Archive for category Compliance
Belbey Blogs: New Guidance on Using Social Media at Retail Banks
Posted by belbey in Actiance, Collaboration, Compliance, eDiscovery, Electronically Stored Information (ESI), Employee Behavior, Enterprise 2.0, Enterprise IM, FFIEC, Financial Services, FINRA, Legal, Malware, Privacy, Retail banking on January 25, 2013
This week, the Federal Financial Institutions Examination Council (FFIEC) released “Social Media: Consumer Compliance Risk Management Guidance. The FFIEC is asking for comments within sixty days. You can download the 31-page document here.
Its release has created quite a stir within the banking industry. A comprehensive article appeared on TheFinancialBrand.com, “Regulatory Shocker on Social Media in Banking Coming Soon” that summarizes the guidance quite nicely.
But . . . what’s so shocking?
We’ve been having the same conversations in the securities industry for three years. And in those three years, firms have learned that there are three major areas of risk that need to be mitigated before deploying social media:
- Security: your IT department needs to prevent your firm’s proprietary and client information from being leaked out either inadvertently or maliciously from the enterprise. They also need to ramp up malware protection. That’s because social media users are susceptible to incoming threats as they view themselves as part of a tribe and tend to click on any link sent by a “friend.”
- Compliance and Governance: your legal and compliance departments already know that there are thousands of rules and regulations that govern the communications and advertising of publicly held corporations, firms in general, and bank specifically. Take the securities industry as an example – the banking regulators aren’t issuing new rules and regulations around social media. Social media is viewed as just another form of written communications. Your compliance department is therefore challenged to interpret existing rules as they apply to social media and to develop and enforce firm policies.
- Enablement: your executive team is concerned about productivity and the bottom line. Now that every employee can be the face of the business, you either have a powerful marketing tool or your worst nightmare. Employees will need to be trained on how to use social media effectively to meet the firm’s goals, such as nurturing existing clients, attracting new business, recruiting, and brand awareness.
However, during the last three years, we’ve learned that all these risks can be mitigated by strong corporate polices, backed up with technology and training.
So far, so good. Nothing new here. Or is there? In addition to what we’ve already seen from other regulators, the FFIEC specifically also calls for:
- Creation of policies to address negative feedback or customer complaints, even if a financial firm chooses not to actively engage in social media.
- Monitoring to protect the firm’s brand identity
- Due diligence and oversight for third-party vendors that firms may hire in connection with social media
And the one that I find most interesting:
- Processes and reporting to demonstrate how social media “contributes to the strategic goals of the institution.”
In other words, the FFIEC recommends that firms measure the ROI of social media.
It will be interesting to see the reaction that FFIEC gets from the industry. I just hope that the banking industry can use some of the key learnings from the securities industry to streamline the processes to reap the benefits of “getting social.”
For more details on how to deploy social media within retail banking, you can also check out Belbey Blogs: Upcoming Guidance for the Use of Social Media for Retail Banking from FFIEC.
Facebook Graph: The Supermarket Coupon Book of Social Selling
Posted by SarahActiance in Actiance, Employee Behavior, Facebook, Financial Services, FINRA, Social Networking on January 16, 2013
You can’t possibly have missed that yesterday, Facebook made a big announcement, with the news that Facebook Graph is to hit our social inbox in the very near future. Here at Actiance, our financial services customers who use social focus to a large extent on LinkedIn as their primary network. Asking as to why, there are a variety of answers:
- It’s viewed as the “professional network”
- There are less concerns about “more personal” content being shared
- It’s pretty much where their customers are.
I don’t disagree with what’s written above, but actually I think Facebook and Financial Services were made for each other. I fundamentally don’t think that I can separate the professional Sarah from the personal Sarah. I’m very Gen Y in my thinking like that (actually I’m still 17 years old in my head, despite what the wrinkles around my eyes tell you). And for that reason, I have got over my concern that my colleagues, work acquaintances and customers might see something about my personal life through any of my social networks. As I say as I begin each demo of Socialite, our social engagement solution – you may see something inappropriate from my friends, family or colleagues, but you’re all adults.
