Banks and other financial institutions in the US have been told to establish a "risk management programme" for social media to ensure that key staff do not inadvertently release sensitive information.
The programme would ensure that they can "identify, measure, monitor, and control the risks related to social media", according to draft guidance from the Federal Financial Institutions Examination Council (FFIEC).
"The risk management programme should be designed with participation from specialists in compliance, technology, information security, legal, human resources, and marketing," stated the FFIEC said in its draft guidance.
It added: "A financial institution that has chosen not to use social media should still be prepared to address the potential for negative comments or complaints that may arise within the many social media platforms described above and provide guidance for employee use of social media."
The document, called Social Media: Consumer Compliance Risk Management Guidance, calls for an "oversight process for monitoring information posted to proprietary social media sites administered by the financial institution or a contracted third party". Furthermore, senior managers within banks need to be appointed with clear responsibilities for establishing controls and conducting "ongoing assessment of risk in social media activities".
The FFIEC recommended placing social media use under banks' compliance functions, as well as considering the implementation of "social media monitoring tools and techniques" not only to ensure that staff are compliant, but also to make sure that social media does not get used in the bank's name by third parties, such as fraudsters and people involved in "pump and dump" share scams, for example.
The report also highlighted how banks need a policy to govern employees' personal use of social media, governing anything that may "implicate(s) the financial institution".
At the same time, the FFIEC suggested that banks also need to be responsive to enquiries and complaints brought to their attention via social media, too, suggesting an active presence on social media.
Does Google know too much about you?
Are you ready for BYOD? Here are seven questions you should answer as you roll out new mobile capabilities
Uncertainty about return on investment and skills shortages needs to be overcome if the promise of big data technologies is to be fulfilled
Date: 25 Jun 2013
The IT Leaders Forum brings together the senior IT professionals who drive technology decisions within major UK enterprises. The forum provides delegates...
Date: 17 Sep 2013
Security is a top priority for IT professionals, and one of their biggest challenges is remaining up to date with new threats posed by cyber criminals....