudulent registration is discovered.
IV. Difference Between Business Name, Business Permit, and Tax Registration
The Philippines has several layers of business registration. Identity theft may affect one or more of them.
A. DTI Business Name Registration
A sole proprietor may register a business name with the Department of Trade and Industry. This does not by itself authorize operation, but it records the business name and registrant.
B. SEC Registration
Corporations, partnerships, and certain associations register with the Securities and Exchange Commission. Fraud may occur if a person is listed as incorporator, director, officer, partner, stockholder, or authorized signatory without consent.
C. Barangay Business Clearance
Many LGUs require a barangay clearance before issuing a business permit. False use of identity or address may begin at this level.
D. Mayor’s Permit or Business Permit
The city or municipality issues a business permit after reviewing requirements such as location, zoning, barangay clearance, lease or ownership documents, fire safety, sanitation, and other clearances.
E. BIR Registration
Businesses must register for taxation, official receipts or invoices, books of accounts, and tax filing obligations. Unauthorized BIR registration can create serious tax exposure.
F. Special Permits and Licenses
Some industries require permits from other agencies, such as food, health, transport, lending, finance, construction, education, employment, telecom, professional practice, or regulated products.
A victim must identify which registrations were fraudulently obtained and address each one separately.
V. Business Permit Identity Theft Versus Mere Mistake
Not every incorrect permit record is identity theft. Some errors may be clerical or administrative.
Examples of possible mistakes include:
- misspelled name;
- wrong address encoding;
- duplicate business name;
- old owner not updated after sale;
- outdated tax declaration;
- wrong barangay;
- incorrect contact number;
- data migration error;
- confusion between persons with similar names.
Identity theft is more likely when there is unauthorized use of documents, forged signature, false representation, fake authorization, or deliberate concealment of the true owner.
The victim should gather facts before accusing a specific person.
VI. Possible Legal Violations
Business permit identity theft may involve several legal issues, depending on the facts.
1. Falsification
If documents were forged or false statements were made in public, official, commercial, or private documents, falsification may be involved. Examples include forged signatures, fake authorization letters, false lease contracts, false affidavits, or altered IDs.
2. Use of Falsified Documents
Even if a person did not personally forge the document, knowingly using a falsified document may create liability.
3. Identity Theft Under Cybercrime Law
If computer systems, online portals, digital accounts, electronic forms, or online submissions were used to acquire, use, misuse, transfer, possess, alter, or delete identifying information, cybercrime-related identity theft issues may arise.
4. Estafa or Fraud
If the fraudulent business registration was used to deceive customers, suppliers, lenders, investors, landlords, or government agencies, estafa or other fraud-related offenses may be relevant.
5. Perjury or False Statements
If sworn statements, affidavits, declarations, or notarized documents contained false claims, perjury or related offenses may be considered.
6. Data Privacy Violations
Unauthorized use, processing, disclosure, or retention of personal information may violate data privacy obligations, especially when IDs, TIN, addresses, signatures, and contact details are involved.
7. Tax Violations
Fraudulent business registration may lead to tax filing issues, false registration, non-filing, unauthorized receipts, or tax liability disputes.
8. Local Ordinance Violations
Business permits are governed by local ordinances. False applications, misrepresentation, operation without authority, or unauthorized use of premises may violate LGU rules.
9. Notarial Violations
If a notarized authorization, lease, board resolution, secretary’s certificate, or affidavit was forged or falsely notarized, notarial misconduct may be involved.
10. Civil Liability
The victim may seek damages, cancellation, correction, indemnity, or injunction depending on the harm caused.
VII. Red Flags of Business Permit Identity Theft
A person may discover the problem through:
- receiving a BIR notice for a business they do not own;
- receiving LGU billing for local business tax;
- being contacted by customers about a business they never operated;
- discovering a business permit displayed with their name;
- finding a DTI or LGU record under their identity;
- receiving demand letters from suppliers;
- bank or e-wallet alerts linked to a business;
- subpoenas or barangay summons;
- social media complaints naming them as business owner;
- discovery that their home address is used as a business location;
- discovering unauthorized receipts or invoices;
- credit applications or loans under their name;
- tenants operating under the owner’s name;
- former employee using company documents;
- fake online store using their name or address;
- government inspection at their address.
Any of these should trigger immediate verification.
VIII. Initial Response of the Victim
The victim should act quickly but carefully.
Immediate steps include:
- Obtain copies of the questioned permit or registration.
- Ask which documents were submitted.
- Request certified true copies if available.
- Check DTI, SEC, LGU, barangay, and BIR records.
- Preserve notices, messages, screenshots, and envelopes.
- File a written denial or protest with the issuing office.
- Ask for suspension, cancellation, or correction of the fraudulent record.
- Execute an affidavit of denial if needed.
- File a police or cybercrime report if fraud is clear.
- Notify the BIR if tax registration is affected.
