The Federal Financial Institutions Examination Council (FFIEC) of America has now issued its final supervisory guidance on using social media without breaching current compliance and risk management regulations.
Entitled “Social Media: Consumer Compliance Risk Management Guidance,” the document covers a range of online platforms, from Facebook and Twitter to games and virtual worlds like Farmville and Second Life. It does not apply to text messages and emails. It rules that financial institutions must expand their risk management programmes to identify, measure, monitor and control risks relating to social media use. Key risk areas, say the regulators, include reputational, operational, and compliance and legal risks.
Whilst an institution that uses social media extensively to communicate with customers will need detailed plans for mitigating risk, says the FFIEC, even those who avoid social media altogether will need to consider the issues involved, and to have a programme for monitoring and responding to postings. This is because negative comments and complaints can be posted by users of social media platforms, whether or not the institutions they relate to have a presence there.
In a statement, the law firm Pepper Hamilton LLP said: “The Guidance does not change existing requirements for institutions, but rather qualifies that they apply with equal force to the use of social media. This may pose challenges and limits for financial institutions wishing to engage in informal social media platforms that do not easily lend themselves to compliance with laws and regulations.”
“For example, the FDIC requirement that institutions advertising FDIC-insured products use appropriate designating language may be difficult to comply with for an institution wishing to advertise on Twitter, which limits all posts to 140 characters.”
Despite the data protection regulation being implemented in 2018, 69% of IT decision makers don’t have the backing of their board to achieve GDPR compliance, according to Calligo.
The majority of the region’s 28 member states report that the situation has worsened over the past year, reports business management consultant Verisk Maplecroft.
Regulators in the UK, the US and Hong Kong instituted proceedings against more than 1,700 individuals last year, or four times the number of cases brought against companies.
The US Commodity Futures Trading Commission approved LedgerX as the first regulated clearing house for derivatives contracts settling in digital currencies.