Who We Serve/Tax & Accounting Professionals

Tax & Accounting Professionals

CPA firms, EA practices, and tax preparers subject to the FTC Safeguards Rule and IRS Publication 4557.

Since 2023, every U.S. tax preparer with clients is a “financial institution” under the FTC Safeguards Rule. That designation carries a specific, non-negotiable obligation: a documented Written Information Security Program (WISP), a designated qualified individual, and controls that map to 16 CFR §314.4.

IRS Publication 4557 layers on additional expectations. State boards of accountancy and professional liability carriers add further scrutiny. We build WISPs that satisfy all three simultaneously — and that hold up when a client, an insurer, or the IRS asks to see them.

Program Focus Areas

  • Written Information Security Program (WISP)
  • Designated qualified individual and reporting structure
  • Encryption, MFA, and access control per §314.4(c)
  • Incident-response plan and breach reporting protocol
  • Annual program review and board or partner reporting