Facebook gives me a different relationship with folks than LinkedIn. Would I know of the foodie habits of one head of compliance? or the horse riding antics of a Gartner analyst? or the movie mania of @AugieRay if I didn’t have Facebook? More than likely not.
Transpose this specifically to financial services. We – and that’s the Royal we – share so much of our lives on Facebook, that it actually complements the provision of financial services products. It allows more suitable product to be provided to us – and suitable product provisions are a key tenet of regulators such as FINRA. It allows us to actually connect more as human beings, we’re social animals, and have been for eons. The transparency of Facebook is perhaps what worries us, but you know, we’ll get over that as we become more social in the virtual world.
So, and yes there is a point to this blog. While the complete functionality of Facebook Graph is yet to be revealed, and we look forward to the beta, its one more step towards being able to use the information that we all so readily share to work towards social selling. I look at it as the supermarket coupon book of social. You have my shopping habits down pat, so provide me with more suitable product. @Safeway has my number in this regard, so why not my Financial Services provider?
Can you have a social army without a general?
Posted by SarahActiance in Actiance, Collaboration, Employee Behavior, FINRA, LinkedIn, Social Networking on January 14, 2013
Sarah Carter
I argued recently in a discussion on LinkedIn that the future of social is the distributed team , that 17% of us trust a brand and 70% of us trust individuals in our network – the personal brands.
The growth of that personal brand is a key tenet in the paper that I put together in 2012 on the Six Principles of Social Success. It’s actually the second principle – immediately following that social needs to be an integrated element of your organizations business plan, not a stand alone solution.
The discussion came about, because of a great article from Erica Ayotte – who writes for Social Media Today – Erica wrote about the recent phenomena of “firing all the social media directors”, when the latest new big shiny thing comes along. Believe me you want to join this discussion, there are some great comments and dialogues going on.
I do very much agree that the growth of social is about the development of the personal brand, enabling the distributed team, empowering them, and making them brand ambassadors. This is where I believe we will see true value from social, the individual brand that we all engage with. That said. They’re the army, the foot soldiers, not the generals. Without a general you don’t have a strategy, a direction or a battle plan.
Strategy and battle planning takes experience and in the brave new world of social battle worn, campaign hardy individuals are absolutely what we need.
If you’d like to know more about what it takes to build a personal brand on social, then why not join me at 9 pacific on Thursday 17th Jan for 30 minutes and you can find out more – I look forward to seeing you there!
Farewell Live Messenger, Hello Skype
Posted by Jeff Zacuto in Actiance, Compliance, Enterprise IM on January 10, 2013
When I started my career, I couldn’t have imagined how social my online work world would become.
Things like LinkedIn®, Microsoft® Lync®, IBM® Connections, and Skype™ are so integrated into my workday that connecting, IM’ing, and blogging with colleagues are all as natural and effective as sitting face-to-face over coffee.
Just like new ways to keep in touch with my colleagues and friends have emerged, some headed for the sunset like long-time friend Microsoft Live Messenger. But don’t say “Bon voyage!” just yet. You can use your Live ID to move your Live Messenger account and contacts to Skype today.
And if you’re a Skype user who works in a regulated industry like financial services, or if you work for a company that has other strict legal or corporate governance requirements, Actiance has great news! With Vantage™ for Skype, you can use Skype on your company’s network to stay in touch with the folks you need to get things done in a safe and compliant way.
It gives your company the tools it needs to meet strict requirements for regulatory, legal, and corporate compliance across a wide variety of networks, including Skype. And for a limited time, existing Actiance customers using Vantage or USG to support Microsoft Live Messenger can enjoy special pricing on Vantage for Skype.
So go ahead and start a Skype chat with a buddy in Santiago, share the latest product news with a colleague in Paris, or send a vacation photo to a friend in Vienna. With the trusted governance the Actiance platform provides, you can be sure you’re keeping the good stuff in while keeping the bad stuff out.
