Social Media Policy Guidance for Financial Institutions Good for All
The highly regulated financial services industry has been given another set of social media guidelines. Most well known might be FINRA’s (Financial Industry Regulatory Authority) two notices (published January 2010 and August 2011) to try to assist with the use of social media within regulatory standards. More recently, the DFI (California Department of Financial Institutions) has offered guidance to financial institutions towards developing social media plans and policies, portions of which can be applied toward any industry.
The use of social media is a hot topic for all industries, with most embracing the channel as an important way to stay connected to customers. A short DFI survey published in the December issue of DFI’s Monthly Bulletin proved very revealing. The survey asked three questions:
- Do you have a social media plan?
- Do you have a social media policy? And
- Does someone look at public websites, e.g., Yelp, Twitter, Google search, etc., for reviews and postings on your financial institution?
The answers: 96 financial institutions or 28 percent responded “yes” to a social media plan and 245 financial institutions or 72 percent responded “no.” To having a social media policy, 140 institutions or 41 percent responded “yes” and 202 institutions or 59 percent responded “no.” As for reviewers, 133 institutions or 39 percent responded “yes,” 85 institutions or 25 percent responded “no” and 124 institutions or 36 percent responded “not applicable.”
With only 28 percent of the survey respondents saying, “we have a plan” the February issue of the DFI’s Monthly Bulletin offered the following to be considered before embarking on social media activity:
- What does your financial institution expect to gain from using social media?
- How will the plans be implemented and over what period of time?
- Who are the “target” viewers?
- What types of bank activities/postings are planned?
- What types of social media do you plan on using and how do you plan to use them?
- How will the social media activities be managed and by whom – internal and/or external?
- Who will the social media staff report to within your financial institution?
- Who and how will these activities be reviewed/audited?
The DFI also recommends that a “financial institution should perform a risk assessment based on the complexity of your goals and objectives prior to implementation.” In addition the assessment should identify “all key risks (e.g., reputational, legal and operational) for which risk mitigation strategies should be developed and incorporated into the social media plan.”
Sounds like a good exercise for any industry, doesn’t it? But how many of us take that time before leaping into execution mode?
As a follow up, the DFI offered another social media installment in its March Monthly Bulletin, this time aimed at the 59 percent of responders that did not have a social media policy.
The DFI recommended financial institutions address these key elements within a policy framework for social media:
- Description of the approved Social Media Activities (e.g. Facebook, LinkedIn, Twitter, Yelp, etc.)
- Establishment of responsibility for the social media program oversight.
- Establishment of the appropriate reporting authority.
- Designation of staff members authorized to manage and respond to social media inquires and postings.
- Specification of type of use for social media (business use only?)
- Guidelines for personal use, if allowed.
- Definition of permitted content (e.g., communications, product promotions or advertisement, customer education, etc.)
- If advertising products and services, inclusion of applicable consumer protection laws and regulations requirements (e.g. FDIC insurance, Truth in Lending, etc.)
- Employee training program.
- Social media procedures to detail how activities are to be performed.
- Description of reporting metrics to monitor the social media program’s goals and objectives.
- Regular review and updates for the policy and procedures.
Again, this is a really good list to be included in anyone’s social media policy.
With so many social media mediums out there, it’s important for all businesses to establish a social media plan and a social media policy. Having them will prove more important as employee adoption (and perhaps abuses) grow.
- IT Security
- Internet Privacy
- Messaging Security
- Email Security
- Mobile Security
- Internet Security
- Cloud Security
- Information Security
- Internet Privacy
- Privacy Protection
- Email Encryption
- Data Breach Protection
- Spam Filtering
- Virus Protection
- Botnet Detection
- Internet Worm Protection
- Social Business
- Managed IT Services
- Mobile Devices
- Disaster Management
- 1 of 245