Lesson 5: FTC Safeguards Rule & WISP
← Study Guide home · Lesson 5 of 12
Your information security obligations as a financial institution
Learning Objectives
After completing this lesson, you will be able to:
- Explain why tax preparers are "financial institutions" subject to the FTC Safeguards Rule
- Identify the nine elements of a compliant information security program
- Describe what a WISP must contain and how AI use affects each element
- Apply the service provider oversight requirements to cloud AI vendors
- Identify Georgia's breach notification requirements and when they apply
Why Tax Preparers Are "Financial Institutions"
The Gramm-Leach-Bliley Act (GLBA), enacted in 1999 and implemented by FTC regulations, classifies "financial institutions" broadly, including entities that are "significantly engaged" in activities that are financial in nature. Tax preparation is on the FTC's list of financial activities.
The FTC Safeguards Rule, implementing GLBA's privacy provisions, therefore applies to all tax return preparers, regardless of:
- Size (solo practitioners are covered)
- Charter (incorporated or unincorporated)
- Revenue
- Primary business activity (a CPA firm that also does audit is still a financial institution for all its activities)
This means your firm must:
- Have a Written Information Security Plan (WISP)
- Implement and maintain a comprehensive information security program meeting the nine elements of 16 CFR §314.4
- Report significant data breaches to the FTC (and to clients and law enforcement in some cases)
The updated Safeguards Rule became effective for most provisions on June 9, 2023. The IRS independently requires a WISP as a condition of maintaining your PTIN.
The Nine Elements of a Compliant Information Security Program (16 CFR §314.4)
| # | Element | Key Requirement |
|---|---|---|
| 1 | Qualified Individual | Designate one person responsible for overseeing your program |
| 2 | Risk Assessment | Identify and assess risks to customer information; evaluate current safeguards |
| 3 | Safeguards Implementation | Design and implement safeguards to address identified risks |
| 4 | Service Provider Oversight (§314.4(f)) | Select service providers that can maintain appropriate safeguards; require safeguards contractually; oversee their performance |
| 5 | Monitoring and Testing | Regularly monitor and test your safeguards |
| 6 | Employee Training | Train employees on information security policies and practices |
| 7 | Incident Response Plan | Create a written incident response plan |
| 8 | Annual Review | Review your program at least annually, or after material changes |
| 9 | Board/Senior Management Reporting | Report to your board or equivalent on the security program |
The Written Information Security Plan (WISP)
The IRS has issued two publications specifically to help tax preparers create WISPs:
- IRS Publication 4557: Safeguarding Taxpayer Data, general requirements
- IRS Publication 5708: Creating a Written Information Security Plan for Your Tax & Accounting Practice, a template and detailed guidance
Your WISP must be:
- Written and accessible to relevant personnel
- Specific to your firm's actual operations and risk profile, a generic template copied from the internet is not compliant if it does not reflect your firm's actual practices
- Maintained and updated: a WISP you created in 2018 and never updated does not meet the annual review requirement
Service Provider Oversight (§314.4(f)): The AI Vendor Requirement
This element is the most directly relevant to AI tools. The FTC's rule requires that you:
- Select service providers that maintain appropriate safeguards for your clients' information
- Require safeguards contractually: your contract with the service provider must require them to maintain appropriate safeguards
- Oversee their handling of customer information, including through periodic monitoring
Applied to cloud AI vendors, this means:
Before adding any cloud AI tool to your practice, you must:
- Evaluate the vendor's security posture: Does it have SOC 2 Type II certification? ISO 27001? What are its data breach response procedures?
- Review the contract: Does it include data security obligations? No-training/no-retention clauses? Data processing agreement with GLBA-compliant protections?
- Assess data residency: Where is data processed and stored?
- Document your evaluation: Maintain a vendor due diligence file showing you selected the vendor based on an assessment of its safeguards
⚠️ RISK: Selecting a cloud AI vendor based on "I've heard good things about it" or "it's what everyone uses" without reviewing its security commitments violates §314.4(f). The rule requires affirmative evaluation and contractual safeguards.
How AI Tool Use Intersects With Each WISP Element
| WISP Element | AI-Specific Consideration |
|---|---|
| Qualified Individual | Has your designated person been trained on AI tool risks? |
| Risk Assessment | AI tools are a new risk vector, your risk assessment must address them specifically |
| Safeguards Implementation | What controls do you have over which tools can be used with client data? |
| Service Provider Oversight | Each AI vendor must be evaluated and covered by a contractual safeguard |
| Monitoring and Testing | Are you monitoring which AI tools employees or contractors are using? |
| Employee Training | Do your staff understand the AI/§7216 rules? |
| Incident Response Plan | If an AI vendor has a data breach affecting your clients' data, what do you do? |
| Annual Review | Has the AI section of your WISP been updated in the last 12 months? |
| Reporting | Has AI tool risk been reported to firm leadership? |
The Annual Review Requirement
Section 314.4(e) requires that you "evaluate and adjust the program in light of the results of the testing and monitoring required under paragraph (d) of this section; any material changes to your operations or business arrangements; the results of your risk assessment; or any other circumstances that you know or have reason to know may have a material impact on your information security program."