- Notify the barangay and LGU if the business address is false.
- Warn customers or creditors carefully if necessary.
- Consult counsel if liabilities, subpoenas, or tax assessments arise.
The victim should avoid making public accusations without sufficient evidence.
IX. Evidence to Gather
A strong case requires documentation.
Useful evidence includes:
- copy of the fraudulent business permit;
- DTI certificate;
- SEC registration documents;
- Articles of Incorporation or Partnership;
- General Information Sheet;
- mayor’s permit;
- barangay clearance;
- BIR Certificate of Registration;
- receipts or invoices issued under the business;
- submitted application forms;
- IDs used in the application;
- authorization letters;
- Special Power of Attorney;
- lease contract;
- proof of property ownership;
- tax declaration;
- proof that victim never signed documents;
- specimen signatures;
- travel records or proof of absence;
- messages from suspect;
- CCTV, if available;
- emails or portal logs;
- screenshots of online business pages;
- customer complaints;
- demand letters;
- BIR notices;
- LGU assessments;
- affidavits of witnesses;
- police blotter;
- notarized affidavit of denial;
- proof of lost ID, if relevant;
- proof of actual owner or operator.
The victim should request documents formally and keep proof of requests.
X. Affidavit of Denial
An affidavit of denial is often useful. It may state that the victim:
- did not apply for the business permit;
- did not authorize any person to apply;
- did not sign the application;
- did not operate the business;
- did not lease or allow use of the address;
- did not submit the documents;
- did not receive income from the business;
- did not authorize BIR registration;
- first discovered the issue on a specific date;
- requests cancellation, correction, and investigation.
The affidavit should be truthful and supported by attachments.
XI. Sample Affidavit of Denial
Affidavit of Denial
I, [Name], of legal age, Filipino, and residing at [address], after being duly sworn, state:
I recently discovered that a business known as [business name], allegedly located at [address], was registered or permitted under my name or using my personal information.
I did not apply for, sign, authorize, consent to, or participate in the registration or permitting of said business.
I did not authorize any person to use my name, signature, government-issued identification, Tax Identification Number, address, property documents, lease documents, or other personal information for said business.
I do not own, operate, manage, control, or benefit from the said business.
Any application, authorization letter, signature, identification document, lease document, or representation suggesting that I authorized said business is unauthorized and, if bearing my alleged signature, false or forged.
I request the concerned offices to furnish me copies of the documents submitted, investigate the unauthorized use of my identity, suspend or cancel the questioned registration or permit if warranted, and correct all records reflecting me as owner, operator, lessor, representative, or responsible person.
I execute this affidavit to attest to the truth and to support my requests before the barangay, local government, DTI, SEC, BIR, law enforcement, and other appropriate offices.
[Signature]
[Date]
XII. Complaint to the Local Government Unit
If the identity theft involves a mayor’s permit or business permit, the victim should submit a written complaint to the city or municipal Business Permits and Licensing Office.
The complaint should request:
- verification of permit records;
- copies of application documents;
- identification of applicant or authorized representative;
- inspection of the business location;
- suspension of permit if fraud is evident;
- cancellation or correction of records;
- notation that the victim denies ownership or authorization;
- investigation of false statements;
- referral to legal office if necessary.
The LGU may require an affidavit, IDs, proof of address, police report, or proof of ownership.
XIII. Complaint to the Barangay
If a barangay business clearance was issued using the victim’s identity or address, the victim may complain to the barangay.
The barangay may:
- verify who applied for clearance;
- produce copies of submitted documents;
- summon the applicant or operator;
- inspect the location;
- issue certification of non-residence or non-operation, where appropriate;
- correct or revoke records depending on barangay rules;
- assist in mediation if the wrongdoer is known;
- issue a blotter entry;
- refer the matter to police or LGU.
Barangay records can be important because LGU business permits often rely on barangay clearance.
XIV. DTI Issues for Sole Proprietorships
If a business name was registered with DTI under the victim’s name, the victim should seek verification and cancellation or correction.
Important questions include:
- Who registered the business name?
- Was registration done online or in person?
- What ID or information was used?
- What email or phone number is linked?
- What business address was declared?
- Was the victim’s TIN used?
- Was the certificate later used for LGU or BIR registration?
A DTI business name registration does not by itself prove actual operation, but it may be used to support permits and tax registration. Therefore, fraudulent DTI registration should be addressed promptly.
XV. SEC Issues for Corporations and Partnerships
If the victim is listed in SEC records without consent, the problem may involve incorporation, partnership, stock ownership, directorship, officer position, beneficial ownership, or corporate authority.
The victim should obtain:
- Articles of Incorporation or Partnership;
- bylaws;
- General Information Sheet;
- board resolutions;
- secretary’s certificates;
- subscription documents;
- incorporator information;
- beneficial ownership declarations;
- notarized documents;
- IDs submitted;
- electronic filing account details, if available.
