Help is here
Use Our Online Tool to Better Understand Government Funding Programs
+ Expand for- Less Details

Access vital funding to help your business remain open, continue paying your employees, and recover from unplanned circumstances due to the COVID-19 pandemic.

Paychex has created an easy-to-use online tool that details the specific federal relief programs and refundable credits available through the Families First Coronavirus Response Act (FFCRA) and the Coronavirus Aid, Relief, and Economic Security Act (CARES). The tool includes helpful links to applications and a comparison chart of loan programs (Paycheck Protection Program and the Economic Injury Disaster Loan program) to help you address what would best meet the needs of your current circumstances.

Access the Tool

We recommend discussing these options with your accountant or trusted advisor to determine the best course of action to leverage the incentives available.

Paychex is actively working to help make the PPP loan application process simpler. If you’re a Paychex client, we’re creating a report and ensuring it reflects changes introduced April 2 by the federal government. To utilize the report, your business or your clients’ business must have run payroll with Paychex in 2019.

Responsible Disclosure

Integrity is one of the core values at Paychex. As such, the security of our systems, applications, and data is paramount. If you believe you have discovered a vulnerability, we appreciate your help in disclosing it to our Enterprise Data Security team in accordance with this Responsible Disclosure Policy.

Report a vulnerability

If you believe an unauthorized party has accessed your account or information, please contact us immediately.

a person reporting vulnerabilities

Our Policy

Paychex encourages researchers to share with our team the details of any suspected vulnerability by submitting the form below. By clicking "Report Vulnerability", you acknowledge you have read, understand, and agree to the guidelines described in this policy for the conduct of security research and disclosure of potential vulnerabilities. Paychex will not take legal action against individuals who discover and report vulnerabilities provided they adhere to these guidelines.

Any information you receive or collect about Paychex, its clients, or their employees during the discovery of a suspected vulnerability must be kept confidential and only used in connection with the Responsible Disclosure Policy. You may not use, disclose, or distribute any such confidential information, including, but not limited to, information regarding your submission and information you obtain when researching Paychex sites, without prior written consent from Paychex.

While we encourage you to report any vulnerabilities you find in a responsible manner, the following conduct is expressly prohibited:

  • Executing, or attempting to execute, a Denial of Service (DoS) attack against any product or website;
  • Posting, transmitting, uploading, linking to, sending, or storing any malicious software or ransomware;
  • Any act of cyber extortion, including threatening the availability of Paychex data or Paychex client data unless a payment is received;
  • Social engineering of any Paychex employee, contractor, client, or prospective client including but not limited to phishing and any testing that would result in unsolicited email, spam, or messages;
  • Unapproved vulnerability or penetration testing;
  • Selling, bartering, or otherwise benefitting from a vulnerability or data that does not belong to you;
  • Downloading, exfiltrating, copying, or otherwise retaining Paychex data or Paychex client data that does not belong to you;
    • Please note that if data that does not belong to you is uncovered as the result of a vulnerability, it must be removed from unapproved systems and further attempts to exploit it must be ceased immediately.  
  • Deliberately destroying, corrupting, or modifying, or attempting to destroy, corrupt or modify data or information that does not belong to you;
  • Violating any applicable international, federal, state, and/or local laws or any applicable agreements;

Paychex commits to the following:

  • Working with you to understand and validate the suspected vulnerability (a valid email or claim form must be provided).

  • Addressing the vulnerability, if deemed appropriate by Paychex, in a timeframe to be determined by Paychex.

Paychex has partnered with Bugcrowd for the administration of this form. Responses and communication regarding submissions may come from Bugcrowd.

#1 Ranked
401(k) Plan Recordkeeper
Work with an expert