FFIEC Releases Final Guidance on Social Media Risk Management for Financial Institutions FFIEC Releases Final Guidance on Social Media Risk Management for Financial Institutions

FFIEC Releases Final Guidance on Social Media Risk Management for Financial Institutions

The Federal Financial Institutions Examination Council (FFIEC) recently published its final guidance on social media in an effort to offer risk assessment and management assistance to financial institutions that use social media to connect to their current and potential customers. A full copy of the guidance can be found here
 
The guidance encourages financial institutions to create a social media risk management program in order to identify, measure, monitor and control social media risks.   Institutions are encouraged to create a risk management program even if they have chosen not to utilize social media, because regardless of the institutions’ decision not to actively participate, social media can still be used by consumers as a platform to voice negative comments or complaints regarding the institutions.
 
Social media risks can be grouped into three categories:  First are compliance and legal risks, which arise from the potential violation of laws or regulations.  For example, if social media is used to market products or originate accounts, there are risks of violating applicable laws, such as the Truth in Savings Act.  Second are reputational risks, which are those that arise from negative public opinion or dissatisfied customers.  Third are operational risks, which arise from the potential loss resulting from the institution’s use of Information Technology.  Examples include distribution of malware or malicious software through the social media platform.    An institution’s risk management program should address all three types of risk and involve participation from all applicable departments, including compliance, technology, information security, legal, human resources and marketing.

This publication is intended for general information purposes only and does not and is not intended to constitute legal advice. The reader should consult with legal counsel to determine how laws or decisions discussed herein apply to the reader's specific circumstances. 




View Full Site View Mobile Optimized