If the victim’s signature was forged, the victim may request correction, file complaints, and consider criminal or civil remedies. Corporate records can create serious exposure because directors and officers may be associated with taxes, labor claims, regulatory violations, and fraud.
XVI. BIR Tax Risks
Unauthorized business registration with the BIR is especially serious. Once a business is registered, tax obligations may arise, including filing returns, maintaining books, issuing receipts or invoices, and paying taxes.
Risks include:
- open cases for unfiled returns;
- penalties for non-filing;
- tax assessments;
- alleged sales or income attributed to the victim;
- unauthorized official receipts or invoices;
- VAT or percentage tax issues;
- withholding tax issues;
- compromise penalties;
- difficulty closing the registration;
- future tax clearance problems.
The victim should notify the BIR in writing, submit an affidavit of denial, request investigation, and ask how to suspend, close, or correct the registration. If the BIR record remains open, penalties may continue accumulating.
XVII. Unauthorized Receipts or Invoices
A fraudulent business may issue receipts or invoices under the victim’s name, TIN, or business registration. This can create serious tax and fraud issues.
The victim should ask:
- Were receipts or invoices authorized by BIR?
- Who printed or generated them?
- What serial numbers were used?
- Were they manual, loose-leaf, or electronic?
- Who used them?
- Were sales reported?
- Were customers given documents under the victim’s name?
- Did any supplier claim input tax or expense based on them?
If receipts or invoices were used without authority, the victim should report the matter to the BIR and preserve sample copies.
XVIII. Use of Address Without Consent
Some identity theft cases involve use of a person’s home or property address as a business location. This can cause inspections, tax bills, complaints, zoning problems, delivery issues, or legal notices.
The property owner should gather:
- title or lease documents;
- proof of residence;
- photos showing no such business operates there;
- barangay certification;
- neighbors’ affidavits;
- utility bills;
- complaint letter to LGU;
- demand to stop using the address.
If the wrongdoer is a tenant, the lease should be reviewed. Unauthorized business use may violate the lease, zoning, or building rules.
XIX. Landlord and Tenant Problems
A tenant may apply for business permits using the premises. This is normal if the lease allows business use and the tenant uses their own identity. Problems arise when the tenant uses the landlord’s name, title, tax declaration, authorization, or signature without consent.
The landlord should check:
- Was a lease contract submitted?
- Was a consent-to-use-premises submitted?
- Was the landlord’s signature forged?
- Was the business permitted under the landlord’s name or tenant’s name?
- Was the declared business activity allowed under the lease?
- Did the tenant misrepresent zoning or occupancy?
- Are taxes or violations being charged to the landlord?
The landlord may seek cancellation or correction of the permit and may pursue lease remedies.
XX. Identity Theft by Relatives or Business Partners
Sometimes identity theft occurs within families or informal partnerships. A relative may register a sari-sari store, online business, lending operation, transport business, or food business under another relative’s name.
The wrongdoer may say:
- “I only borrowed your name.”
- “You knew about it.”
- “It was for the family.”
- “You allowed me before.”
- “You benefited from it.”
- “The permit was only a formality.”
Consent becomes the main issue. If the victim did not knowingly and voluntarily authorize the use, the victim should clearly revoke any alleged authority and document the denial.
Family relationship does not legalize forged signatures or unauthorized use of identity.
XXI. Identity Theft by Fixers
Some people hire fixers to process permits. A fixer may use another person’s identity, submit fake authorizations, or mix up records. The applicant, fixer, and business operator may all become involved depending on knowledge and participation.
A person who uses a fixer remains responsible for ensuring truthful documents. “The fixer did it” may not fully excuse a business operator if the operator benefited from the false permit or ignored suspicious documents.
XXII. Digital Registration and Online Portals
Many registrations may be processed online. This creates additional issues:
- unauthorized email accounts;
- fake phone numbers;
- OTP misuse;
- uploaded IDs;
- forged e-signatures;
- online payment trails;
- IP logs;
- platform audit logs;
- digital certificates;
- account recovery information;
- electronic forms;
- scanned documents.
The victim should request preservation of logs and records where possible. Digital evidence may help identify who submitted the fraudulent application.
XXIII. Data Privacy Issues
Business permit identity theft usually involves personal information. Unauthorized use of names, addresses, IDs, TINs, signatures, phone numbers, emails, and documents may violate data privacy rights.
A victim may consider a data privacy complaint when:
- personal data was obtained without consent;
- IDs were copied or shared unlawfully;
- government or private offices failed to protect records;
- a business displayed or used personal data publicly;
- identity documents were processed without lawful basis;
- personal information was used to open accounts, permits, or tax records;
- the wrongdoer continues to use the victim’s data after notice.
Data privacy remedies may include complaint, investigation, correction, blocking, erasure where appropriate, and damages depending on the case.
