Beyond the highly regulated financial services industries, others such as insurance, healthcare, and energy are also tightly bound by regulations that govern social media. As the influence of social media channels continues to grow, organizations must have a firm handle on not only regulations themselves, but also on the risks that social media can introduce to an organization.
Under pressures to comply with new media standards, companies are seeking the most efficient plan of action to manage risk and use social media in ways that are beneficial to the organization. The US Federal Financial Institutions Examination Council (FFIEC) served as the first government body to provide guidance on social media usage by financial institutions. These guidelines shed light on what comprises a risk management program for the regulated industries and what steps IT leaders can take to build and execute effective programs. Because these guidelines are applicable to all consumer-facing regulated enterprises, any organization that is regulated and maintains some sort of social media presence is wise to take note.
Top tips include:
1. Don’t hit the kill switch. Put a process in place
Social media can be a powerful tool for any organization when used correctly. Putting a proper risk management program in place is a preventative measure to mitigate risk and avoid compliance issues. A proper program should include governance structure, policies and procedures, vendor risk management, employee training, monitoring, compliance, and proper oversight.
2. Cover the bases
Be sure that the social media strategy falls in line with strategic business objectives. Social media risk management should directly align with the enterprise risk management program. The board of directors or senior management should determine the level of oversight and appoint a department to oversee the social media risk management program. To ensure employees and the company are properly covered or aligned, appropriate reporting is recommended.
3. Educate the eager
Social media guidance for regulated industries is contingent on the organization and existing rules governing the organization. For this reason, ensure all employees understand which regulations directly affect the individual organization. This applies to all. Even companies without active programs need to monitor and analyze social media activity as part of a crisis management protocol. Senior management might want to bring in expert trainers to instruct on both the personal and corporate use of social media.
4. Keep up with regulation
Understand the gray areas. With new and changing regulations, keeping up with social media considerations included in regulatory updates is crucial. With social media still experiencing rapid adoption and change, there are many unknowns regulators are still looking to define. Even in offering guidance, the FFIEC has not done a deep dive into the risks of having a presence on emerging social sites.
Social media can be a powerful tool. Establish a strategy aligned with enterprise-wide objectives to use social media compliantly as an asset and a business benefit.Bill Shute is executive vice president, corporate strategy and marketing, at Viewpointe. He has more than 19 years of experience in customer-focused product and service delivery. View Full Bio