Marquee Header

Continuous protection. Always evolving.

Cybersecurity is on everyone’s mind

From plan sponsors to participants, cybersecurity is on everyone's mind—and everyone expects you to protect their data. Here's what we're doing to help protect privacy and prevent fraud.

U.S. consumers reported losing nearly $8.8 billion to fraud in 2022, an increase of more than 30 percent over the previous year.

Federal Trade Commission

See how our approach aligns with the Department of Labor cybersecurity best practices, ensuring that we place data security protocols central to every product, service, and experience we produce for retirement plans.

Protection in Action

Our enterprise-wide security strategy protects account holders with a combination of technology, policies, and processes. 

Cybersecurity is a responsibility we take very seriously–and these are the measures we take:

Governance icon


An enterprise-wide layered security strategy informed by industry best practices, regular briefings, and an established business continuity plan

Organizational Security icon

Organizational Security

Vetting of associates who are also trained and supported in security awareness and privacy incident prevention

Process icon


Ongoing risk assessment, management, and testing throughout the firm; design and deploy a layered defense strategy that we stand behind

Technology icon


Advanced network and data protection, identity and access management, and cybersecurity data analysis

Vigilance icon


Continuous monitoring of plan and account activity and collaboration with industry partners and threat intelligence-sharing groups

Strengthening Security of Participant Interactions Online and by Phone

T. Rowe Price makes every effort to ensure that participant interactions are not only seamless but also well protected through robust security practices for authentication.

MFA icon

Multi-Factor Authentication

Multi-Factor Authentication provides an additional layer of security to normal login requirements and call center interactions. It requires participants to provide information that only they have access to: a code they must enter during login or provide to our call center representatives at the start of their phone call.

Multi-Factor Authentication is required for all participants, who are guided through the setup process during login or when creating their online account.

Voice biometrics icon

Voice Biometrics

The voice biometrics process passively authenticates callers as they naturally engage with the call center. This new technology evaluates several criteria for each caller, including voice characteristics, caller behavior, call location, and device characteristics, beginning with their first interaction with our call center. If the call seems suspicious, the system will automatically trigger additional authentication procedures.

Dark market monitoring icon

Dark Market Monitoring

Dark market monitoring provides another layer of cutting-edge fraud protection for participant accounts. It screens participant website login credentials against emails and passwords recovered from data breaches to help reduce the risk of fraudulent account takeover.

The service creates security alerts when passwords associated with participants’ email addresses are located on the dark web. When passwords associated with a data breach match participants' retirement plan login credentials, we alert impacted participants and lock their accounts as a security precaution.

Our Account Protection Program

The T. Rowe Price Account Protection Program is designed to assure plan sponsors and participants that their accounts are protected in the event of fraud. Under the program, we’ll restore eligible account losses caused by unauthorized activity* when plans and participants follow some best practices.

Plan sponsors and participants should contact us immediately if they suspect a potential breach or fraudulent activity.

*All reported concerns will be thoroughly investigated to determine program applicability. The Account Protection Program may not apply if the security best practices outlined in this document are not followed.


Contact your T. Rowe Price representative to find out how we can partner to protect your participants.