Social media is here to stay, have you adapted your marketing efforts?
The Federal Financial Institutions Examination Council (FFIEC) released final guidance late last year on the applicability of consumer protection and compliance laws, regulations, and policies to activities conducted through social media. Have you read the guidance and are you following it? Now is the time to review this guidance and establish a policy for communications via social media.
There are not any new requirements set forth in this guidance. Instead, it was compiled to assist financial institutions understand the compliance and legal risks, and the reputation and operational risks they may face when using social medial.
A risk management program should be included as part of your credit unions policy for social media communications. There are a number of important elements to consider when developing a risk management program for your social media advertising. The guidance lists seven components to include in your risk management program:
- “A governance structure with clear roles and responsibilities whereby the board of directors or senior management direct how using social media contributes to the strategic goals of the institution (for example, through increasing brand awareness, product advertising, or researching new customer bases) and establish controls and ongoing assessment of risk in social media activities;
- Policies and procedures (either stand-alone or incorporated into other policies and procedures) regarding the use and monitoring of social media and compliance with all applicable consumer protection laws and regulations, and incorporation of guidance as appropriate. Further, policies and procedures should incorporate methodologies to address risks from online postings, edits, replies, and retention;
- A risk management process for selecting and managing third-party relationships in connection with social media;
- An employee training program that incorporates the institution’s policies and procedures for official, work-related use of social media, and potentially for other uses of social media, including defining impermissible activities;
- An oversight process for monitoring information posted to proprietary social media sites administered by the financial institution or a contracted third party;
- Audit and compliance functions to ensure ongoing compliance with internal policies and all applicable laws and regulations, and incorporation of guidance as appropriate; and
- Parameters for providing appropriate reporting to the financial institution’s board of directors or senior management that enable periodic evaluation of the effectiveness of the social media program and whether the program is achieving its stated objectives.”
Take a moment and review the complete guidance here: https://www.ffiec.gov/press/pr121113.htm