Belbey Blogs: Facebook Isn’t All That Scary For Business
Posted by belbey in Actiance, Employee Behavior, Financial Services, FINRA, personal v professional, Uncategorized on January 9, 2013
Today’s post is by Joanna Belbey, Social Media and Compliance Specialist at Actiance
When I first accepted my position at Actiance as the Social Media and Compliance Specialist, I was told that it was expected that I “friend” my manager and colleagues. Having come from FINRA, where we intentionally never “friended” each other on Facebook, the whole concept made me cringe. So I avoided it as long as I could. Finally I admitted my hesitation to a colleague, “I’m pretty goofy on Facebook” and she replied, “Don’t worry, we all are”. And by goofy, what I meant, is that I’m just my honest self. Movies that I like, events that I attend, great finds on shopping trips, photos of my bird, travel adventures, and even some silliness from time to time.
Her comment encouraged me to take the plunge. And you know what? Since then, I have really enjoyed learning about the personal lives of my colleagues. As I work remotely, Facebook has become my virtual water cooler. I learned about Sarah Carter’s passion for sailing in the freezing cold (brrr) or hurtling down a mountain in a bobslide at 80mph (yikes!), or about a Lisa Stokoe’s baking (yum) and sewing adventures, and even my shared passion for all things Star Trek, with Jeff Podraza.
Since then, I’ve even “friended” business associates and former colleagues. I now know a very serious financial services journalist loves her pugs, that an esteemed social media strategist, Augie Ray, is a movie buff like me, and that the chief compliance officer of a major broker dealer has a passion for fried food. I even went back and “friended” many of my colleagues at FINRA and was delighted to discover how multi-faceted they really are. Who knew?
For me, there really is no longer any bright white line between my personal and business life. And I think that’s the way the world is going. In my travels at Actiance, I hear many stories from clients whose financial advisors and agents use Facebook to initiate and nurture relationships with clients. After all, for them, life events (engagement, wedding, new baby, new job, illness, parents in assisted living, etc) are opportunities to provide more suitable product to their clients. And what better what to learn about the lives of your clients than on Facebook?
Learning about the personal lives of my colleagues, clients and business associates is highly entertaining and enhances my life every day. And I think it makes it easier to work together knowing that you have some common ground. After all, we all want to work with people we like, right?
Belbey Blogs: Overcoming Compliance Challenges to Social Media
Posted by belbey in Actiance, Compliance, Financial Services, FINRA, Social Networking on January 3, 2013
Today’s post comes from Joanna Belbey, Social Media and Compliance Specialist at Actiance.
As human beings, our behavior hasn’t changed for centuries. We naturally socialize. Socializing our buying decisions is something that we have done for centuries. Social media simply allows us to connect with those wider social groups—geographically—making our social groups more potent as our social interactions become public through social media.
As social media continues to evolve, so too does its usage and the regulations surrounding those professions adhering to compliance requirements. Starting in 2010, the Financial Industry Regulatory Authority (FINRA) issued regulatory notices to provide guidance regarding the use of social media in the financial services profession, specifically Notice 10-06 and then in 2011, Notice 11-39.
Why haven’t more financial services firms embraced social media as part of their sales and marketing programs?
Some of the key reasons are regulatory.
FINRA, the Securities and Exchange Commission (SEC), and several other regulatory bodies outside the U.S., each impose strict guidelines and rules on the use of all electronic communications, including social media. This demands careful oversight of online communications and activities to ensure that financial advisors aren’t using social media channels inappropriately or without retaining records of all communications.
A sampling of Social Media-Related Notices and Rules
- FINRA Regulatory Notice 10-06: Summary: Static content on social media sites and blogs are considered advertisements and need to be pre-approved. However, interactive content, like chat rooms, is considered non-static and does not require pre-approval by a registered principal prior to use.
- FINRA Regulatory Notice 11-39: Summary: To answer some of the questions raised by Notice 10-06, this notice clarifies that it’s the content of the communication rather than the channel that is being reviewed. Firms are also subject to the “adoption” and “entanglement” theories regarding third-party posts, and that business communication through personal devices must be supervised and recorded.
- NASD Rule 3010: Summary: Members must establish, maintain, and enforce written procedures for communications of registered representatives
- IRS Circular 230: Summary: Tax professionals could be subject to penalties regarding written advice, including their use of social media such as blogs, and Facebook, LinkedIn, and Twitter comments.
