ApexTech4TaxPros

Your PTIN Is At Risk.

We Fix That.

Federal law classifies every tax preparer as a financial institution. That means the same cybersecurity requirements that govern banks now govern your tax office — and the IRS checks at PTIN renewal. Apex Tech 4 Tax Pros delivers the full compliance solution, built exclusively for tax professionals.

🔴 IRS Form W-12 · Line 11 · PTIN Renewal

“Do you have a Written Information Security Plan (WISP)?” — This question must be answered YES at every PTIN renewal. Your answer is certified under penalty of perjury. Checking YES without an actual WISP constitutes a federal crime. More than 810,000 tax preparers face this requirement annually.

IRS Pub 4557 Compliant

FTC Safeguards Rule

Bilingual EN / ES

20+ Years Experience

Dallas, TX

Compliance Status Check

Are you currently protected?

🔴 No WISP on File

PTIN renewal risk. FTC fines. Personal liability. Cannot prepare returns if PTIN is revoked.

🔴 No MFA on Tax Software

Required by FTC Safeguards Rule. Client data is unprotected from credential theft.

🔴 Using Personal Email for Client Files

Unsecured transmission of PII violates FTC requirements and exposes you to liability.

✅ With Apex Tech 4 Tax Pros

Customized WISP + Virtual PC + Secure Email + MFA + Cyber Training. Fully covered.

The Solution

One subscription covers your WISP, your security tools, and your compliance — starting at $649.99/season.

810,000+

PTIN Holders Required to Have a WISP

$50,685

Max FTC Fine Per Violation (2026)

$43,792

FTC Fine Per Day for Ongoing Violations

4,000+

PTINs Lost Annually — Growing Security Failures

100%

Of PTIN Holders Are Required — No Exceptions

The Legal Framework

Why a WISP Is Federal Law — Not Optional Guidance

Three overlapping federal laws create an unavoidable compliance mandate for every tax professional in the United States. Here is how they connect — and why there are no exceptions.

Enacted 1999 · Foundation Law

Gramm-Leach-Bliley Act (GLBA)

The Gramm-Leach-Bliley Act designated tax preparation services as financial institutions — placing them under the identical data protection framework that governs banks, credit unions, and mortgage lenders. This is the foundational law. The moment you prepare a return for compensation, you are a covered financial institution under federal law — regardless of whether you work from an office or your kitchen table.

⚖️ Tax preparers = financial institutions under U.S. federal law

Updated 2023 · Enforced by FTC

FTC Safeguards Rule (16 CFR Part 314)

The Federal Trade Commission enforces GLBA through its Safeguards Rule, which was significantly strengthened in 2023. It mandates that all covered financial institutions — including every solo tax preparer — must develop, implement, and maintain a comprehensive Written Information Security Plan. The Rule specifies nine required elements including a designated Qualified Individual, documented risk assessments, encryption, multi-factor authentication, access controls, vendor oversight, and an incident response plan. The FTC has actively increased enforcement since 2023, with penalties reaching $500,000 for notification failures and up to $50,685 per violation.

🔴 Penalties up to $50,685/violation · $43,792/day for ongoing violations

IRS Mandate · All E-File Providers

IRS Publication 4557 — Safeguarding Taxpayer Data

IRS Publication 4557 establishes specific technical security requirements for every authorized e-file provider and tax professional who handles client financial data. It explicitly requires a Written Information Security Plan — with documented administrative, technical, and physical safeguards. Companion publication IRS Publication 5708 provides a nine-component WISP framework specifically designed for small to mid-size tax practices. Together, these publications give the IRS its own enforcement authority separate from the FTC — including the ability to suspend or revoke your EFIN.

📕 IRS Pub 4557 + Pub 5708 = your required WISP framework

Since 2024 · Annual Renewal Trigger

IRS Form W-12, Line 11 — PTIN Renewal Certification

Starting in 2024, the IRS added Line 11 to Form W-12, the PTIN renewal form. This line asks every paid return preparer to certify — under penalty of perjury — that they maintain a Written Information Security Plan compliant with IRS Publication 4557 and the FTC Safeguards Rule. More than 810,000 preparers face this requirement at every annual renewal. Checking YES without an actual compliant WISP constitutes false certification on a federal form — a criminal offense that can result in PTIN revocation, EFIN suspension, and referral for prosecution.

