diff --git a/Pipfile b/Pipfile
index 620553f1..04e23572 100644
--- a/Pipfile
+++ b/Pipfile
@@ -17,6 +17,7 @@ flask = "*"
 flask-sqlalchemy = "*"
 flask-assets = "*"
 flask-session = "*"
+flask-wtf = "*"
 
 [dev-packages]
 bandit = "*"
diff --git a/Pipfile.lock b/Pipfile.lock
index d55c6fcf..5dcf8f6b 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "f097384512537988c799b892830b52e78bcc19133327213e9c6e2876210d62d3"
+            "sha256": "e04e11d9bd5c1dcc725de48b20902f5c416417e73774e557e45af7bd0c147ff5"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -62,6 +62,14 @@
             "index": "pypi",
             "version": "==2.3.2"
         },
+        "flask-wtf": {
+            "hashes": [
+                "sha256:5d14d55cfd35f613d99ee7cba0fc3fbbe63ba02f544d349158c14ca15561cc36",
+                "sha256:d9a9e366b32dcbb98ef17228e76be15702cd2600675668bca23f63a7947fd5ac"
+            ],
+            "index": "pypi",
+            "version": "==0.14.2"
+        },
         "itsdangerous": {
             "hashes": [
                 "sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519"
diff --git a/atst/app.py b/atst/app.py
index 7dac78b7..babaff7a 100644
--- a/atst/app.py
+++ b/atst/app.py
@@ -229,6 +229,7 @@ def make_config():
     OVERRIDE_CONFIG_FILENAME = os.getenv("OVERRIDE_CONFIG_FULLPATH")
 
     config = ConfigParser()
+    config.optionxform = str
 
     config_files = [BASE_CONFIG_FILENAME, ENV_CONFIG_FILENAME]
     if OVERRIDE_CONFIG_FILENAME:
diff --git a/atst/forms/forms.py b/atst/forms/forms.py
index c3ea02c4..48f03295 100644
--- a/atst/forms/forms.py
+++ b/atst/forms/forms.py
@@ -1,9 +1,9 @@
 import tornado
 from tornado.gen import Return
-from wtforms_tornado import Form
+from flask_wtf import FlaskForm
 
 
-class ValidatedForm(Form):
+class ValidatedForm(FlaskForm):
 
     @tornado.gen.coroutine
     def perform_extra_validation(self, *args, **kwargs):
diff --git a/atst/routes/requests.py b/atst/routes/requests.py
index 6c37344d..5903524c 100644
--- a/atst/routes/requests.py
+++ b/atst/routes/requests.py
@@ -2,6 +2,7 @@ from flask import Blueprint, g, render_template
 import pendulum
 
 from atst.domain.requests import Requests
+from atst.forms.financial import FinancialForm
 
 requests_bp = Blueprint("requests", __name__)
 
@@ -43,8 +44,10 @@ def requests_form_update():
 
 
 @requests_bp.route("/requests/verify/<string:request_id>", methods=["GET"])
-def financial_verification():
-    pass
+def financial_verification(request_id=None):
+    request = Requests.get(request_id)
+    form = FinancialForm(data=request.body.get('financial_verification'))
+    return render_template("requests/financial_verification.html", f=form)
 
 
 @requests_bp.route("/requests/verify/<string:request_id>", methods=["POST"])
diff --git a/config/base.ini b/config/base.ini
index e8be9197..fddfa26f 100644
--- a/config/base.ini
+++ b/config/base.ini
@@ -5,6 +5,7 @@ DEBUG = true
 AUTHNID_BASE_URL= https://localhost:8001
 COOKIE_SECRET = some-secret-please-replace
 SECRET = change_me_into_something_secret
+SECRET_KEY = change_me_into_something_secret
 CAC_URL = https://localhost:8001
 PE_NUMBER_CSV_URL = http://c95e1ebb198426ee57b8-174bb05a294821bedbf46b6384fe9b1f.r31.cf5.rackcdn.com/penumbers.csv
 REDIS_URI = redis://localhost:6379
diff --git a/templates/requests/financial_verification.html.to b/templates/requests/financial_verification.html
similarity index 87%
rename from templates/requests/financial_verification.html.to
rename to templates/requests/financial_verification.html
index df5b12ab..0f0d8110 100644
--- a/templates/requests/financial_verification.html.to
+++ b/templates/requests/financial_verification.html
@@ -1,4 +1,4 @@
-{% extends "../base.html.to" %}
+{% extends "base.html" %}
 
