Social Media and the Banking Industry: The Risks
Posted by heatherribelin
In past posts, I touched upon some of the benefits of social media usage in the banking industry and highlighted some of the ways in which several of the leading banks are utilizing social media effectively to take banking to the next level. There seems to be many positive reasons why banks should jump on the social bandwagon, and jumping they are! Social media offers banks new and exciting ways in which to market to and communicate with their customers. It breathes new life into a rather stuffy industry and allows banks to form more personal relationships with their customers. This personal communication has the ability to build trust and brand loyalty in an industry that is finding it increasingly more difficult to offer unique products not already offered by its competition. Although social media may seem like a godsend to many, it is extremely important that we not neglect the other side of the coin. We must always ask, are there also risks of using social media? And if so, what can be done to lessen the severity of the risks?
Well, it should come as no surprise that in banking, like with any business, there are risks involved. That will always be a given. Add to that the informal and largely insecure world of social media, and it sounds like a recipe for disaster. However, it should also come as no surprise that the banking industry is one of the most heavily regulated industries in the United States, and many times those existing regulations flow into the social landscape to help keep banks and customers safe.
So what risks are involved when banks enter the social arena?
Compliance and Legal Risks
Of course, since the banking industry is so heavily regulated, there is the risk of violating compliance standards, which could, of course, lead to legal risks. (Ouch! This social media stuff is getting heavy!) Thankfully, though, many of the compliance and legal risks are things that banks already deal with in the real world every day. So, they should already have a pretty good grasp on what should and should not be done. For instance, depending on the nature of social media usage, banks need to still be aware of and follow guidelines pertaining to things such as:
The Truth in Lending Act, The Equal Credit Opportunity Act, The Bank Secrecy Act, Anti-Money Laundering policies, Regulation E – Electronic Funds Transfer Act, Regulation CC – Expedited Funds Availability Act, CAN-SPAM Act, Telephone Consumer Protection Act, Title V of the Gramm-Leach Bliley Act… just to name a few!
So, they’ve got their Act(s) together! Well, banks still aren’t in the clear in regards to social media risks. Just as scary (if not, more scary) are the reputational risks that banks can endure when engaging in the social landscape. These risks can be in the form of consumer complaints, privacy concerns, fraud (phishing and other scams), and even employee usage issues.
Any one of the issues listed above could be severely detrimental to the brand’s image. Now, think if several risks occurred at once? That would be one hot mess that I wouldn’t want to clean up! And with the number of risks out there, it is quite possible to be dealing with several issues at once, all while trying to maintain the loyalty and trust of customers.
As if compliance, legal, and reputational risks weren’t enough to scare banks away from using social media – there are also operational risks they must endure. Operational risks would be things such as inadequate or failed processes, systems, or people, which could result in very serious matters, such as a data breach or an account takeover. There is nothing that can kill the trust of a customer faster than leaking their personal and/or financial data. Operational risks are a very real and very scary risk for banks.
So yeah, there really is a lot that can go wrong when dealing with an industry that is in essence entrusted to secure our financial and personal information… and then having them mingle on social media. It really is a fine line they must walk in order to be secretive, yet social at the same time.
We’ve learned about the many risks associated with banks using social media – but what can be done to lessen said risks?
Well, enter the FFIEC! The Federal Financial Institutions Examination Council recently constructed compliance policies and procedures that govern social media activities for the banking industry. Since social media is still in its infancy, the banking industry has kind of been engaging in somewhat of a Wild West manner, with no real guidelines pertaining to social media. Now, the FFIEC has given the industry guidance in effectively engaging in the social landscape while mitigating risks. So, yes, even more regulations for the already heavily regulated. But, what can you do?
Basically, banks are instructed to have a risk management program in place that allows them to identify, measure, monitor, and control various risks in regards to social media usage. Some of the features of the program include the overall governance structure for senior management, policies and procedures to monitor social media usage and to remain in compliance, a due diligence process for third party relationships (such as with Facebook, Twitter, etc), employee training for the proper (and improper) use of social media, audit and compliance measures, and reporting parameters to evaluate the effectiveness of social media usage in relationship to the bank’s overall goals.
So, overall, the idea is to plan ahead and make sure all the little duckies are all in row, much like they already do in the real world. By having a risk management program in place, banks are more likely to mitigate a risk in the early stages before it becomes a huge problem. Like I said, there will always be risks in banking and in social media. But, by being prepared, banks will be better equipped to effectively manage those risks – all the while building trust and brand loyalty amongst their customers.
All images courtesy of FreeDigitalPhotos.net