XXIV. Criminal Complaint Considerations
A criminal complaint may be considered if there is evidence of forgery, identity theft, fraud, use of falsified documents, or related offenses.
A complaint should include:
- affidavit of the victim;
- copies of fraudulent permits or registrations;
- copies of forged documents;
- specimen signatures;
- proof of lack of authority;
- government office certifications;
- witness affidavits;
- digital evidence;
- proof of damage;
- identity of suspected wrongdoer, if known;
- explanation of how the documents were discovered.
If the wrongdoer is unknown, the complaint may initially focus on investigation. If a specific person is named, there should be evidence connecting them to the fraudulent act.
XXV. Civil Remedies
The victim may also pursue civil remedies, depending on the harm.
Possible civil actions or claims include:
- damages for unauthorized use of identity;
- injunction to stop use of name or address;
- cancellation or correction of documents;
- declaration of non-liability;
- recovery of losses;
- reimbursement of penalties caused by fraud;
- indemnity from the wrongdoer;
- accounting of business income obtained using the victim’s identity;
- removal of signage or business records;
- correction of public records;
- breach of lease or contract;
- unfair competition-related claims in business contexts.
Civil remedies are especially important when the victim suffered financial loss, reputation damage, or tax exposure.
XXVI. Administrative Remedies
Administrative remedies may be pursued before the office that issued or maintains the record.
Possible offices include:
- Barangay;
- city or municipal Business Permits and Licensing Office;
- city or municipal treasurer;
- zoning office;
- Office of the Building Official;
- fire safety office;
- health or sanitation office;
- DTI;
- SEC;
- BIR;
- professional regulatory bodies;
- industry-specific regulators;
- National Privacy Commission for personal data issues.
Administrative relief may be faster than court action for cancellation, correction, or suspension of permit records.
XXVII. Correcting LGU Records
To correct LGU records, the victim may need to submit:
- written complaint;
- affidavit of denial;
- valid IDs;
- proof of address or property ownership;
- copy of fraudulent permit;
- police report or blotter;
- proof that the business does not operate at the declared address;
- proof of forgery or lack of consent;
- request for cancellation, suspension, or annotation.
The LGU may require due process before cancellation, especially if a permit holder or business operator is identified. The victim should ask for written confirmation of any action taken.
XXVIII. Closing or Cancelling BIR Registration
Closing a BIR business registration can be technical. If the registration was fraudulent, the victim should not simply ignore it. Open tax cases can accumulate.
The victim should request guidance on:
- cancellation of fraudulent registration;
- closure of open cases;
- investigation of unauthorized registration;
- invalidation of unauthorized receipts or invoices;
- correction of taxpayer records;
- tax clearance issues;
- documentary requirements;
- protection from assessments caused by the fraudulent business.
A written record is crucial. Verbal assurances are not enough.
XXIX. Protecting Against Tax Liability
A victim should build a file showing they did not operate or benefit from the business.
Evidence may include:
- employment records showing no involvement;
- proof of different residence or workplace;
- bank statements showing no business income;
- affidavits from neighbors that no business operated at the address;
- proof that signature was forged;
- no lease or consent;
- messages denying involvement;
- police report;
- complaints filed promptly;
- BIR and LGU correspondence.
The goal is to rebut any assumption that the victim earned income or ran the business.
XXX. Business Name Similarity Versus Identity Theft
A business may have a name similar to a person’s name or another business. This is not always identity theft. The issue becomes identity theft when the person’s identity, documents, consent, signature, TIN, or personal details are used without authority.
Example:
- “Maria’s Store” owned by another Maria may not be identity theft.
- A store registered under Maria Santos using her TIN and ID without consent may be identity theft.
Confusion over business names may involve trade name, trademark, unfair competition, or consumer confusion issues, but those are separate from identity theft.
XXXI. Business Permit Used in Scams
If a fraudulent permit is used to scam customers, the victim should act urgently. The public may believe the victim is the business owner.
Steps may include:
- Preserve scam posts, pages, and advertisements.
- Report fake pages to platforms.
- File police or cybercrime report.
- Notify LGU, DTI, SEC, and BIR.
- Issue a carefully worded public notice denying connection, if necessary.
- Avoid naming suspects without evidence.
- Inform complainants where to send evidence.
- Monitor use of the victim’s name, address, and TIN.
A public notice should be factual and should avoid defamatory counter-accusations.
XXXII. Sample Public Notice
Public Notice
This is to inform the public that I, [Name], am not connected with, do not own, do not operate, and did not authorize any business using the name [business name] or operating at [address], if such business is being represented as mine.
I have not authorized the use of my name, signature, identification documents, Tax Identification Number, address, or personal information for said business. The matter has been reported or is being reported to the appropriate authorities.
Any person who has documents, receipts, invoices, messages, or transactions involving the said business may preserve them and submit them to the proper authorities.
