How States Really Select Businesses for Sales Tax Audits 

Sales tax audits are increasing, and for many businesses, this trend may feel sudden and aggressive. You aren’t entirely wrong. State governments are facing budget pressures, shrinking federal aid, and rising public spending commitments. As a result, they are relying more heavily on sales tax compliance as a fast and stable source of revenue. At the same time, the rapid expansion of the digital marketplace and the adoption of economic nexus rules have significantly extended state authority.  

With this increase in authority, states are becoming more strategic in deciding which businesses to audit. While there are numerous factors that go into this determination process, there are some common triggers to be aware of. The size and nature of your operations, having a business footprint across multiple states, and a prior audit history can put you squarely in the crosshairs of state auditors. In addition, many auditors are interpreting nexus more broadly, linking even minimal or indirect activity to tax obligations that did not exist only a few years ago. 

This audit landscape requires preparation in order to feel like you aren’t always on the defensive. 

But, if you are still confused about how states really select businesses for sales tax audits, this article has got you covered. The process is guided by specific risk indicators that can immediately draw attention to a company. Understanding how these issues can bring about a sales tax audit is the first step towards reducing your exposure and preparing your business for the realities of modern sales tax enforcement. 

The Most Common Audit Triggers 

One of the strongest forces driving today’s surge in sales tax audits is the expansion of the digital marketplace. As more transactions move online, states are using digital activity to identify potential nexus connections that were not visible a decade ago. Economic nexus opened the door even wider. States now have more data and reasons to question when a business first created nexus, whether registration was timely, and why any delays occurred. 

Many states are also challenging a company’s assertion that economic nexus was the first moment it became taxable. Texas has treated the download of software as a physical presence for nexus purposes. New York has continued to pursue click-through nexus arguments. California has used Amazon FBA inventory data to find inventory stored in the state without the seller’s knowledge. These examples demonstrate why businesses need to understand and monitor all potential touchpoints. If you want a clear overview of how different states address these issues, refer to our remote seller nexus chart. 

Below are the most common triggers that place a business on a state’s audit list. 

• Rapid Sales Growth: Significant year-over-year growth attracts attention because it signals potential growth into new markets or states. This also introduces the risk that a business created nexus earlier than it realized or began collecting tax later than required. 

• High Exempt Sales: A large volume of exempt transactions, particularly in an industry where this isn’t common, often raises questions about documentation and exemption certificate management. If certificates are incomplete, inconsistent, or missing, an audit is more likely. 

• Direct Payment Permits & Special Tax Registrations: Businesses that hold direct pay permits or other special registrations naturally draw more scrutiny. These arrangements shift responsibility for tax calculation and remittance to the taxpayer, so states frequently audit these businesses to verify compliance. 

• Businesses Operating in Newly Taxable Areas: When states expand the definition of what is taxable, they often audit businesses in the newly added categories. These audits help states enforce the new rules and confirm that companies are adjusting their processes correctly. 

How States Use Data to Identify Audit Targets 

States rely on a growing network of data sources to spot risk and select audit targets. Just as an x-ray reveals what’s happening inside the body, data lets an auditor see beneath the surface of a company’s records. It exposes the internal structure—sales and use tax returns, marketplace facilitator reports, and registration records—and highlights fractures. 

Similar to how it’s important to have regular check ups with your doctor, you should check in on the health of your businesses’ data to ensure you have strong controls in place. Data analytics are an important component to diagnosing the health of your businesses’ health processes. Sales activity with no corresponding use tax, exemption levels that fall outside of normal ranges, or filing patterns that don’t match actual operations are all indicators of weak controls. Even outside “vital signs” like marketplace data or industry benchmarks can contribute to a more complete picture. Together, this information can identify where your data may be showing signs of risks before those issues turn into costly liabilities.  

Cross-State Data Sharing 

Another common audit trigger is information from other states. States routinely share indicators that suggest broader exposure, which may stem from marketplace facilitator data, fulfillment center locations, or inconsistencies between a business’s footprint and its registration history. 

The Streamlined Sales Tax (SST) Program assists in the coordination of the audits of sellers that are using Certified Service Providers (CSPs). Although SST itself does not conduct audits and SST only provides each state with its own data, it helps synchronize audit timing for CSP‑compensated sellers. Individual states still decide whom to audit and work directly with the CSP during the process, giving them a more efficient pathway to trace business activities across borders. Craig Johnson, Executive Director of the Streamlined Sales Tax Governing Board has indicated that “Streamline’s goal is to make the administration of sales tax simpler and more uniform to improve voluntary compliance and actually reduce the need for states to conduct audits of sellers, particularly for those that are using CSPs.”  

For taxpayers, these collaborative frameworks mean that once one state spots an issue, others may quickly follow. The same exposure window can draw attention from multiple jurisdictions, making cross‑state visibility and proactive data governance essential components of modern audit readiness. 

Lowering Your Audit Risk Through Discipline and Education 

While there is no sure fire way to avoid an audit, there are things you can do to lower your risk. Here are three steps you can take to proactively protect your business. 

1. Map your nexus footprint. Track economic and physical presence across all channels. Include marketplace activity, remote employees, contractors, trade shows, service visits, and inventory locations such as FBA and third-party warehouses. 

1. Tighten data reconciliation. Reconcile sales, tax collected and remitted, shipping, and exemption data to filed returns each filing cycle. Investigate variances quickly. Confirm that credit and refund procedures are complete and that adjustments appear on the correct return. 

1. Prepare for questionnaires and fieldwork. Create a playbook for business activity questions, nexus surveys, and audit lead generation tools. Assign owners, set timelines, and keep a single source of truth for responses and support. 

For step-by-step guidance once you receive a notice, use our article titled You have been notified of a sales tax audit. Now what? It walks through immediate actions, communication plans, and document readiness so you move forward with control and confidence.