🔴 False certification = federal perjury · PTIN revoked · Cannot prepare returns

The Legal Framework

Why a WISP Is Federal Law — Not Optional Guidance

Three overlapping federal laws create an unavoidable compliance mandate for every tax professional in the United States. Here is how they connect — and why there are no exceptions.

4,000+

Cannot Prepare Return

The IRS can revoke your Preparer Tax Identification Number, making it illegal to prepare federal tax returns for compensation. Without a PTIN, your practice ends immediately during the investigation period.

$50,685

Per Violation — FTC

The FTC can impose civil penalties of up to $50,685 per violation under the Safeguards Rule (2026 inflation-adjusted figure). Each client record exposed in a breach can be treated as a separate violation.

$43,792

Per Day — Ongoing Violations

Ongoing violations under an FTC consent order accrue penalties of up to $43,792 per day until resolved. An unaddressed compliance failure compounds daily — fast.

EFIN Suspended

No Electronic Filing

The IRS can suspend or revoke your Electronic Filing Identification Number following a data breach or security failure — effectively shutting down your ability to e-file during peak tax season.

$0

Cyber Insurance Claim Denied

Most cyber liability carriers require a documented WISP before issuing coverage. After a breach, insurers audit your security program before paying claims. No WISP = denied claims, even with a policy in force.

$649

Full Seasonal Compliance

Our seasonal subscription at $649.99 covers your WISP document, virtual desktop, secure email, MFA, VPN, antivirus, and more — complete compliance protection for the price of less than two tax returns

The Legal Framework

The One Question That Changes Everything

Line 11 of IRS Form W-12 — added in 2024 — turned WISP compliance from a best practice into a sworn federal certification. Here’s exactly what it means for your practice.

Every year, when you renew your PTIN, the IRS asks on Form W-12, Line 11 whether you maintain a Written Information Security Plan that complies with IRS Publication 4557 requirements and the FTC Safeguards Rule.

Your answer is not a formality. It is a certification made under penalty of perjury. If you check YES without having a real, compliant WISP in place, you have made a false statement on a federal form — which is a criminal offense under 18 U.S.C. § 1001, separate from the civil penalties the FTC can impose.

The IRS did not add this line as a suggestion. The Security Summit — a joint initiative of the IRS, state tax agencies, and the tax industry — has been working to combat tax-related identity theft, which costs billions annually. Tax office data breaches are a primary vector. Your WISP is the documented evidence that you are doing your part.

IRS Form W-12 — PTIN Renewal

Paid Preparer Tax Identification Number Application
Line 9 — Line 10 …

Line 11

Data Security Responsibilities
Do you have a Written Information Security Plan (WISP) in place that complies with IRS Publication 4557, “Safeguarding Taxpayer Data,” and the FTC Safeguards Rule?

Yes — I certify I maintain a compliant WISP

No — I do not have a WISP

⚠️ Your answer is made under penalty of perjury. False certification constitutes a federal crime under 18 U.S.C. § 1001 and can result in PTIN revocation and referral for criminal prosecution.

1

Renew Your PTIN Before December 31 Each Year

PTIN renewal opens in October. The renewal fee is $19.75. Failure to renew by December 31 triggers e-filing suspension and a $530 penalty per return prepared without valid credentials.

2

Answer Line 11 Truthfully — Under Penalty of Perjury

If you do not have a compliant WISP, you cannot truthfully check YES. And checking YES without one is federal perjury. The only safe answer is to get your WISP in place before renewal.

$649

Keep Your WISP Current — Review Annually

The IRS and FTC both require annual review and update of your WISP. A WISP is not a one-time document — it must reflect your current systems, staff, and technology every year.

Our Full Solution

Everything You Need. One Trusted Partner.

Apex Tech 4 Tax Pros was built specifically for this problem — by someone who spent 20+ years at the intersection of healthcare IT security and tax preparation. We don’t sell generic cybersecurity. We sell compliance designed for tax professionals.

📋

Customized WISP Document

A fully written, IRS-compliant Written Information Security Plan tailored to your specific firm — your processes, your staff, your technology. Not a generic template. A real document built for your practice. Available in English and Spanish.

✓ Included Free with Subscription

🔍

WISP IT System Assessment

A comprehensive risk assessment of your current security posture, a customized WISP document, an incident response plan, employee cybersecurity training, and a follow-up maintenance review — all in one engagement.

