Scotsman Guide > Residential > June 2014 > Article

 Enter your e-mail address and password below.


Forgot your password? New User? Register Now.
   ARTICLE   |   From Scotsman Guide Residential Edition   |   June 2014

Social Media Risks and Rewards

A governance plan helps mitigate risk and builds brand equity

Smart businesses have always recognized that they need to be where their customers expect to find them. When it was clear that social media was here to stay, many mortgage companies created a social media brand presence for their customers. These companies also realized that their retail offices and originators needed to have their own social media points of presence to connect with their local markets. Generally, this meant that many companies viewed  social media as the domain of their  marketing team.

These businesses recognized, however, that with social media came risk. In that regard, this past December marked a sea change in how mortgage companies should manage their social media when the Financial Institutions Examination Council (FFIEC) released its final Social Media Guidance.

Up until the FFIEC provided guidance, mortgage companies varied widely in how they approached social media. Many took the conservative stance and tried to limit it to just corporate brand messaging or, in some cases, even  declared a policy prohibiting the use of social media. Some, however, resigned themselves to a more laissez-faire  philosophy, believing that the social media genie was out of the bottle and was unmanageable. Social Media Risk and Rewards

Still, neither approach really addressed the risk issue. Risk to brand and reputation was ranked as one of the chief corporate risk concerns by Aon plc in its 2013 “Global Risk Management Survey,” by Deloitte in its most recent “Exploring Strategic Risk” release  and by PricewaterhouseCoopers in its release, “Fit For the Future: Capitalising on Global Trends.” All of these studies  cite social media as a key reason why brand risk has been elevated in the eyes of many companies’ executive management. Risk to reputation is  only one risk that must be managed, however; risk to intellectual property and compliance also top the list, with the latter being especially pertinent  to regulated industries like the  mortgage arena.

Many of the chief executive officers surveyed in the previously mentioned PricewaterhouseCoopers study stated that the No. 1 trend that will transform business in the next five years is technological advances such as the digital economy, social media, mobile computing and big data. So, you can rest assured that the trend of businesses seeing social media as both a transformative opportunity and a risk is going to be a topic of discussion for some time to come.

That is why getting a handle on your social media governance now will help you manage corporate risk in the  future. The good news? The FFIEC’s guidance is all about managing corporate  risk. By developing a social media  governance plan, you will be able to comply with the FFIEC and the Consumer  Financial Protection Bureau (CFPB), mitigate corporate risk, help build your brand equity, and be able to scale your social media business practices from your company’s management all the way down to its frontline employees.

Guidance highlights

The key members of the FFIEC — the Office of the Comptroller of the Currency, the Federal Reserve, the Federal Deposit Insurance Corp., the National Credit Union Administration and the CFPB — will be  diligently watching social media compliance in the financial sector. The State  Liaison Committee also is encouraging  state regulatory agencies to adopt the FFIEC’s guidance, and several states  (such as Washington, Texas, California  and Arizona) have taken the lead in  regulatory oversight.

The FFIEC expects every company to implement a risk-management program to assess and manage social media risks. This program must include:

  • Clear roles and responsibilities for board members and senior management to direct corporate objectives, establish controls and define an  ongoing assessment of risks for  using social media.
  • Policies and procedures regarding  the use and monitoring of social  media and compliance with all applicable consumer protection laws and  regulations, and incorporation of guidance as appropriate. Policies and procedures should incorporate methodologies to address risks, including fraudulent use of a company’s brand.
  • A risk-management process for selecting and managing third-party relationships.
  • An employee-training program that incorporates the policies and procedures regarding work-related use of social media and, potentially, for other uses of social media, as well.
  • An oversight process for monitoring social media sites.
  • Audit and compliance functions to ensure ongoing compliance with internal policies and all applicable laws and regulations, and incorporation of guidance as appropriate.
  • Parameters for evaluating the achievement of the objectivesset out by a company’s board of directors and senior management.

If you believe that your organization has these compliance criteria under control, you may need to reconsider. In a recent social media study of the mortgage industry, less than 20 percent of the social media sites of top mortgage lenders were compliant to even the most basic requirements.

Your governance plan

There are two main aspects of social media governance: social content governance and social presence governance.  Until recently, many companies’ focus on social media had been on their content exclusively, so governance has largely focused on content, as well. The primary governance tool to date has  been a corporation’s social media policy,  which covers how employees may or may not interact with people on social media and what they are able to say.