This notice is issued to prevent further unauthorized use of my identity and should not be taken as a waiver of any legal rights or remedies.
XXXIII. If the Victim Actually Signed Something
Some cases are complicated because the victim signed a document without understanding it. The wrongdoer may have asked the victim to sign a “simple authorization,” “permit assistance,” “business name reservation,” “loan requirement,” or blank form.
The victim should determine:
- What exactly was signed?
- Was it blank when signed?
- Was the purpose misrepresented?
- Was the victim pressured or deceived?
- Was the document later altered?
- Was the authorization limited or broad?
- Did the victim receive benefits?
- Did the victim later revoke consent?
- Did the wrongdoer exceed authority?
If there was limited consent that was abused, the case may involve fraud, breach of authority, or falsification depending on the facts.
XXXIV. Unauthorized Corporate Directorship or Partnership
Being named as a director, officer, partner, or incorporator can create serious implications.
A victim may be exposed to:
- regulatory notices;
- tax issues;
- labor claims;
- creditor inquiries;
- subpoenas;
- beneficial ownership reporting issues;
- bank compliance checks;
- reputational harm.
The victim should request copies of the corporate documents, deny unauthorized participation, and seek correction or removal from records. If signatures were forged in SEC filings or notarized documents, the matter may require criminal and administrative action.
XXXV. Business Permit Identity Theft and Employment
Sometimes employees discover that their employer used their name to register a branch, outlet, franchise, or side business. This may be done to avoid tax, hide true ownership, or comply with local requirements.
The employee should be cautious. If the employee allowed use of their name, they may face complications. If the use was unauthorized, the employee should document the lack of consent and request correction.
Employment dependence can make the situation coercive. A worker should not be forced to become a dummy business owner as a condition of employment.
XXXVI. Business Permit Identity Theft and Lending Apps
Some fraudulent operators may register lending or online businesses using another person’s identity. This can expose the victim to borrower complaints, regulatory issues, and harassment claims.
The victim should check whether the business is registered as:
- lending company;
- financing company;
- sole proprietorship;
- online seller;
- payment processor;
- collection agency;
- marketing business;
- consultancy;
- remittance or payment service;
- other regulated activity.
If a regulated activity is involved, complaints to the appropriate regulator may be necessary.
XXXVII. Use of Professional License
Some businesses require professional licenses, such as clinics, pharmacies, engineering firms, architectural services, schools, training centers, or technical services. Unauthorized use of a professional’s name or license may expose the professional to disciplinary and regulatory risks.
The professional should immediately notify:
- the relevant professional regulatory body;
- LGU business permit office;
- BIR, if tax registration is affected;
- employer or professional association, if necessary;
- law enforcement, if forgery occurred.
Professional licenses should not be lent casually. Nominee use can create ethical and legal exposure.
XXXVIII. Identity Theft Involving Deceased Persons
If a deceased person’s identity is used for business permits, heirs may need to act.
Issues include:
- forged post-death signatures;
- business continuing under deceased person’s name;
- tax obligations of estate;
- unauthorized use of estate property;
- heirs’ liability concerns;
- fraudulent renewals;
- false notarization;
- use of deceased person’s TIN.
Heirs should notify the LGU, BIR, DTI or SEC, and other agencies of the death and request correction or closure as appropriate.
XXXIX. Role of Notarization
Many business permit supporting documents are notarized or supported by notarized papers. A notarized document is presumed regular, but it can be challenged if the signature is forged, the person did not appear before the notary, the ID was fake, or the notarial register does not support the document.
The victim may:
- request a copy of the notarized document;
- check the notarial details;
- verify the notary’s commission;
- request an excerpt from the notarial register if available;
- file a complaint against the notary if misconduct occurred;
- use the irregular notarization as evidence of fraud.
False notarization is serious because notarization converts a private document into one with public character.
XL. Police Blotter and Police Report
A police blotter can help document the discovery of identity theft. It is not the same as a full criminal case, but it creates an official record.
A victim should bring:
- valid ID;
- copies of fraudulent permits or notices;
- affidavit or written narrative;
- proof of lack of consent;
- screenshots or messages;
- suspected person’s details, if known.
For online or digital identity theft, referral to cybercrime authorities may be appropriate.
XLI. Cybercrime and Digital Evidence
If the fraudulent registration was done online or connected to online scams, digital evidence becomes important.
Preserve:
- emails;
- SMS and OTP messages;
- screenshots of online forms;
- portal confirmation emails;
- account usernames;
- IP-related information if available;
- digital receipts;
- payment confirmations;
- website pages;
- social media pages;
- chat messages;
- online advertisements;
- customer complaints.
Do not hack accounts or attempt illegal access to prove identity theft. Use lawful preservation and reporting channels.
XLII. Demand Letter to Wrongdoer
If the wrongdoer is known, a demand letter may be sent.
