It's a regulation.
"It doesn't create any new obligations or burdens," Khalil said. "To create any new obligations we would have to issue a regulation. We can't impose new obligations through the guidance. That's important to emphasize, because a lot of people have been referring to this document as a regulation or as rules, and that is not correct."
A financial institution's examiners could not cite violations of the guidance, she said. "You can't technically violate guidance. You can violate the laws and regulation referred to in the guidance, but not the guidance itself."
And FIs actually asked for this, according to Khalil. "The agencies had been hearing from regulated institutions that were interested in using social media that guidance from the regulators would be helpful in putting together risk management approaches to social media," she said. "Because there's an absence of guidance from the agencies, some institutions were concerned they didn't fully understand the risks social media could raise and all of the regulations that could apply."
It's meant to discourage FIs from using social media.
Not so, Khalil said. "The guidance was not put together in response to any problem or issue we were seeing. It was not motivated by a desire to discourage banks from using social media. But we hope that it raises issues FIs will find helpful to consider when putting together social media programs."
The guidance requires all FIs to have the same risk management program for social media.
Among the 80 comments the
The guidance prohibits FI employees from having their own social media pages.
In drafting the guidance, the agencies wanted to avoid wading into the waters of employment law, Khalil said. "We're not being prescriptive regarding the policies financial institutions should have around their employees' use of social media. We did raise the issue that employee use of social media can raise certain risks for financial institutions that it may be useful to consider." But the
FIs are now required to monitor everything said about them on social media.
"A financial institution should regularly monitor the information it places on social media sites," Khalil said. Banks should also consider whether and how to respond to communication about them on social media sites. "But we did not propose requiring the financial institution to monitor everything said about it on social media."
The guidance requires the board of directors and/or senior executives to directly oversee social media initiatives.
"We're not creating any new or special reporting requirements or board oversight requirements that are specific to social media," Khalil says. "As with any risk, any activity, board and senior management have oversight responsibilities generally." The board and senior management should be informed and aware of a bank's social media activities and risk management generally, according to Khalil.
FIs need to constantly monitor the social media activity of any third parties they work with, to make sure they're not discussing the bank in an inappropriate way.
Banks and credit unions have to be able to calculate a return on investment on their social media efforts.
Some bankers worry about this requirement, believing that return on investment is too hard to measure on fledgling social media programs.
"The proposed guidance does not offer any metrics or calculations," Khalil noted. "There's no specific metric calculation that we're imposing."
|Copyright:||(c) 2008 Source Media Inc. All Rights Reserved.|
|Source:||Source Media, Inc.|