Is Empower Safe to Use for Your Money and Data?

When considering a financial platform, understanding its safeguards for your money and personal information is important. Empower, a financial services company, employs various protocols and operates under specific regulatory frameworks to protect user assets and data. This article explores the security and consumer protections Empower implements.

Regulatory Oversight and Protections

Comprehensive regulatory oversight supports the safety of your investments and cash deposits. Empower Advisory Group, LLC (EAG) operates as a Registered Investment Adviser (RIA), overseen by the U.S. Securities and Exchange Commission (SEC). Empower Financial Services, Inc. (EFSI) is also a registered broker-dealer and a member of the Financial Industry Regulatory Authority (FINRA). These registrations hold Empower entities to specific standards of conduct and transparency.

Investment accounts held with broker-dealers are protected by the Securities Investor Protection Corporation (SIPC). This protection covers up to $500,000 in securities, including a $250,000 limit for uninvested cash, in the event of the brokerage firm’s financial failure. SIPC protection safeguards against asset loss due to a firm’s insolvency, but it does not cover losses from market fluctuations or declining investment values.

For cash deposits, if Empower offers banking services through partner banks, these deposits are eligible for Federal Deposit Insurance Corporation (FDIC) insurance. FDIC insurance covers up to $250,000 per depositor, per insured bank, for each account ownership category, protecting against the failure of the insured bank.

Data Security Measures

Empower prioritizes protecting your personal and financial data, employing various technical safeguards. The platform uses advanced encryption protocols, such as 256-bit AES encryption, to secure data. This encryption protects your information both in transit and when stored on servers, making it unreadable to unauthorized parties.

To enhance account security, Multi-Factor Authentication (MFA) is available. This feature requires more than one verification method to access an account, typically involving something you know (like a password) and something you have (like a code sent to your phone). This additional layer significantly reduces unauthorized access risk, even if a password is compromised. Internal security protocols complement these features, including strict employee access controls, regular security audits, and ongoing vulnerability testing.

Privacy Policies and Practices

Beyond securing data from external threats, a company’s handling of personal information is a distinct privacy aspect. Empower outlines its privacy practices in publicly available policies. These policies detail how personal and financial information is collected and utilized. The data collected serves legitimate purposes, such as aggregating financial accounts and facilitating financial planning services.

Empower explicitly states it does not sell or rent customers’ personal information to third parties for marketing purposes without user consent. Information sharing with third parties is limited to necessary service providers that help deliver platform features, and these providers are contractually obligated to protect the data. Users retain control over their personal information and communication preferences within the platform.

Customer Support and Account Monitoring

Empower implements automated systems and offers accessible support channels to reinforce account security and user confidence. Proactive fraud monitoring systems detect and alert users to unusual or suspicious activity within their accounts. These systems leverage technology to identify patterns indicating unauthorized transactions or potential security breaches.

Should users have security concerns or need to report suspicious activity, customer support is available through various channels, including phone and email. These support avenues allow for direct communication to address urgent issues promptly. Procedures are established for users to report unauthorized access or other security incidents, with the company investigating and mitigating potential risks.