- New FINRA Rule 2210 (effective February 2013): describes various communications categories (institutional, retails, correspondence), and approval, review and record keeping requirements for each
- SEC Rules 17a-3 and 17a-4: require written, enforceable retention policies, searchable index, viewable and readily retrievable, offsite storage, and storage of data on WORM (write once, read many) optical media
In addition to making sure they adhere to the rules and regulations, firms are also concerned about the risks of data leakage, malware, and viruses. However, as new technologies have emerged to address regulatory and security challenges, financial service firms are demonstrating to their senior management that the risks of using social media may be mitigated.
What it all boils down to is this. Before engaging in any social media activity for your firm, be aware of the regulations surrounding social media in a professional services firm. Take them into consideration and demonstrate that you have taken a thoughtful approach. Put the review process into place. And most importantly, identify an influential principal of the firm who will champion the effort. It’s worth the effort. As firms slowly adopt social media within their distributed teams as a means to reach out to clients and customers, they are beginning to see increases in new customers and revenues that more than offset their initial concerns about the risks.
O Canada, O IIROC
Posted by nleong in Compliance, Social Networking on December 6, 2012
I just got back from a quick trip to the Great White North. NHL teams are still locked out, which might explain the forlorn look on folks I met or walked by. Luckily, the absence of hockey didn’t put a damper on IIROC’s Compliance and Legal Section (CLS) annual conference. Sessions were lively and informative, especially the social media one, and people seemed generally optimistic that the NHL season could still be salvaged. It was optimism all around.
IIROC lives . . . hockey or no hockey
Much like its FINRA brethren, IIROC has its own social media-specific guidelines in the form of Notice 11-0349. I swear, looking at FINRA’s 10-06/11-39 and IIROC’s 11-0349 side-by-side, you’d think you were seeing double. Even the session topics looked similar to what you’d see at the FINRA events. Just like in the States, the social media session was packed.
At the IIROC one, the panel consisted of an attorney, a compliance officer, and a marketing executive – the exact same key stakeholders you see involved in social media enablement efforts south of the border. In fact, as a whole, I got the impression Canada is not so far behind the US in terms of adoption of social in the financial services industry.
I heard repeatedly that Canadian firms were slowly opening up access to social and getting the ball rollin’ on pilot programs. So, the trend seems to be that, if you’re a financial institution, you should at least be considering social or else you’re gonna be left behind. That was the consensus of nearly everyone I spoke with.
2013 is just around the corner, and I’m expecting big things out of our friends up north. They’ve had a year to take notes from their US counterparts, guidelines are in place, social media policies are being drawn up, and there’s a still chance for an NHL season.
We just need Rush to belt out “O Canada” and all will be good.
Dodd-Frank Impact on Energy Trading
Posted by nleong in Compliance on November 15, 2012
Today’s post comes from Norv Leong, Director of Product Marketing at Actiance.
Yeeeeee haaaaawwww! Having just returned from stuffing my face with BBQ beef brisket, chicken chili, and cornbread, I’m left to ponder what I gleaned (besides a few extra LBs) from the 2nd Annual Energy Trading Operations and Technology Summit 2012 in Houston, TEXAS (cuz everythang’s big in TX).
First off, many industry participants are still confused about what the Dodd-Frank Act (DFA) means to them. From banks to brokers to energy traders, nearly everyone in attendance bemoaned DFA and the additional burdens it places on them. Add to the mix this year’s meaty sanctions from the Federal Energy Regulatory Commission (FERC) and it’s crystal clear why many firms are nervous about what they need to do to stay out of FERC’s crosshairs.
The sanctions imposed on Constellation Energy ($245 million) and Barclays ($470 million) were eye-popping, and they showed this watchdog ain’t takin’ no mess. FERC wields a big stick and intends to use it. Crucial to FERC’s credibility and success are its policing of the energy and utilities industry to avoid Enron-like fiascos from happening again.
And you thought Dodd-Frank was confusing
The industry is swimming in complexity, as evidenced by the alphabet soup of acronyms (CFTC, NFA, NERC, DCO, DCM, SDR, EMIR, to name but a few) and the bewildering number of players (brokers, traders, banks, hedge funds, clearinghouses, regulators) and instruments (swaps, hedges, options, futures, etc.) in the game. Unfortunately, DFA doesn’t really simplify anything, but rather, just makes things muddier and more complex.
