Tuesday, March 12, 2013

Social Media Compliance: Frequently Asked Questions

Last month, I discussed some of the salient compliance requirements associated with using Social Media.* Then, a few days later, I offered to you my article, entitled Social Media and Networking Compliance. This month, on March 6th, I was one of three presenters who gave a webinar for American Banker on Social Media, with special reference to the new rules of the Federal Financial Institutions Examination Council (FFIEC). The proposed rule, issued January 23rd, is entitled "Social Media: Consumer Compliance Risk Management Guidance."
My webinar topic: Social Media – Employee Manual. 
The webinar was very well attended by a diverse cross-section of financial institutions. I found it quite interesting that, when polled during the webinar, by a factor of two to one these companies did not have an Employee Manual, even if about a third of them have policies and procedures relating to Social Media.
I have harped on a certain point regarding policy statements, so here it goes again: policies and procedures are a rather abstract concept to employees; employee manuals, however, for certain rules and regulations, are the most effective means to ensure compliance. Training is an important and an ancillary tool, but employees do not always mentally retain training information. Keep this in mind: an employee manual is a constant reminder of a company's expectations and policies.
One aspect of social media that deserves considerable attention is trolling, using anonymity, and general blogging guidelines. Everybody knows that, for the most part, blogging is electronically available to the public. However, with regard to an individual's employment with a financial institution, what restrictions should be placed on an employee who blogs? From my own research and experience, it would seem that many employees actually have no idea of the implications, requirements, and, in some cases, the potential to easily cross over into violations of federal law or state law.
Here are the risks at stake in social media networking and blogging - though by no means less so for forms of advertising through and use of social media: financial risk, regulatory risk, sales risk, reputation risk, legal risk, strategic risk, and operational risk, such as adverse consequences to business plans, projects, Internet Technology and Information Security protections, and many core departmental functions.
In this article, I will offer a high level FAQs about the use of Social Media (SM), with some additional emphasis on blogging. I will also provide bulleted guidelines to give to employees.
What is Social Media?
SM is a form of interactive online communication in which users can generate and share content through text, images, audio and/or video.
Do companies use Social Media?
HubSpot found that by November 2012 companies that blog incurred an average of 55% more visitors to their sites than companies that did not blog. Statistically, blogging companies may generate 97% more external website links and 434% more indexed pages, both of which are critical to a company’s search rank. And a global survey by McKinsey of approximately 1,700 corporate executives finds that 69% of respondents claim measurable advantages from social media, including a lower cost of doing business, better access to knowledge, increased marketing effectiveness, insight for developing more innovative products and services, and higher revenues.
Does SM cover micro-blogging?
SM includes, but is not limited to, micro-blogging sites (i.e., Facebook, Google Plus, MySpace, and Twitter); forums, blogs, customer review websites and bulletin boards (i.e., Yelp); photo and video sites (i.e., Flickr and YouTube); sites that enable professional networking (i.e., LinkedIn); virtual worlds (i.e., Second Life); and social games (i.e., FarmVille and CityVille).
How do some financial institutions use SM?
SM has been used to receive and respond to complaints, provide loan pricing, and offer generic information about products and services.