✓ Available as Standalone Service

🖥️

Virtual Desktop (Virtual PC)

A secure, cloud-hosted computer for running your tax software. Client data never lives on your personal device. Works from any browser. Automatically backed up. Protected even if your physical computer is lost or stolen.

✓ Included in Subscription

✉️

Secure Business Email

Professional encrypted email for your tax office. Replaces personal Gmail or Yahoo accounts — which violate FTC requirements when used for client PII. Send and receive sensitive documents safely.

✓ Included in Subscription

🔐

MFA + Cybersecurity Stack

Multi-factor authentication (required by FTC Safeguards Rule), spam filters, antivirus, anti-phishing, anti-spyware, firewall, VPN, encryption, and secure file transfer — a complete technical safeguard layer for your office.

✓ Included in Subscription

🎓

Cybersecurity Awareness Training

Online staff training with completion certificate and LinkedIn badge. Satisfies the employee training requirement in your WISP. Includes phishing simulator, up to 90-minute courses, and compliance with HIPAA, PCI, SOX, GDPR, and CCPA.

✓ Available as Add-On

💾

Secure Cloud Storage & Password Manager

Encrypted cloud drive for client files, tax returns, and office documents. Password manager to eliminate password reuse across tax software platforms and portals — one of the leading causes of credential theft in tax offices.

✓ Included in Subscription

🌐

Web Services

Professional web hosting, domain registration, SSL certificates, analytics, and secure virtual network services for your tax office’s digital presence — all security-configured from the start.

✓ Available as Add-On

No Exemptions

Who Is Required to Have a WISP?

The Gramm-Leach-Bliley Act and IRS Publication 4557 draw no distinction between large firms and small ones, seasonal preparers and full-year professionals, or office-based and home-based practitioners.

📝

Individual Tax Preparers

File 11+ returns for compensation? The law applies to you directly. No minimum client threshold.

🏢

Tax Office Owners

Responsible for every return filed under your EFIN — and liable for every preparer under your roof.

🤝

Service Bureaus & SSBs

Managing data for a network of preparers multiplies your exposure — and your compliance obligation.

🏛️

CPAs & Enrolled Agents

Licensed professionals face both IRS Publication 4557 requirements and Circular 230 obligations.

📚

Bookkeepers

Handling nonpublic personal financial information classifies you as a covered financial institution under GLBA.

💼

Accounting Firms

Multi-staff firms require WISPs that address each location, each role, and each service provider used.

🏠

Home-Based Preparers

Working from home does not exempt you. The law applies to the data, not the location of the preparer.

🌅

Seasonal Preparers

Even a January-through-April season creates full-year legal obligations. Data doesn’t expire in May.

👤

Solo Practitioners

A single practitioner preparing one return for compensation is a covered financial institution under federal law.

🌐

Web Services

Professional web hosting, domain registration, SSL certificates, analytics, and secure virtual network services for your tax office’s digital presence — all security-configured from the start.

Our Story

Built at the Intersection of Tax & IT Security

Apex Tech 4 Tax Pros was founded by a seasoned professional with over 20 years of combined experience in healthcare IT and tax preparation — two industries defined by the highest standards of data protection and regulatory compliance.

That dual background revealed a critical gap: tax professionals were handling some of the most sensitive personal and financial data in existence, but operating without the security infrastructure that other regulated industries had long required. The WISP mandate closed that gap legally — but left most preparers without a practical, affordable path to compliance.

We built Apex Tech 4 Tax Pros to bridge exactly that divide. Every product and service we offer was designed specifically for the operational realities of a tax office — not adapted from a corporate IT solution. We understand the seasonal pressures, the client expectations, and the compliance obligations that define your practice.

As a sister company to APEX Tax Solutions — a Latino-owned tax software company serving preparers across the U.S. since 2015 — we are part of an ecosystem built around the success of independent tax professionals.

20+

Years IT & Tax Experience

2

Languages — EN & ES

3

Federal Laws We Navigate

100%

Tax-Professional Focus

The Legal Framework

APEX Tax Solutions

TaxSlayer ProWeb · Desktop Premium · Service Bureau Partnerships · Software Training · Bank Products

🛡️

WISP Development & IRS Compliance

Custom plans aligned with IRS Pub 4557, IRS Pub 5708, GLBA, and FTC Safeguards Rule. Not templates — real documents for your real firm.

☁️

Secure Cloud Infrastructure

Virtual desktops, encrypted email, secure drives, and password management purpose-built for tax office workflows.

