SSilver - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What are the Sarbanes-Oxley requirements for social media?

Enterprise social media policies should be sure to meet Sarbanes-Oxley requirements. Expert Mike Chapple explains the specific requirements.

I'm putting together an updated social media policy for my company and I'm trying to incorporate all the relevant...

compliance mandates. Is there anything defined in SOX that I should be aware of that might dictate parts of the policy?

Social media is an important communications vehicle for many businesses and should be considered carefully when building a Sarbanes-Oxley (SOX) compliance program. One of the major provisions of SOX is publicly traded companies must make timely disclosures of material information about their businesses. This raises two social media compliance concerns for regulated businesses.

First, if an organization regularly uses social media to disclose business information, then it should ensure those channels are used for SOX-required disclosures. Similarly, organizations should make sure information posted on their social media accounts or websites is accurate and updated promptly. In 2011, FINRA fined Credit Suisse $4.5 million for misrepresenting information, including inaccurate website disclosures.

Second, organizations must ensure any posts made by company officials that may be considered material disclosures are also distributed promptly through other communications channels. Netflix CEO Reed Hastings learned this the hard way in 2012 when he became the subject of an SEC investigation after posting on his personal Facebook page that Netflix monthly viewing had reached one billion hours. The investigation focused on whether this was an improper disclosure and, although it failed to reach a conclusion, it has companies reconsidering the way executives engage on social media.

Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)

Next Steps

Mike Chapple details how to avoid social media compliance pitfalls.

This was last published in February 2015

Dig Deeper on Security audit, compliance and standards