This is Part I of a two part post on American Banker’s “Banking Regulatory Update: New Social Media Rules” webinar. You can view Part II here.
Last week, the Banking.com team sat in on American Banker’s webinar, “Banking Regulatory Update: New Social Media Rules,” which detailed the current policies around social media use by financial institutions. Moderated by American Banker’s own Penny Crosman, the panel of presenters included:
- Mercedes Kelley Tunstall, Of Counsel, Ballard Spahr
- Carl Pry, Senior Director, Treliant Risk Advisors
- Jonathan Foxx, President and Managing Director, Lenders Compliance Group
With content ranging from how to establish a corporate social media policy, general best practices for social media, and analyzing the FFIEC guidance and call for feedback on social media regulation, we wanted to take a deeper dive on the content and connect with some of the experts ourselves. We first spoke with webinar moderator, Penny Crosman, editor in chief of Bank Technology News and technology editor of American Banker.
Q: What social media policies have you seen banks and credit unions using that you think are effective?
Most of the social media policies I know of are dry, legalistic, and boilerplate. The policies drafted by large banks and Wall Street firms seem to be draconian – many don’t allow employees to even access social media sites (except for a few people who work in customer service and marketing). One reason for this is SEC rules that require banks to archive all emails – messages stored on social networks are difficult for a bank to monitor and store. The employees of these companies sometimes use their personal smartphones and tablets to access the sites. I know of Wall Street executives who have Twitter streams under aliases and protect their streams from being viewed by any but their close friends. Commonwealth Bank of Australia last year came out with a harsh policy that insisted that employees report “inappropriate or disparaging content and information stored or posted by others (including non-employees) in the social media environment” or risk being fired. These are examples of going overboard. Banks and credit unions need to find a way to comply with the necessary rules, yet encourage natural, positive engagement on social media. Citi, for one is finding success using software to identify and catch potential rule violations and route those to its legal group, while encouraging its customer services people to maintain friendly and helpful conversations with customers on Twitter and Facebook. I think more banks will turn to software to handle policy compliance, rather than expecting employees to keep all the rules in their heads.
Q: Do you think banks and credit unions are quickly learning how to adapt to these regulations?
Banks and their compliance departments are keeping a close eye on these regulations and are sure to have their own policies in place when the FFIEC publishes its final rules. They are already used to complying with the many existing consumer protection laws the FFIEC cites in its guidance. What some of them may end up doing is freezing all social media activity until they get their policies finalized and employee training conducted.
Q: What would you recommend as the first step for banks to develop social media policies and practices?
I think the logical first step would be to canvass all current social media activity – review all social media pages the bank maintains and ask employees what they’re doing on their own. The second step would be to hire or consult with a good lawyer who can parse out which aspects of the rules apply to the bank’s activities and help create a policy that would enable compliance.
Q: How do you think upcoming Facebook payments capabilities will affect banks’ interactions with social networks?
I think banks may eventually get involved with payments over social networks, but they may be the last to the party, largely because of the regulations they need to be careful of, such as the Electronic Funds Transfer Act. There are also security issues with social media payments, as social passwords are pretty easy to game. Authentication will be tricky and important. I expect banks will be very cautious about this.
Interested in hearing more? Check out Part II with our interview with Carl Pry, Senior Director, Treliant Risk Advisors who spoke to us about how he counsels financial institutions on their social media activities.