FFIEC Releases Guidance on Social Media Use by Financial Institutions
In January of 2013, the Federal Financial Institutions Examination Council ("FFIEC") released the “Social Media: Consumer Compliance Risk Management Guidance”(the “Proposed Guidance”) to help financial institutions understand and address the risks associated with social media activities.
Q: What is the definition of social media?
A: Under the Proposed Guidance, the social media includes micro-blogging sites (like Google Plus, Facebook, MySpace, and Twitter), online forums, blogs, bulletin boards, customer review sites, photo and video sharing sites, professional networking sites, virtual worlds, and online social games.
Q: What risk management measures should the financial institutions take in order to control the risks related to social media?
A: According to the Proposed Guidance, the financial institutions should have a governance structure with clear roles and responsibilities as well as controls and ongoing assessment of risk in social media activities, policies and measures regarding the use and monitoring of social media and compliance with all applicable consumer protection laws, regulations, and guidance (including methodologies to address risks from online postings, edits, replies, and retention), and due diligence process for selecting and managing third-party service provider relationships in connection with social media, etc.
Q: What other laws or regulations are implicated in the Proposed Guidance?
A: The Proposed Guidance includes an extensive list of financial consumer protection laws and regulations that may potentially be implicated by a financial institution’s social media activities, including the Truth in Savings Act/Regulation DD, Equal Credit Opportunity Act/Regulation B, Fair Housing Act, Truth in Lending Act/Regulation Z, Real Estate Settlement Procedures Act, Fair Debt Collection Practices Act, Electronic Fund Transfer Act, Bank Secrecy Act, and Community Reinvestment Act.
Q: When is the deadline for the comments on the Proposed Guidance?
A: The FFIEC has solicited comments on the Proposed Guidance, which are due by March 25, 2013. The FFIEC specifically requested comments in response to the following questions:
1) Are there other types of social media, or ways in which financial institutions are using social media, that are not included in the proposed guidance but that should be included?
2) Are there other consumer protection laws, regulations, policies or concerns that may be implicated by financial institutions’ use of social media that are not discussed in the proposed guidance but that should be discussed?
3) Are there any technological or other impediments to financial institutions’ compliance with otherwise applicable laws, regulations, and policies when using social media of which the Agencies should be aware?