Financial Services Industry Cautioned On Social Media Risks
How should banks and other financial services providers and their employees use social media? What are the risks associated with that use and how can those risks be mitigated? Some useful answers may be found in a guidance entitled "Social Media Risks and Mitigation" recently issued by Washington D.C.-based BITS, a division of the Financial Services Roundtable. The guidance identifies several compliance, legal, operational and reputational risks that can result from financial services companies' unfettered use of social media.
The guidance addresses whether using social media can create compliance issues for a financial service provider. Among the specific areas of concern are applicable domestic and foreign privacy laws and regulations, internal records management and other internal policies, Payment Card Industry (PCI) regulations and Financial Industry Regulatory Authority (FINRA) requirements. From a legal perspective, BITS includes discussion of the blur between employees' business and personal use of social media, the risk of the company being sued as a result of actions taken by employees using social media and the particular challenges of producing social media content in an eDiscovery setting. Operationally, the guidance covers, among other things, the risks of identity theft, disclosure of intellectual property and other sensitive information as well as lack of employee productivity in time spent on social media sites.
Along with each of these risks comes a reputational threat to the institution. BITS suggests the formation of a Social Media Team, including representatives from Marketing, Legal, Corporate Records, Human Resources, Risk Management, Communications, Privacy and Crisis Management, to name just a few, as well as the adoption of two distinct social media policies -- one governing employees' business use and a second covering employees' personal use of social media.
