Continuous protection. Always evolving.
Cybersecurity is on everyone’s mind
From plan sponsors to participants, cybersecurity is on everyone's mind—and everyone expects you to protect their data. Here's what we're doing to help protect privacy and prevent fraud.
U.S. consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 percent over the previous year.
Federal Trade Commission
Learn more about T. Rowe Price's cybersecurity
Protection in Action
Our enterprise-wide security strategy protects account holders with a combination of technology, policies, and processes.
Cybersecurity is a responsibility we take very seriously–and these are the measures we take:
Governance
An enterprise-wide layered security strategy informed by industry best practices, regular briefings, and an established business continuity plan
Organizational Security
Vetting of associates who are also trained and supported in security awareness and privacy incident prevention
Process
Ongoing risk assessment, management, and testing throughout the firm; design and deploy a layered defense strategy that we stand behind
Technology
Advanced network and data protection, identity and access management, and cybersecurity data analysis
Vigilance/Monitoring
Continuous monitoring of plan and account activity and collaboration with industry partners and threat intelligence-sharing groups
Strengthening Security of Participant Interactions Online and by Phone
T. Rowe Price makes every effort to ensure that participant interactions are not only seamless but also well protected through robust security practices for authentication.
Multi-Factor Authentication
Multi-Factor Authentication provides an additional layer of security to normal login requirements and call center interactions. It requires participants to provide information that only they have access to: a code they must enter during login or provide to our call center representatives at the start of their phone call.
Multi-Factor Authentication is required for all participants, who are guided through the setup process during login or when creating their online account.
Voice Biometrics
The voice biometrics process passively authenticates callers as they naturally engage with the call center. This new technology evaluates several criteria for each caller, including voice characteristics, caller behavior, call location, and device characteristics, beginning with their first interaction with our call center. If the call seems suspicious, the system will automatically trigger additional authentication procedures.
Dark Market Monitoring
Dark market monitoring provides another layer of cutting-edge fraud protection for participant accounts. It screens participant website login credentials against emails and passwords recovered from data breaches to help reduce the risk of fraudulent account takeover.
The service creates security alerts when passwords associated with participants’ email addresses are located on the dark web. When passwords associated with a data breach match participants' retirement plan login credentials, we alert impacted participants and lock their accounts as a security precaution.
Our Account Protection Program
The T. Rowe Price Account Protection Program is designed to assure plan sponsors and participants that their accounts are protected in the event of fraud. Under the program, we’ll restore eligible account losses caused by unauthorized activity* when plans and participants follow some best practices.
Plan sponsors and participants should contact us immediately if they suspect a potential breach or fraudulent activity.
*All reported concerns will be thoroughly investigated to determine program applicability. The Account Protection Program may not apply if the security best practices outlined in this document are not followed.
202308-2887902
Contact your T. Rowe Price representative to find out how we can partner to protect your participants.