By: Mike Pagani
The siren call of social media is nearly irresistible — all that consumer data for targeting, the opportunity to build more nuanced relationships with consumers through outreach, education and responsiveness, and all with a personal touch. Think about the value and convenience of meeting your customers where they are — on their smartphones and tablets. Furthermore, you have the creative extension of your brand across traditional boundaries. Social media offers tremendous business advantage in reaching prospective customers and staying in touch with current ones, and it is increasingly central to outbound communications strategies in all types of industries, including financial services.
With that being said, not everyone can tweet away with the freedom of a reality TV star. People are understandably serious about their bank account and investment related information, so financial institutions have to walk a tightrope when it comes to social media. The financial sector is heavily regulated, and social media activities fall under the compliance umbrella. Without the right controls, social media can be a recipe for disaster — but opting out of campaigns to create loyal customers and win new ones isn’t an option either.
BYOP vs. BYOD
Lessons learned from the Bring Your Own Device (BYOD) phenomenon confirm that having the proper management tools and technology in place will be the key to making it safe to Bring Your Own Persona (BYOP). Successful adoption of personal social media applications and networks for business communication will require the entire organization to work together to form the right strategies, plans, implementation and support processes.
Secure, effective implementation of BYOP will require open cooperation between IT, legal and marketing stakeholders in addition to teams responsible for meeting regulatory requirements.
When it comes to staying competitive in regulated industries, organizations are challenged daily by the dilemma of balancing risk versus reward. In this case, what is the cost-benefit breakdown when allowing the use of personal networks and social media platforms to promote and grow the business? Pre-approval for social media communications mitigates risk but severely impacts the timeliness of communication. Social media opportunities appear and play out quickly, so processes related to initiation and participation have to be expeditious.
Supervising social media communications with solutions that enable real-time monitoring and automated policy checking is proving to be the right approach to balancing governance and control with business and communications agility.
Collaborating to Work Through Compliance Challenges
As BYOP moves from concept to reality, it’s important to understand the roles and challenges of your stakeholder groups and how they will work together to safely manage use, address regulatory requirements and reduce the likelihood of individual (and potentially conflicting) strategies for your organization’s social media presence.
Compliance has to ensure inbound and outbound content is captured, archived and actively supervised by establishing policies for flagging keywords and addressing questionable content. The challenge to this team is magnified when communications happen under the radar on personal networks or devices.
Marketing is challenged with staying ahead of the curve by introducing appropriate new social media platforms to promote products and services. Marketing acts as the social media epicenter — the place where you can curate and generate relevant content such as blogs and posts, responding to incoming messages and ensuring timely alignment with company campaigns and newsworthy events — in addition to their more standard responsibilities.
Your legal team must be able to quickly respond to discovery requests or litigious events where specific messages and content are relevant. They are responsible for understanding current industry regulations, consumer protection laws and local and state statutes that may have a direct impact on how the organization uses social media. International consumer data privacy laws like the General Data Protection Regulation recently approved by the EU will add to the complexity and scope of their responsibilities.
IT is often the hub for the back-end operations, making sure the systems and software are in place to properly execute and automate the compliance-driven processes that go hand-in-hand with social media profiles and personas. More and more, IT is an agent of change, scouting out new technology platforms and opportunities to enhance the enterprise’s reach and revenue. IDG’s 2014 Consumerization of IT in the Enterprise Study shows that 56 percent of survey respondents indicated that either the CIO or other top IT executives were the primary leaders driving change through the consumerization of IT at their organizations.
Even the C-suite has a stake in creating and implementing a social media strategy and policy. According to the annual Sutherland Analysis of FINRA Sanctions — featured in the Smarsh annual compliance survey for 2015 — $134 million in fines were levied in 2014. This 125 percent increase represents the biggest spike since 2005.
The C-suite should also take notice that for the second year in a row, the number of people who were barred or suspended increased this year by 15 percent.
Additionally, the report shows the number of requested content types has increased across the board, with social media, instant messages and text/SMS messages rounding out the top five.
Collaborating allows all groups to communicate their specific needs and pain points, which can inform the creation of a comprehensive and robust social media strategy and policy. It also decreases the potential for system silos and can eliminate instances of separate, narrowly focused plans that may inadvertently increase the potential for risk.
