I read that an average Fortune 100 company suffered from 69 compliance incidents involving social media accounts...
each year. What sort of compliance violations are most common among financial institutions using social media, and how can my organization avoid making them?
Companies around the world are now fully on board the social media bandwagon because they understand the importance of communicating with customers in the manner and style that the customer prefers. This often means receiving information about specific customer accounts, service complaints and other issues via social media, even if the company does not directly solicit such input. This can cause serious compliance issues for firms. A recent Nexgate report found that Fortune 100 companies experienced an average of 69 social media compliance incidents each over the preceding 12 months. Let's take a look at a few of the major categories of social media compliance issues among financial institutions covered in that report.
First, financial institutions must comply with FFIEC Regulation DD and NCUA 707 which govern deposit account marketing. The Nexgate report found banks often run afoul with this requirement by using the word "free" to describe accounts that have minimum balance requirements and penalties, which is in violation of these requirements.
Second, FFIEC Regulation Z, the "Truth in Lending" requirement mandates that financial institutions disclose clear descriptions of credit terms. These descriptions must include the annual percentage rate, the repayment period of a loan, down payment requirements and other information. The brevity of social media communications often causes marketers to omit some of this required information.
Finally, NASD 3070 requires financial institutions respond to written customer complaints within a reasonable period of time. Customer comments on Facebook, Twitter or other forms of social media, directed at the institution may be considered written customer complaints. If the institution does not respond, it may be in violation of this requirement.
Social media is a valuable communication tool for financial institutions but it is also a potential minefield. Banks, brokerages and other financial institutions should maintain expertise in social media compliance requirements and carefully monitor use of these tools.
Ask the Expert:
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today. (All questions are anonymous.)
Learn more about the importance of social media compliance, why social media is both a security challenge and opportunity and some best practices for social media security
Dig Deeper on Social media security risks
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.