Now is a good time to update this policy as part of your guidance review. You also may have social media publishing tools to help your company and its originators select pre-approved content from a library and implement an archiving system to record your organization’s content stream. All of this is part of good social media governance.

What many companies have been missing, however — and is now required —  is governance of their social media presence. A solid governance plan now must include social presence governance to manage corporate risks and allow a company to scale its social programs.

What is a presence and why should it be managed? Points of presence are the websites and social sites of a company and its employees that need to be  inventoried in order to be monitored. It is critical to know where your brand and services are represented on the Web before you can monitor them for compliance. By knowing your full  inventory, you’ll be able to manage corporate risks, maintain compliance, strengthen brand equity and measure your social footprint. After all, you can’t measure what you don’t know.

To create your own social media  governance plan, you’ll need to engage the stakeholders across your company to ensure that all risk aspects have been considered. This may include your chief compliance officer, general  counsel, chief risk officer, chief market- ing officer, chief information officer, president and the assigned board member in charge of social media.

A good governance plan includes a continual brand-presence management process across the Web and on social channels. Facebook, LinkedIn and Twitter are typically the most popular  social media among mortgage companies  and their employees, so priority should be given to those social networks.

There are many other points of presence, however, including Instagram and  Pinterest, so a thorough Web and social network audit is important. Regardless, four processes are necessary to ensure sound social presence governance so that you know you have an accurate and compliant social footprint.

1. Discovery

Discovery is the process of scouring the Web to find all of the pages and social sites that claim to be representing your brand. Be on the lookout for a strong relationship claim made in a site’s profile data, URL address or general identity. Customers who have  recently commented via blogs or social media that they have a new mortgage with your company are not sites that are representing themselves as your company, but originators who list your company name and logo in their profile are representing your organization.

The discovery process should also uncover any fraudulent site or brand infringements. Of course, these should be immediately sent to your legal department.

2. Inventory

Once you’ve located every pertinent piece of online content, place each page and site in an inventory to be organized by category, discipline, concerns and requirements. The inventory should be a working document that all company stakeholders can access. Whether you use spreadsheets, Sharepoint folders or a software-as-a-service (SaaS) brand-presence manager is up to you, but you should consider how the different stakeholders  will access and record workflow in order to set up your inventory and  documentation program.

Useful categories may include: corporate- owned (i.e., your company-branded points of presence); employees; VIPs (i.e., your CEO and other company thought leaders tweeting under their own names); partners; and advocates. If certain customers often talk about your company and begin to associate themselves strongly with it over time, you may want to keep them in an  inventory as advocates.

3. Monitoring

Once you have everything inventoried and categorized, you can then monitor these points of presence. The first order of governance is monitoring for corporate risks, including  regulatory compliance, corporate policy compliance, profile changes for security  and general health of the site.

You also may monitor for brand standards, social footprint growth and other objectives of your social media strategy. This helps you strengthen your brand on the Web so that customers are assured of a consistent  experience. A consistent brand experience builds brand equity.

4. Protection

Finally, create a schedule to patrol the Web for new points of presence that  appear to represent your brand. Your executive team should create a  schedule that meets its risk-mitigation plan, and you should adhere to it.

The goal is to find anything new that appears to represent your brand. If a point of presence is in fact yours, it needs to be placed in your inventory and monitored. If it is not yours but looks like your company, it should be sent to your company’s legal group.

This may be tedious but it’s important. A point of presence can be created by anyone on any social network within a matter of minutes, so a frequent schedule to patrol the Web is critical to mitigating risk to your brand.

•  •  •

Social media is a powerful marketing, branding and relationship channel. To some, the FFIEC’s guidance may feel burdensome, but adhering to a solid social media governance plan is the first step to growing a strong social business. With its ground rules now in place, the mortgage industry is primed to have significant growth in social  media practices, and this will be growth with managed risks.

Now is the time to lay the foundation for managing your brand and protecting your enterprise with a social media governance plan. You will be ready to expand the reach of your  employees and your brand, giving  your customers the positive experience that they expect while also minimizing the risk to your business. If and when the CFPB comes knocking, you’ll be ready. 


Fins A Lender Post a Loan
Residential Find a Lender Commercial Find a Lender
Scotsman Guide Digital Magazine

Related Articles



© 2019 Scotsman Guide Media. All Rights Reserved.  Terms of Use  |  Privacy Policy