U.S. consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 percent over the previous year.
Federal Trade Commission
Dark Market Monitoring
Our enterprise-wide security strategy protects account holders with a combination of technology, policies, and processes.
An enterprise-wide layered security strategy informed by industry best practices, regular briefings, and an established business continuity plan
Vetting of associates who are also trained and supported in security awareness and privacy incident prevention
Ongoing risk assessment, management, and testing throughout the firm; design and deploy a layered defense strategy that we stand behind
Advanced network and data protection, identity and access management, and cybersecurity data analysis
Continuous monitoring of plan and account activity and collaboration with industry partners and threat intelligence-sharing groups
T. Rowe Price makes every effort to ensure that participant interactions are not only seamless but also well protected through robust security practices for authentication.
Multi-Factor Authentication provides an additional layer of security to normal login requirements and call center interactions. It requires participants to provide information that only they have access to: a code they must enter during login or provide to our call center representatives at the start of their phone call.
Multi-Factor Authentication is required for all participants, who are guided through the setup process during login or when creating their online account.
The voice biometrics process passively authenticates callers as they naturally engage with the call center. This new technology evaluates several criteria for each caller, including voice characteristics, caller behavior, call location, and device characteristics, beginning with their first interaction with our call center. If the call seems suspicious, the system will automatically trigger additional authentication procedures.
Dark market monitoring provides another layer of cutting-edge fraud protection for participant accounts. It screens participant website login credentials against emails and passwords recovered from data breaches to help reduce the risk of fraudulent account takeover.
The service creates security alerts when passwords associated with participants’ email addresses are located on the dark web. When passwords associated with a data breach match participants' retirement plan login credentials, we alert impacted participants and lock their accounts as a security precaution.
The T. Rowe Price Account Protection Program is designed to assure plan sponsors and participants that their accounts are protected in the event of fraud. Under the program, we’ll restore eligible account losses caused by unauthorized activity* when plans and participants follow some best practices.
Plan sponsors and participants should contact us immediately if they suspect a potential breach or fraudulent activity.
*All reported concerns will be thoroughly investigated to determine program applicability. The Account Protection Program may not apply if the security best practices outlined in this document are not followed.
Contact your T. Rowe Price representative to find out how we can partner to protect your participants.