It may demand:
- immediate cessation of use of victim’s identity;
- cancellation or correction of business permits;
- surrender of documents;
- cessation of operations under victim’s name;
- indemnity for taxes, penalties, and damages;
- accounting of transactions;
- public clarification, if necessary;
- reimbursement of expenses;
- undertaking not to repeat the act.
The letter should be careful and evidence-based.
XLIII. Sample Demand Letter to Wrongdoer
Subject: Demand to Cease Unauthorized Use of Identity for Business Registration
Dear [Name]:
It has come to my attention that my name, personal information, signature, address, Tax Identification Number, or identity documents were used in connection with the registration or operation of [business name] without my consent or authority.
I did not authorize you or any person to register, operate, represent, or transact using my identity. I demand that you immediately cease using my name and personal information, stop representing that I own or operate the business, and take all necessary steps to cancel or correct the records with the barangay, local government, DTI, SEC, BIR, and other offices where my identity was used.
I further demand that you provide copies of all documents submitted, identify all persons involved, account for all transactions made under my name, and indemnify me for any taxes, penalties, claims, costs, or damages arising from the unauthorized use of my identity.
This demand is made without prejudice to criminal, civil, administrative, tax, and data privacy remedies.
Sincerely,
[Name]
XLIV. Letter to LGU Requesting Cancellation or Correction
Subject: Request for Investigation, Cancellation, or Correction of Business Permit Issued Using My Identity
Dear [Business Permits and Licensing Office]:
I respectfully request investigation and appropriate action regarding a business permit issued for [business name] located at [address], which appears to use my name, address, signature, Tax Identification Number, or personal information without my consent.
I did not apply for, authorize, sign, or participate in the business permit application. I do not own, operate, manage, or benefit from the said business. I request copies of all documents submitted in support of the application, including application forms, IDs, authorizations, lease documents, barangay clearance, and other supporting papers.
I further request that the permit be suspended, cancelled, corrected, or annotated as appropriate after verification, and that my name be removed from records where it was fraudulently or mistakenly included.
Attached are my affidavit of denial, valid identification, and supporting documents.
Respectfully,
[Name]
XLV. Letter to BIR
Subject: Request for Investigation and Correction of Unauthorized Business Registration
Dear [Revenue District Office]:
I respectfully request investigation and correction of records concerning a business registration under [business name/TIN/details], which appears to have been registered using my name, Tax Identification Number, signature, or personal information without my authority.
I did not apply for or authorize the registration of the said business. I do not own, operate, manage, or receive income from it. I request copies or verification of the registration documents, submitted identification, authority to print or issue receipts/invoices, open cases, tax filings, and other records connected with the business.
I request that the unauthorized registration be investigated, suspended, closed, cancelled, or corrected as appropriate, and that I not be treated as liable for tax obligations arising from a business I did not own or operate.
Attached are my affidavit of denial, identification documents, and supporting evidence.
Respectfully,
[Name]
XLVI. Preventive Measures
To reduce the risk of business permit identity theft:
- Do not lend IDs casually.
- Do not sign blank forms.
- watermark ID copies with purpose and date.
- keep copies of authorizations issued.
- limit authorization letters to specific transactions.
- revoke authorizations in writing when no longer needed.
- secure TIN and tax records.
- monitor DTI, SEC, LGU, and BIR records where feasible.
- report lost IDs promptly.
- avoid sharing ID photos through unsecured channels.
- verify business registrations involving your address.
- review lease agreements carefully.
- require tenants to register businesses under their own names.
- keep property documents secure.
- check suspicious mail, notices, or tax letters immediately.
A simple signed ID photocopy can be misused if left unrestricted.
XLVII. What Businesses and Permit Offices Should Do
Government offices and businesses should also guard against identity theft.
Good practices include:
- verifying IDs carefully;
- requiring personal appearance or secure digital verification;
- validating authorization letters;
- checking notarized documents;
- confirming property owner consent;
- retaining application records;
- allowing complaint mechanisms;
- promptly investigating identity theft claims;
- coordinating among barangay, LGU, DTI, SEC, and BIR;
- flagging disputed permits;
- protecting personal data;
- avoiding unnecessary collection of excessive personal information.
Weak verification systems make identity theft easier.
XLVIII. Defenses of the Alleged Wrongdoer
A person accused of business permit identity theft may raise defenses such as:
- The victim gave consent;
- the victim signed the authorization;
- the victim benefited from the business;
- the registration was made by mistake;
- the accused did not submit the documents;
- a fixer or third party caused the problem;
- the accused relied on documents believed to be genuine;
- the alleged forged signature is genuine;
- the victim is actually a business partner;
- there is no damage;
- the matter is civil, not criminal;
- the complaint is motivated by a business dispute.
These defenses depend on evidence. Written consent, financial records, communications, and witness testimony may be decisive.
