⚠ IRS Form W-12 Line 11 requires PTIN holders to certify they have a WISP — under penalty of perjury
FTC Safeguards Rule Documentation

We help tax & accounting professionals organize their required FTC Safeguards documentation

The FTC Safeguards Rule requires PTIN holders to have a Written Information Security Plan on file. We walk you through a simple questionnaire and prepare your custom WISP document — delivered in 48 hours, no calls required.

Get My WISP — $497 See How It Works
📋
Based on IRS Publication 4557 & FTC Requirements
Delivered in 48 Hours
🔒
100% Remote — No Zoom Calls
✉️
Includes Loom Video Walkthrough

The FTC Safeguards Rule applies if you handle consumer financial data

If your business touches client financial information, federal law generally requires a documented security program — regardless of your size.

🧾

Tax Preparers & Enrolled Agents

H&R Block franchises, independent preparers, and enrolled agents are among the most directly affected by the Safeguards Rule and IRS WISP requirements.

📊

Accountants & CPAs

Small accounting firms that access client financial records and tax data are required to have a documented security program in place.

🏡

Mortgage Brokers

Independent brokers and small lending offices that handle loan applications and financial records fall under the Safeguards Rule.

🚗

Auto Dealers

Any dealership that arranges financing or holds customer credit applications may be subject to FTC requirements.

💰

Financial Advisors

Independent planners and small RIAs not separately covered by SEC/FINRA requirements.

🏦

Payday / Loan Shops

Check cashers, payday lenders, and consumer installment lenders of all sizes handling consumer financial data.

$50,120
Per Violation — FTC Maximum Fine

The cost of missing documentation isn't theoretical

The FTC can impose fines of up to $50,120 per violation — and every missing safeguard may count as a separate violation. IRS Form W-12 Line 11 requires PTIN holders to certify they have a WISP in place, under penalty of perjury.

There's another risk most preparers don't think about: cyber insurance claims. Some insurers have denied breach claims outright because the business had no Written Information Security Plan on file. If you experience a data breach and can't show documented security procedures, your policy may not pay out — leaving you exposed to client notification costs, legal fees, and regulatory fines all at once.

Having your documentation organized and in order is the first step toward meeting that requirement. Your WISP costs $497.

We are not attorneys and this is not legal advice. For questions about your specific compliance obligations, consult a licensed attorney.

Done in 48 hours. No calls required.

01

You Pay & Receive the Questionnaire

After checkout you receive a short questionnaire about your business. Most people complete it in about 10–15 minutes, on their own time.

02

We Build Your Custom WISP Document

We use your answers to prepare a personalized Written Information Security Plan tailored to your business — not a generic template.

03

You Receive a Loom Video Walkthrough

We record a short video explaining each section of your plan so you understand what it contains and how it applies to your business.

04

Your Documentation Is Complete

Download your WISP, review it, sign it, and keep it on file. You'll have organized, written documentation of your security program based on FTC Safeguards Rule requirements.

Simple, flat-rate pricing

No hourly fees, no retainer lock-ins on the base plan. Pay once, get your documentation.

One-Time
$497
one-time payment
  • Custom WISP document (Word + PDF)
  • Loom video walkthrough
  • Vendor contract language
  • Incident response plan
  • Delivered within 48 hours
  • Email Q&A for 7 days
Get Started
Multi-Location
Custom
contact for quote
  • 3+ locations or franchise groups
  • Bulk pricing available
  • White-label for accountants
  • Referral program available
  • Dedicated account contact
Contact Us

FAQ

Form W-12 is the IRS PTIN renewal form that every paid tax preparer must complete annually. Line 11 specifically asks whether you have a Written Information Security Plan in place — and your answer is certified under penalty of perjury. If you check yes without actually having a WISP, that may constitute a federal crime. Without a valid PTIN you cannot legally prepare tax returns for compensation.
IRS Publication 4557 is the IRS's official data security guide for tax professionals. It outlines the security measures the IRS expects tax preparers to have in place to protect taxpayer data. Your WISP is written documentation showing you are following these guidelines. Publication 4557 works alongside the FTC Safeguards Rule — both require similar core protections from different regulatory angles.
The FTC Safeguards Rule has no employee-count exemption. Solo tax preparers, single-person accounting firms, and one-person mortgage brokers who handle consumer financial data are generally subject to the rule. We recommend consulting an attorney if you have questions about whether the rule applies to your specific situation.
No — they're completely different. A website privacy policy tells visitors how you collect data. A WISP is an internal operational document that describes how your business protects the financial data you hold. The FTC Safeguards Rule requires a WISP; a website privacy policy does not satisfy that requirement.
The FTC Safeguards Rule is a federal law that generally applies nationwide. If your business touches consumer financial data and is subject to FTC jurisdiction, the rule may apply to you regardless of your state. Consult an attorney for advice specific to your situation.
We are not attorneys and this is not legal advice. We're documentation specialists who help small financial businesses organize the information required to build their Written Information Security Plan. The document we prepare is based directly on the FTC's published Safeguards Rule requirements and IRS Publication 4557. For legal questions specific to your situation, consult a licensed attorney.
That's great — and your WISP will reflect that. Most businesses already do many of the right things; they just don't have it written down. The FTC requires documented evidence of your program, not perfection. Your WISP will capture what you already do and identify any gaps.
Get Started Today

Ready to get your documentation in order?

Choose your plan below. After payment you'll receive your intake questionnaire. We'll deliver your custom WISP within 48 hours.

$497 WISP Only — One Time $694 WISP + Annual Support
🔒 Secure checkout via Stripe  |  Delivered within 48 hours  |  No calls required