Securing today and protecting tomorrow
We understand that hackers find new ways to compromise security every day, which is why it’s so important to keep financial accounts and personal information safe from the risk of fraud, cyber threats and unauthorized activity. We work behind the scenes to prevent threats and protect your client and their employee data from known and emerging cyber risks.
Our approach to cybersecurity
With cybersecurity as a top priority, we take preventative measures to safeguard the confidentiality, integrity and availability of customer information — leveraging a 360° dynamic three-pronged approach. This high level of cybersecurity maturity is but one facet and an important component of an enterprise information security environment. By integrating several “best of breed” recommendations into a comprehensive policy, you can feel secure knowing your clients are well protected.
People: It starts with our highly skilled, tenured staff
- We employ a talented team of dedicated security professionals that take advantage of the latest security awareness programs for Voya's workforce
- Conduct continual phishing tests annually to train employees on how to avoid phishing attacks
- Participate in global hacking competitions
Process: Applying applicable regulatory requirements
- Monitoring of daily activities, flagging potential fraudulent behaviors
- Ongoing updates to our governance documents and processes to align to the changing compliance landscape
- Participate in Industry Consortiums and government-sponsored organizations that helps us stay informed of security risks and trends
Technology: Protecting your data from within using advanced layers of defense
- Utilizing a layer-of-defense approach to protect against external and internal threats
- Deploying active threat detection and prevention protocols
- Collaborating across the industry with proactive, real-time threat intelligence
Securely handling and storing your client’s data
Voya’s robust cybersecurity and fraud prevention practices consist of multi-factor authentication (MFA), voice and fingerprint biometrics, secure emails, time logoffs and more. Our applicable regulatory requirements also align with many audits and certifications. During Q1 2022, Voya achieved compliance with ISO 27001 internationally recognized security standards, and we continue to maintain ISO compliance and annual revalidation from third-party assessors. 1
- SOC 1, SOC 2 & SOC 3
- ISO27001
- PCI DSS
- HITRUST
Advanced fraud prevention and detection
A successful fraud prevention and detection program requires commitment of resources, which is why we use a variety of tools to prevent, detect and investigate potential fraud. Our Compliance, Corporate Special Investigations (CSI), Technology Risk and Security Management (TRSM), and Operations teams have partnered to prevent, detect and investigate suspected fraud.
Voya’s S.A.F.E. Guarantee®
As part of our secure efforts, we have established the Voya S.A.F.E.® (Secure Accounts for Everyone) Guarantee. This guarantee asserts that if any assets are taken from an employee's retirement plan account or Voya-administered Individual Retirement Account due to unauthorized activity, we will restore the value of their account.2
Protection with the highest integrity
For the 11th consecutive year, Voya has been recognized by Ethisphere®, a global leader in defining and advancing the standards of ethical business practices, as one of the 2024 World’s Most Ethical Companies®.3 This honor represents our commitment to serving our customers.
Security threat FAQs
How can my client protect their employees’ accounts against scams?
What should my client do if fraud is suspected?
How can my client follow the proper precautions for email safety?
1 The audits and certifications noted apply to specific Voya scopes respective to contract obligations and industry requirements based on the type of data processed.
2 As long as certain criteria are met.
3 In March 2024, Voya Financial was one of 136 companies recognized by Ethisphere® as one of the 2024 World’s Most Ethical Companies® based on performance in 2023. The World’s Most Ethical Companies assessment is based upon Ethisphere’s Ethics Quotient® framework, which offers a quantitative way to assess a company’s performance in an objective, consistent and standardized way. The information collected provides a comprehensive sampling of definitive criteria of core competencies, rather than all aspects of corporate governance, risk, sustainability, compliance and ethics. Scores are generated in five key categories and provided to all companies that participate in the process: ethics and compliance program (35%), culture of ethics (20%), environmental and societal impact (20%), governance (20%), and third-party management (5%). While Voya’s Senior Vice President of Corporate and Organizational Development sits on Ethisphere’s Equity and Social Justice Initiative Advisory Council, he plays no role in the selection process for the World’s Most Ethical Companies award, but this fact has been disclosed to the extent it may be perceived as a possible conflict of interest. There is a processing fee of $3,500 USD to participate. Voya also pays $19,500 USD a year to participate in Ethisphere’s Business Ethics Leadership Alliance (“BELA”), which provides additional resources and services to members, including benchmarking data and related Ethisphere insights and guidance. There is also a $35,000 USD licensing fee for use of the logo. “World’s Most Ethical Companies” and “Ethisphere” names and marks are registered trademarks of Ethisphere LLC.