XLIX. Victim’s Response to Common Defenses
“You allowed me to use your name.”
Ask for written authorization and proof of informed consent.
“You signed the papers.”
Demand copies and compare signatures. If forged, execute an affidavit and consider handwriting or document examination.
“It was just for permit purposes.”
Using another person’s identity for official permits without authority is not harmless.
“You did not complain before.”
Explain when the fraud was discovered and show prompt action after discovery.
“The business made no money.”
Tax, legal, and reputational exposure may exist even without profit.
“The fixer did it.”
Identify who benefited from and submitted the fraudulent registration.
“It is only an address issue.”
Unauthorized use of address can still create permit, zoning, tax, and liability problems.
L. Special Issue: Victim’s Name on Receipts, Contracts, or Online Store
If the victim’s name appears on contracts, receipts, invoices, social media pages, e-commerce stores, or delivery accounts, the victim should preserve those records and notify relevant parties.
The victim may request:
- account takedown;
- correction of seller identity;
- refund handling by the true operator;
- platform investigation;
- removal of personal data;
- preservation of transaction logs;
- disclosure through lawful process where needed.
Platforms may have their own reporting systems for impersonation, fraud, or unauthorized business identity.
LI. Special Issue: Business Permit Used to Open Bank Account
If a fraudulent business registration was used to open a bank account, the victim should notify the bank’s fraud department and compliance unit.
The victim may need to provide:
- affidavit of denial;
- police report;
- copy of fraudulent business documents;
- proof of identity;
- specimen signature;
- request to freeze or investigate the account, subject to bank rules and legal process.
Bank secrecy and privacy rules may limit what the bank can disclose, but a fraud report can protect the victim.
LII. Special Issue: E-Wallets and Payment Accounts
Fraudulent businesses may use payment gateways, QR codes, e-wallets, or merchant accounts under the victim’s name.
The victim should report to the payment provider and request:
- account investigation;
- preservation of records;
- removal of victim’s identity;
- blocking of fraudulent merchant account;
- transaction logs through lawful process;
- protection from chargebacks or complaints.
Digital payment evidence can help trace the actual operator.
LIII. Special Issue: Franchises and Food Businesses
Food stalls, online food sellers, and small franchises often require permits. Identity theft in these businesses may create sanitation, health, tax, and customer complaint issues.
The victim should check:
- sanitary permit;
- health certificates;
- fire safety inspection certificate;
- zoning clearance;
- lease or stall contract;
- franchise agreement;
- supplier accounts;
- food delivery app accounts.
If food safety complaints arise, the victim may be wrongly blamed unless the record is corrected.
LIV. Special Issue: Construction and Contractor Permits
A person’s identity may be used to obtain contractor accreditation, building permits, occupancy permits, or construction-related business permits.
Risks include:
- liability for defective work;
- unpaid workers or suppliers;
- tax issues;
- professional license misuse;
- building code violations;
- lawsuits from clients.
Victims should report to the LGU, relevant professional boards, and industry regulators where appropriate.
LV. Special Issue: Closure of Fraudulent Business
If a fraudulent business permit remains active, it may continue generating taxes and penalties. The victim should push for closure, cancellation, or annotation.
A closure file may require:
- affidavit of denial;
- complaint letter;
- certification from barangay;
- inspection report showing no business;
- police report;
- return or cancellation of permit, if available;
- BIR closure documents;
- surrender or invalidation of receipts/invoices;
- proof that victim did not operate.
If the true operator is known, they should be made responsible for proper closure.
LVI. Special Issue: Business Permit Renewal
Some identity theft cases continue through annual renewal. A permit may be renewed repeatedly using prior records. The victim should ask the LGU to flag the account so no renewal occurs without investigation.
The victim may request:
- hold on renewal;
- requirement of personal appearance;
- notation of disputed ownership;
- inspection of premises;
- referral to legal office;
- written confirmation of action taken.
LVII. Special Issue: False Business at Victim’s Home
If a business is registered at the victim’s residence but no business operates there, the victim should obtain:
- barangay certification;
- photos of residence;
- affidavits from neighbors;
- utility bills;
- lease or title documents;
- LGU inspection report;
- written denial.
This evidence can help cancel the business location record and protect against inspections or complaints.
LVIII. Special Issue: Multiple Agencies Must Be Notified
Because business registration is layered, correcting one record may not correct all records.
For example:
- Cancelling a barangay clearance does not automatically cancel the mayor’s permit.
- Cancelling the mayor’s permit does not automatically close BIR registration.
- Cancelling DTI business name does not automatically close tax open cases.
- Correcting SEC records may not erase LGU permits.
- Filing a police report does not automatically cancel permits.
The victim should track each agency separately.
LIX. Practical Checklist for Victims
A victim of business permit identity theft should:
- Identify the business name, address, permit number, and issuing offices.
- Secure copies of the questioned records.
