Mon, Jan 6, 2014
Washington, District Of Columbia
Noting that social media use can impact a financial institution's risk profile, the National Credit Union Administration and its Federal Financial Institutions Examination Council partners released guidance addressing social media policy. It explores how consumer protection and compliance laws, regulations, and policies could be applied to the use of online social media platforms by financial institutions.
A financial institution, the FFIEC wrote, "should have a risk management program that allows it to identify, measure, monitor, and control the risks related to social media." The FFIEC said the size and complexity of such a program should be commensurate with the breadth of the financial institution's involvement in this medium.
Compliance, technology, information security, legal, human resources, and marketing specialists can all contribute to the development of the plan, and financial institutions should also provide guidance and training for employee official use of social media, the FFIEC said.
According to the guidance, components of a risk management program should include:
- A clear governance structure;
- Policies and procedures for the use and monitoring of social media;
- Rules to ensure social media use complies with all applicable consumer protection laws and regulations;
- An employee training program that incorporates the institution's policies and procedures for official, work-related use of social media, and potentially for other uses of social media, including defining impermissible activities;
- An oversight process for monitoring information posted to proprietary social media sites;
- Audit and compliance functions; and
- Parameters for providing appropriate reporting to the financial institution's board of directors or senior management that enable periodic evaluation of the effectiveness of the social media program and whether the program is achieving its stated objectives.