 {% block content %}
 
@@ -14,15 +14,15 @@
       </div>
 
       {% block form_action %}
-        <form method='POST' action="{{ reverse_url('financial_verification', request_id) }}" autocomplete="off">
-      {% end %}
+        <form method='POST' action="{{ url_for('requests.financial_verification', request_id=request_id) }}" autocomplete="off">
+      {% endblock %}
 
-      {% module xsrf_form_html() %}
+      {{ f.csrf_token }}
       {% block form %}
-        {% autoescape None %}
+        {% autoescape false %}
         {% if f.errors %}
           <b class="usa-input-error-message">There were some errors, see below.</b>
-        {% end %}
+        {% endif %}
 
         <p>In order to get you access to the JEDI Cloud, we will need you to enter the details below that will help us verify and account for your Task Order.</p>
 
@@ -32,7 +32,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.uii_ids.label }}
         {{ f.uii_ids(placeholder="Example: \nDI 0CVA5786950 \nUN1945326361234786950") }}
@@ -40,7 +40,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.pe_id.label }}
         {{ f.pe_id(placeholder="Example: 0203752A") }}
@@ -48,7 +48,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.treasury_code.label }}
         {{ f.treasury_code(placeholder="Example: 1200") }}
@@ -56,7 +56,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.ba_code.label }}
         {{ f.ba_code(placeholder="Example: 02") }}
@@ -64,7 +64,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         <!-- KO Information -->
 
@@ -76,7 +76,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.lname_co.label }}
         {{ f.lname_co(placeholder="Contracting Officer last name") }}
@@ -84,7 +84,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.email_co.label }}
         {{ f.email_co(placeholder="jane@mail.mil") }}
@@ -92,7 +92,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.office_co.label }}
         {{ f.office_co(placeholder="Example: WHS") }}
@@ -100,7 +100,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
 
         <!-- COR Information -->
@@ -113,7 +113,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.lname_cor.label }}
         {{ f.lname_cor(placeholder="Contracting Officer Representative last name") }}
@@ -121,7 +121,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.email_cor.label }}
         {{ f.email_cor(placeholder="jane@mail.mil") }}
@@ -129,7 +129,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.office_cor.label }}
         {{ f.office_cor(placeholder="Example: WHS") }}
@@ -137,7 +137,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         <br><hr>
         <em>&darr; FIELDS NEEDED FOR MANUAL ENTRY OF TASK ORDER INFORMATION (only necessary if EDA info not available)</em>
@@ -149,7 +149,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.funding_type_other.label }}
         {{ f.funding_type_other(placeholder="") }}
@@ -157,7 +157,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_0001.label }}
         {{ f.clin_0001(placeholder="50,000") }}
@@ -165,7 +165,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_0003.label }}
         {{ f.clin_0003(placeholder="13,000") }}
@@ -173,7 +173,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_1001.label }}
         {{ f.clin_1001(placeholder="30,000") }}
@@ -181,7 +181,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_1003.label }}
         {{ f.clin_1003(placeholder="7,000") }}
@@ -189,7 +189,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_2001.label }}
         {{ f.clin_2001(placeholder="30,000") }}
@@ -197,7 +197,7 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
+        {% endfor %}
 
         {{ f.clin_2003.label }}
         {{ f.clin_2003(placeholder="7,000") }}
@@ -205,15 +205,16 @@
           <div class="usa-input-error-message">
             {{ e }}
           </div>
-        {% end %}
-      {% end %}
+        {% endfor %}
+      {% endautoescape %}
+      {% endblock form %}
       {% block next %}
       <input type='submit' class='usa-button usa-button-primary' value='Save & Continue' />
-      {% end %}
+      {% endblock %}
       </form>
 
     </div>
   </div>
 </div>
 
-{% end %}
+{% endblock %}
diff --git a/templates/requests_new.html.to b/templates/requests_new.html.to
index 5a309f26..c5f96ed5 100644
--- a/templates/requests_new.html.to
+++ b/templates/requests_new.html.to
@@ -22,7 +22,7 @@
         {% end %}
       {% end %}
 
-      {% module xsrf_form_html() %}
+      {{ form.csrf_token }}
       {% block form %}
       form goes here
       {% end %}