As more financial firms use social media, the risk of tainting their image or coming across unethically increases. Companies like Actiance, who focus on social media compliance, can alleviate the strain. SmartBrief’s Linsey Isaacs asked Sarah Carter, vice president of marketing at Actiance, about the many ways financial companies can appropriately manage their social media efforts internally and avoid public conflict. What follows is an edited transcript of the interview.
What costs are associated with doing social media compliance well? How can small businesses do social media compliance in an affordable way?
The first cost associated with social media compliance is the creation of a policy. This can easily be completed internally — after all, we all have experience with a communications policy. If you’re not able to do this internally, then consider outsourcing it. There are a host of social media policies freely available that are a good place to start. Ensure that you piece together an audit plan that goes with your social media policy, there’s little point having a policy, unless you’re able to audit it.
The next cost associated is education — and this is a key element, again this can be undertaken internally, but a regular education program is key to the understanding of your policy. Finally, consider the enforcement of policy with technology solutions. A key element of social media compliance is that of record retention, as well as the control of what individuals, and especially regulated users, can do.
Should companies outsource the handling of their social media, or is it smarter to train someone within the company?
That’s a question that is unique to each company — depending on the expertise and bandwidth available in-house. Many companies with the bandwidth to run their social media channels (post updates, add content, manage Facebook Fans) are taking these operations on in-house, and the practice has benefited them. Selecting an intuitive, easy-to-use solution to manage and report on social media that allows the organization to set policies and also review content is key.
Keeping pace with updates and changes to social media and Web 2.0 tools is challenge most enterprise IT teams are not equipped to tackle. For example, there were 231 individual changes made to LinkedIn, Facebook and Twitter in one week alone. Ensuring these changes don’t impact an enterprise’s social media channels means constant monitoring and feature control implementation.
What are the biggest risks that come with not managing your social media properly? How can this be prevented?
For many heavily regulated industries such as finance, insurance and health care, the biggest risks of not properly managing and securing social media channels are related to compliance and security. Regulatory bodies, such as FINRA, have already levied hefty fines on firms that have failed to retain records of their social media use and ensure that only pre-approved content is shared (we’ve even now seen the regulatory body in India issuing specific guidelines about the use of social media, so expect even more change in this space).
What many small business owners don’t realize is that most, if not all of their Web 2.0 communication is subject to e-discovery regulations, as its “reasonably discoverable,” and may at some point be required to be produced by law. There are also issues with employees disclosing information via social media that may be proprietary, and in some cases even potentially damaging — in these cases, educating employees about appropriate social media use, then putting technology in place to help monitor that use, is integral to ensuring social media is safely enabled.
The use of third-party content on sites like Facebook and Twitter seems to be a growing issue for many companies. Why is it such a delicate issue and how can it be handled appropriately? Are there any other general mistakes companies are making online?
One of the hardest lessons to learn is how perception of endorsement can impact a business. As an individual, no one thinks twice about re-tweeting an interesting article, or “liking” something on Facebook. But for an organization, this activity can be misconstrued as endorsement. Depending on the type of content that is posted, it can be taken out of context or can be contrary to the organization’s values. Another similar mistake that is often made is when individuals who manage corporate accounts mistakenly post personal content on the corporate account.
The best way to prevent these issues from occurring is to first educate employees on what is appropriate and what is inappropriate to post when acting as a representative of the company. Next, a policy should be developed and implemented to reinforce that message. Finally, technology should be put in place to act as a final checkpoint to prevent questionable information from becoming public information.
How soon should companies draft up a social media policy, and what’s the easiest way for them to do it? What should these policies include?
Obviously, the time to develop social media policies and procedures is before you begin — but the changing nature of social media is such that many enterprises never got the chance to develop best practices before they began using social media. With that said, it’s never too late to educate employees about how to effectively and safely use social media and other Web 2.0 tools on the corporate network.
Many employees are unaware of the security issues social media poses: malware, viruses and malicious links can easily expose the corporate network to serious risks. The first step an employer needs to take is education. Once employees are educated about the risks associated with social media, a written policy must be put in place — it should clearly state what is and is not acceptable use of social media. Finally, once policies and education are under way, technology should be implemented to help enforce those policies and procedures.