Adding a new AI tool is a material change to your business arrangements that triggers a review obligation. The annual review is a minimum, you should also review when:
- Adding or changing AI vendors
- A vendor changes its data handling practices
- A data breach occurs at a vendor
- You expand the types of data you're processing with AI tools
The Five Things Every WISP Must Add When the Firm Uses AI Tools
- AI Vendor Inventory: List every AI tool used with client data, including vendor name, contract tier, and data processing agreement status.
- AI Access Controls: Define which personnel may use AI tools with client data, and under what conditions.
- Approved Tool Classification: Maintain a "green/yellow/red" classification of each AI tool, whether it is approved for client data use, approved with restrictions, or prohibited.
- AI-Specific Incident Response: Define what constitutes a reportable incident involving an AI tool (prompt injection attack, vendor data breach, unauthorized use of client data by vendor).
- AI Annual Review Checkpoint: Add a specific checkpoint to your annual review process for assessing new AI tools and updating the vendor inventory.
Georgia-Specific: Breach Notification Under O.C.G.A. §10-1-912
Georgia's breach notification statute (O.C.G.A. §10-1-912), part of the Georgia Personal Identity Protection Act, requires:
Who is covered: "Information brokers" and "data collectors", including any entity that maintains computerized personal data about Georgia residents. A tax preparer maintaining client SSNs, financial account numbers, and similar data qualifies.
What triggers notification: An unauthorized acquisition of a Georgia resident's unencrypted "personal information", defined as a first name (or initial) and last name combined with one of: Social Security number, driver's license/state ID number, or financial account/credit/debit card number.
When to notify: "In the most expedient time possible and without unreasonable delay", there is no specific deadline, but unnecessary delay creates enforcement risk.
Who to notify: Affected Georgia residents (individuals whose data was involved). If more than 10,000 Georgia residents are affected, also notify all nationwide consumer reporting agencies (Equifax, Experian, TransUnion).
Method of notification: Written notice, telephone notice, or electronic notice (consistent with E-SIGN Act). Substitute notice (website posting + media) is available if direct notice costs exceed $50,000 or more than 100,000 individuals are affected.
What to include: Georgia does not specify required content, but best practice is: description of the incident, types of information involved, steps you have taken, your contact information.
AI-specific trigger scenario: An AI vendor you use to process client data experiences a breach and your clients' SSNs and financial data are exposed. You must notify affected Georgia resident clients promptly.
📌 PRACTICE TIP: Your incident response plan should include a provision for vendor breach notification. If you maintain client data on behalf of another entity, you must notify that entity within 24 hours of discovering a breach (O.C.G.A. §10-1-912 third-party obligation). Ensure your AI vendor contracts require them to notify you promptly if they experience a breach involving your clients' data.
Key Takeaways
- Tax preparers are "financial institutions" under GLBA, which means you must have a WISP and comply with all nine elements of the FTC Safeguards Rule (16 CFR §314.4), regardless of firm size.
- Service provider oversight under §314.4(f) requires you to evaluate AI vendors' security practices, require contractual safeguards, and monitor their handling of client data.
- Your WISP must specifically address AI tools: vendor inventory, access controls, approved tool classification, AI-specific incident response, and annual AI review checkpoint.
- Georgia's breach notification statute (O.C.G.A. §10-1-912) requires notification to affected residents "in the most expedient time possible" when unencrypted personal information (including SSNs) is acquired without authorization, triggered if an AI vendor you use suffers a breach.
- An AI tool that was not covered in your WISP is already a WISP compliance gap.
Quick Review: WISP Pass or Fail?
Scenario A: A solo CPA in Augusta, Georgia created a WISP in 2021 using an IRS template. She has not updated it since. She added ChatGPT Plus to her workflow in 2023 but never updated the WISP. One employee uses it routinely.
Answer: FAIL. Multiple failures: (1) No annual review, the rule requires annual review plus review after material changes. (2) ChatGPT Plus is not in the WISP. (3) No service provider evaluation documented for ChatGPT Plus. (4) No access controls for AI tool use documented.
Scenario B: A two-partner firm has a current WISP (updated this year) that includes an "AI Vendor Inventory" section. The section lists "Microsoft 365 Copilot (Enterprise, US data residency, signed DPA on file)" as the only approved AI tool for client data. The WISP states no other AI tools may be used with client data without partner approval and WISP update.
Answer: PASS. The WISP reflects current operations, names a specific vendor with adequate documentation, and establishes access controls. This is compliant WISP AI practice.
Scenario C: A practice receives notice from an AI vendor that it has experienced a data breach affecting customer prompt data from the past six months. The breach involved SSNs and financial data from tax documents processed through the platform. The firm waits 60 days to notify clients while it "assesses the situation."
Answer: FAIL. O.C.G.A. §10-1-912 requires notification "in the most expedient time possible and without unreasonable delay." Sixty days without notification is almost certainly unreasonable delay absent compelling law enforcement direction.
← Lesson 4: Consent: When and How (§301.7216-3) · Study Guide home · Lesson 6: AICPA Confidentiality Rule (ET §1.700.001) →