The collaboration process is an excellent opportunity to identify individuals within the larger stakeholder groups who can be looked upon as super users. Each member of the smaller group can represent their native team and communicate notable updates (e.g. new regulations) that impact social media activities. This team can double as a cross-department training team to explain the benefits of social media, risks and risk management procedures, your organization’s position and strategy, internal and external use, rules of engagement and the needs and roles of stakeholder groups in an enterprise-wide context.
Key Drivers of BYOP
Traditionally, marketing would request use of social media to take advantage of its many benefits, only to have it prohibited due to concerns about regulatory violations (compliance), lack of solutions to execute compliance-driven policies (IT) and inherent risks (legal department). Closing this compliance gap — the lag between allowing new communication channels and having the policies and systems in place to manage them — is required to responsibly enable BYOP.
Other key drivers for BYOP include tapping into the targeted, built-in audience of an employee’s personal network, creating more personal customer experiences and optimizing marketing efforts. Employees don’t want to risk losing their base followers by creating or managing multiple profiles. Responding when, where and how they prefer creates a more “personal” experience, even when the response is made in a public setting.
By sticking with a platform (i.e., LinkedIn) they already know that allows them to communicate on a one-to-many basis and using their existing profile, they can continue to position themselves as a trusted resource within their network while further solidifying your organization’s position as an industry leader.
4 Steps for Establishing a Strategy for BYOP
After understanding the drivers, risks and benefits of allowing the use of personal social media accounts and networks, you can establish a company-wide social media strategy and plan that keeps you competitive and compliant.
First, determine which stakeholders in your organization have an existing business need for it. Chances are, your marketing department has wanted to leverage the reach provided by social media networks for quite some time. We’ve also seen individual advisers/reps wanting to leverage their own personal networks and accounts to keep in touch with their existing customers and to attract new customers by promoting themselves and the financial offers they represent.
Second, determine which social media channels to start with. The Big 3 social media platforms most financial services organizations start with are LinkedIn, Twitter and Facebook. LinkedIn is by far the most popular, due to its professionally oriented “networking” attributes. Twitter is a close second and is a highly effective means of disseminating headline-style sound bites and actionable links to a defined group of “followers.” Third choice Facebook is often not a great candidate for BYOP because of its highly personal nature and lack of control over content others create on the page (e.g. posts and comments).
The third step is to create policies for the allowed use of the approved channels. The compliance team and key users should collaborate to establish rules for the type of content that can be disseminated and who has access to use it. Establishing the right set of policies for BYOP is probably the single biggest factor in making it successful. This is also the time to establish the lead individuals in your organization that will manage the BYOP process once it is implemented.
Finally, determine how best to enforce the established policies and the process of reviewing and responding to potential violations. Advanced archiving technology can play a major role in automating the management of BYOP and ensuring the completeness of the supervision to mitigate risk and maintain compliance.
Putting the Right Technology in Place
In today’s fast-paced and immediate-action-oriented world, the ability to respond and participate in market-impacting, customer-relevant developments and topics in a timely manner is critical for marketing and sales organizations in all industries.
Pre-approval versus active monitoring of social media communications is a major topic of debate. In a perfect world, every response, action, comment or proactive statement delivered by the company via social media would be checked and approved before being broadcast. However, as most firms that do pre-approval will tell you, it is very hard to stay agile and responsive if pre-approval is applied to every piece of communication.
Archiving technology will inspect all social communications and flag any messages or content that needs to be reviewed for potential violations in real time. Even though messages and content have gone out, they will be caught and timely corrective action can be taken if they are indeed a problem from a branding, compliance or risk standpoint.
Social media tools and communication channels are necessary to stay competitive and relevant, but they bring with them risks and challenges. Automating the process of checking all social media communications against established policies for approved use, especially when personal accounts and networks are in play, is critical to mitigating risks while empowering the right balance of speed, agility and reach. With the right solutions and strategies in place, you can sail on to success without worrying you’ll end up on the rocks.
Mike Pagani is the Senior Director of Product Marketing and Chief Evangelist for Smarsh. Mike is a seasoned IT professional and recognized subject matter expert in the areas of mobility, identity and access management, network security and virtualization. Prior to joining Smarsh in November 2014, Mike held executive-level corporate and technology leadership/spokesperson roles for Stay-Linked, Quest Software, NComputing, Dell Software and others.Published by Conselium Executive Search, the global leader in compliance search.