🎓

Employee Security Training

Certified cybersecurity awareness programs that satisfy the training component of your WISP — with documentation you keep for compliance records.

🌐

Bilingual Support — EN/ES

Full English and Spanish support for all services. WISP documents available in Spanish for Latino-owned tax offices and preparers.

🌐 WISP disponible completamente en español

Plan de Seguridad de la Información por Escrito personalizado para su empresa — cumple con la Ley Gramm-Leach-Bliley, las directrices del IRS y la norma de salvaguardias de la FTC.

🇺🇸 🤝 🇲🇽

Common Questions

WISP & Compliance FAQs

The questions every tax professional asks — answered directly and completely.

It is a federal legal requirement — not a recommendation. Three overlapping laws mandate it: the Gramm-Leach-Bliley Act (which classifies tax preparers as financial institutions), the FTC Safeguards Rule (which requires a written information security program), and IRS Publication 4557 (which requires a WISP for all authorized e-file providers). The IRS reinforced this in 2024 by adding Line 11 to Form W-12, requiring PTIN holders to certify WISP compliance under penalty of perjury at every annual renewal. There are no exemptions for firm size, solo practitioners, home-based preparers, or seasonal workers.

Line 11 of Form W-12 asks: "Do you have a Written Information Security Plan (WISP) in place?" Your answer is certified under penalty of perjury. If you check YES without a real, compliant WISP in place, you have made a false statement on a federal form — which is a criminal offense under 18 U.S.C. § 1001. The IRS can revoke your PTIN, suspend your EFIN, and refer the matter for criminal prosecution. The only safe path is to have a compliant WISP before you renew.

A generic template is a starting framework — but the IRS and FTC expect your WISP to describe your firm's actual security practices, your specific staff responsibilities, and the real technology you use. A template that doesn't accurately describe your operations is not compliant, and it won't protect you in an audit or breach investigation. Apex Tech 4 Tax Pros builds fully customized WISPs that reflect your actual firm — not a copy-paste document. We also include the IT assessment, risk analysis, and incident response plan that templates typically omit.

Both subscription packages (Seasonal at $649.99 / January–April, and Yearly at $1,099.99 / 12 months) include a Virtual PC (secure cloud desktop for your tax software), secure business email, secure cloud storage drive, password manager, multi-factor authentication setup, spam filters, antivirus and anti-phishing protection, VPN for secure remote access, encryption, firewall protection, and a customized WISP document — free with your subscription (a $500 value). The Yearly plan adds year-round protection for the off-season when your data is still at risk even if you're not actively filing.

Yes. We offer fully customized WISP documents written entirely in Spanish (Plan de Seguridad de la Información por Escrito), and all of our services are available with bilingual English and Spanish support. We understand that many tax professionals in our community prefer to work in Spanish — and compliance should never be a language barrier. Contact us at info@at4tp.com for Spanish-language service.

Yes. The legal obligation is tied to the data you hold, not the months you actively prepare returns. Client Social Security numbers, income records, and bank account details stored on your computer or in the cloud remain at risk every day of the year — not just during filing season. Your WISP must be in place and current at PTIN renewal (December 31 each year), and your security infrastructure should protect data during the off-season as well. This is one of the reasons our Yearly subscription makes financial and compliance sense for most preparers.

We are sister companies. APEX Tax Solutions (apextaxsolution.com) provides professional tax software, software training, and service bureau partnerships for tax professionals. Apex Tech 4 Tax Pros provides the cybersecurity and compliance layer — WISP documents, virtual desktop, secure email, cloud tools, and cybersecurity training. Together, the two companies deliver a complete ecosystem for running a modern, compliant, and profitable tax office. Clients of either company can access products and referrals from both.

For the customized WISP IT System Assessment, the process typically takes a few business days after we gather your firm's information — workflows, staff structure, technology used, and current security practices. For subscription packages, your virtual desktop, secure email, and technical tools are activated quickly. If you are approaching a PTIN renewal deadline, contact us immediately at info@at4tp.com — we treat compliance deadlines with urgency and will prioritize your case.

Get Protected Today

Don't Risk Your PTIN.

Get Compliant Now.

Whether you need a customized WISP document, a full IT assessment, or a subscription that covers everything — Apex Tech 4 Tax Pros has the solution designed specifically for your tax practice. Bilingual support. Dallas, TX. Built by tax and IT professionals who understand your world.

Also need tax software? Visit our sister company → APEX Tax Solutions — apextaxsolution.com