For financial institutions, social media first existed only as an industry taboo. With all the risk associated with social media activity, institutions found they could save time, money and the uncertainty of a tainted reputation by avoiding the trend altogether. Now that social media has evolved, many financial institutions have warmed up to various channels and use them as an integral part of day-to-day business.
While social media can be a valuable forum, it still tends to pose certain perils to financial institutions, which are responsible for managing risk associated with consumer and customer communications, regardless of the medium. Organizations choosing to engage in social media are strongly encouraged to define a clear plan to manage the potential risks; we believe that the technology overlay can play an integral role in this.
Recently, the Federal Financial Institutions Examination Council (FFIEC) issued guidance for financial institutions regarding social media and compliance. While bank compliance teams may be tempted to throw the baby out with the bathwater, I have seen that a good, strategic approach to social media can benefit financial institutions while not hindering compliance. When establishing a plan of action to execute a social media program, financial institutions should be aware of all procedures and processes involved.
First, banks need to determine social media objectives. For a successful program, senior management should set objectives that align with the strategic goals of the institution. The program should be measured and tracked for effectiveness through the use of data and analytics and operate within an ongoing assessment of risk.
[For More of Our Coverage on Social Media2014 Forecast: The Evolution of Social Media in Banking]
Next, it's important to define policies and employee guidance. After goals are in place, policies and procedures must be devised to navigate the risks involved with the campaign. A team of professionals with rich expertise in compliance, technology, information security, legal, human resources and marketing should be in place to devise all policies and procedures. Once this has been established, offer employees guidance on how they can safely and properly incorporate social media. With this, employees should better understand the institution's policies and procedures for work-related use of social media and guidelines as to what might be acceptable for personal use as well.
While activity within a company may be controlled, the same does not ring true for outside commenters on an organization's social media posts. To mitigate risk, financial institutions should have procedures in place to address any such occurrences from public postings.
Banks should review third parties and tech vendors with experience relative to their business. When considering the involvement of third parties, it is pertinent for institutions to understand the types of third parties that might participate in social media programs and the potential liability to their involvement.
If responsibilities are delegated to consultants or agencies, monitoring is ultimately the responsibility of the financial institution. Effective, reliable technology should be in place for institutions to successfully manage the relationship with an outside agency.
In the case that a social media site is owned and maintained by a third party, the financial institution is also responsible for any problems that may occur on that site, such as unintended exposure of personal information or changes to policies that may be unclear. Institutions need to be in full control of the content on all sites hosted by third parties. Ultimately, neglecting to review the involvement of a third party could compromise the reputation of the institution.
It's also important to use the right technology for monitoring. Social media, and its corresponding data, are ultimately the institution's responsibility; therefore, it's crucial for organizations to incorporate social media into their information governance policy to address their social media data management needs. With a proper information governance plan, financial institutions can efficiently manage, identify, collect and review all data related to its social media communications, managing ongoing compliance with internal policies, as well as applicable laws and regulations.
With financial institutions continuing to see the value in social media, it becomes increasingly important to assess all risks involved. Well-run programs can be a boon to the business, and reduce headaches for compliance.
Bill Shute is executive vice president, corporate strategy and marketing, at Viewpointe, and has more than 19 years of experience in customer-focused product and service delivery.