There are two sides to every fence and each company has decide what side of the fence they want to be on regarding social media. Deciding whether to immerse your company in social media is part of your risk assessment. Many believe that if they ban social media or limit the use, they have nothing to worry about. If you believe that, you may be wrong because it is not going away!
Your examiners who monitor UDAAP (Unfair, Deceptive or Abusive Acts or Practices) are becoming very tech savvy. They have learned (like everyone under age 35) that social media is where our world is headed. This means that before you even get an exam notice, you are being monitored by the federal regulators and the state regulators. From what they see and find out about your company, they can choose to do a targeted exam based on an issue that they are seeing online.
So how will you play the social media game?
“If I do not see it, then it does not exist” Plan
This social media plan means that you probably do not want to deal with one more area of compliance. You may have budget issues, time issues; board does not understand issues, etc. This means you are probably not setting policies and procedures, monitoring social media, setting up consumer complaint systems for social media, or corralling your sales force and their use of social media. The easy way is to just write a policy statement that it is not allowed. This plan means that your regulators get to see what is being advertised and said about your company but the executives have little to no idea. Certainly not a good position to be in!
A defensive social media plan means that you understand the impact of social media and have embraced it. You do not want to jeopardize your company, pay penalties, suffer reputational damage or face the board as to why the company did not have a handle on this.
So, you make a plan!
- To form a joint task force between the executive committee, sales, marketing and compliance. (Reminds me of the song, the ankle bones connected to the leg bone and the leg bone is connected to the backbone, etc.) All departments are connected in social media so all departments need to have a say in building the way it will be used and monitored.
- The task force then outlines each type of social media, who it fits and how you might use it.
- The task force structures policies and procedures around how each venue will be used and accessed.
- The task force sets examples and acts as leaders to give employees guidance. After all, how can you monitor LinkedIn if you are not even on it?
- Your team decides on the content, who develops it, who will proof it and who will make sure it does not violate UDAAP.
- How can the employees of your company use each type, and what are the policies and procedures for posting?
- Add a social media addendum for your employee contracts.
- Decide who will monitor what?
- Decide who will archive the postings?
- Decide who is in charge of doing weekly company searches to address any negative postings not on your normal radar screen. i.e. www.ihateabcmortgage.com where a really irate customer set up a site to blast your company. Your examiners will know these sites are out there and so should you. Best practices include performing frequent searches on your company name.
- Your company team will set up a complaint system where the “team” gets reports on who, what, why, when and how it was solved. Your “team” will monitor trends and take action or change policy for problem areas.
- Finally, your company will aggressively train its employees on the acceptable uses of social media, test them and monitor them.
Posturing your company for success leads to a positive experience, versus a nightmare with financial penalties attached to it!