- Determine whether DTI, SEC, LGU, barangay, and BIR records are involved.
- Execute an affidavit of denial.
- File written complaints with the issuing offices.
- Request cancellation, correction, closure, or annotation.
- File police or cybercrime report if forgery or digital fraud is involved.
- Notify BIR immediately if tax registration is involved.
- Preserve all notices, screenshots, permits, and correspondence.
- Ask for certified copies of documents allegedly signed by the victim.
- Check whether receipts, invoices, bank accounts, or e-wallets were issued.
- Notify platforms, banks, or payment providers if accounts were opened.
- Avoid paying liabilities without legal advice if the business is not yours.
- Avoid public accusations unless supported by evidence.
- Consult a lawyer for tax assessments, criminal complaints, or civil damages.
LX. Practical Checklist for LGU or Agency Complaints
A complaint packet may include:
- cover letter;
- affidavit of denial;
- valid ID of victim;
- proof of address or property ownership;
- copy of questioned business permit or record;
- proof of non-authorization;
- police blotter or report;
- copy of lost ID report, if relevant;
- specimen signatures;
- screenshots or customer complaints;
- request for certified copies;
- request for cancellation, correction, or annotation;
- contact information for follow-up.
The victim should receive and keep a stamped receiving copy of every submission.
LXI. Practical Checklist for Preventing Misuse of IDs
When submitting ID copies:
- Write “For [specific purpose] only” across the copy.
- Add the date.
- Add the recipient office or company.
- Do not send high-resolution ID copies unnecessarily.
- Do not send selfies with IDs unless necessary and trusted.
- Avoid signing blank documents.
- Keep a record of where IDs were submitted.
- Report lost IDs.
- revoke unused authorizations.
- keep TIN and tax documents private.
Identity theft often begins with a casual ID photocopy.
LXII. Common Misconceptions
“It is only a business permit, so it is not serious.”
Incorrect. A business permit may create tax, civil, regulatory, and reputational consequences.
“If I did not operate the business, I can ignore it.”
Dangerous. Records may remain active and penalties may accumulate.
“Cancelling the mayor’s permit fixes everything.”
Not necessarily. BIR, DTI, SEC, barangay, and other records may also need correction.
“A relative can use my name without formal consent.”
Incorrect. Family relationship does not replace legal authority.
“The business made no profit, so there is no problem.”
Even inactive or non-profitable businesses may have filing obligations or penalties.
“The LGU approved it, so it must be valid.”
Approval based on false documents can still be challenged.
“The wrongdoer used my address only, not my name.”
Unauthorized address use can still cause inspections, notices, zoning issues, and liability confusion.
“A police blotter automatically cancels the permit.”
No. A blotter is evidence, but cancellation or correction must be pursued with the issuing office.
“I should just pay the penalties to close it quickly.”
Payment may be interpreted as acknowledgment in some contexts. Get advice before paying disputed liabilities.
LXIII. Key Legal Principles
The key principles are:
- Business registration must reflect the real applicant, owner, operator, address, and authority.
- Unauthorized use of another person’s identity can create criminal, civil, administrative, tax, and data privacy issues.
- Forged signatures and false documents should be challenged immediately.
- A victim must address each affected agency separately.
- BIR registration creates special risks because open cases and penalties may accumulate.
- A mayor’s permit or barangay clearance obtained through false information may be suspended, cancelled, corrected, or investigated.
- A DTI or SEC record may require separate correction or cancellation.
- Unauthorized use of a property address should be reported to the barangay and LGU.
- Prompt written denial helps protect the victim from implied consent or later liability.
- Evidence should be preserved before records disappear or accounts are closed.
- Public accusations should be avoided unless facts are verified.
- The wrongdoer may be liable for damages, fraud, falsification, identity theft, tax consequences, and administrative violations depending on the facts.
LXIV. Conclusion
Business permit identity theft in the Philippines is a serious problem because it turns a person’s name, identity, address, TIN, signature, or property into a tool for unauthorized business activity. It may begin with a forged authorization, a copied ID, a fake lease, a fraudulent online registration, or a permit application processed by a fixer. But the consequences can extend to tax assessments, customer complaints, government notices, criminal investigations, and reputational damage.
A victim should not ignore the issue. The proper response is to verify the records, obtain copies of the documents submitted, execute an affidavit of denial, notify the barangay, LGU, DTI, SEC, BIR, and other affected offices, and pursue cancellation, correction, closure, or investigation. If forgery, fraud, cyber identity theft, or data misuse is involved, criminal, civil, administrative, and data privacy remedies may be available.
The guiding rule is simple: no person should be made the owner, operator, taxpayer, lessor, representative, officer, or permit holder of a business without knowing and voluntary consent. Where a business exists only because someone’s identity was misused, the law provides ways to challenge the record, protect the victim, and hold the responsible persons accountable.