At the end of the day, however, it all comes down to monitoring trading activities, recording all relevant communications, and making sure that all transactions are done at arm’s length. If a trader executes a trade via Yahoo! IM, you best have a record of it. Or, if someone in Marketing tries to IM a buddy on the transmission side of the house, well, you better have a mechanism in place to make sure that communication doesn’t happen or a record of it is kept somewhere. All the players in the industry must play by these rules or risk getting nailed by the regulators.
And this doesn’t even include the legal ramifications of improper trading practices. Lawsuits are just as pervasive in the oil and gas industry as it is in other sectors like financial services and healthcare. Rogue traders can cost their firms millions or even billions of dollars (Nick Leeson ring a bell?), which means shareholder lawsuits are just around the corner.
So, given the litigiousness of today’s society and business environment, proper recordkeeping is crucial. When the legal hold comes, firms have to be prepared to lock down and produce relevant content in the event litigation becomes a reality. As a result, eDiscovery is growing ever more important in this day and age of multiple communication channels.
Indeed, DFA made its presence felt at the conference, but the attendees walked away with a little peace of mind knowing that technology exists to help them stay true to DFA provisions. Who woulda thunk that some good ole “Texas tea” could spawn such a chaotic mix of regulations, sanctions, lawsuits, and technology?!?!?! Yee haw to that.
Belbey Blogs: Upcoming Guidance for the Use of Social Media for Retail Banking from FFIEC
Posted by belbey in Compliance, FINRA, Social Networking on November 5, 2012
In an effort to distract myself from the heartbreaking impact of Hurricane Sandy across the New York and New Jersey area, I thought I’d do a bit of research on how regulators of the retail banking industry are handling social media.
As a former FINRA employee and an avid attendee of compliance conferences and events, I’m familiar with guidance from FINRA and the SEC for the securities industry. However, retail banking is governed by a whole other alphabet soup of federal authorities. Regulators include the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB).
However, like the securities industry, banks are interested in using social media to provide a personal touch to their customers. Even the Office of the Comptroller of the Currency recently ceased paper distribution of news and issuances in favor of email, Facebook and Twitter.
In response to the retail banking industry’s request, the Federal Financial Institutions Examinations Council (FFIEC) is coordinating the activities of these multiple federal banking regulators to craft social media guidance. FFIEC plans on publishing these guidelines in the Federal Register before the year’s end. If you are not familiar with the FFIEC, the Council was established in 1979 to promote uniformity in the supervision of financial institutions.
A source at the Office of the Comptroller of the Currency (OCC), says that once guidance is published in the Federal Register, the FFIEC expects substantial feedback from the industry and will accept comments for sixty days. From what I hear, the guidance will describe how existing rules and regulations impact social media. And as the members of FFIEC recognize the rapidly shifting nature of social media, they are trying to avoid specific recommendations. Their intent is to offer principal-based guidance that may be useful over time. Guidance may include, but, not be limited to interpretations of rules regarding Deposit Accounts, Consumer Lending, Payment Systems, Truth in Savings, Disclosures and more.
Don’t want to wait until possibly Spring of 2013 to get started? Those who wish to proceed with social media now, may want to begin to interpret how existing rules may impact the use of social media at retail banks. For example:
- individuals need to be verified as customers for advice to be provided
- liking or retweeting certain articles may be seen as “providing investment advice” and subject to review
- marketers to comply with advertising guidelines to avoid misleading or inaccurate communications
- disclosures need to be considered
- records of electronic communications require retention
- and privacy, confidentiality and customers’ data needs to be protected.
Additionally, there are also wider regulatory concerns such as Gramm-Leach-Bliley Act (GLBA) , Red Flag Rules and Privacy of Consumer Financial Information to work through.
While you wait for Federal Financial Institutions Examinations Council (FFIEC)’s guidance, you might also find it helpful to read what regulators within the securities industry are saying. We’ve found that guidance from regulators (FINRA, SEC, IIROC, FSA, SEBI) tends to fall along similar lines: social media is considered as just another form electronic communications and should be treated as such.
FINRA-
FINRA Regulatory Notices:
- 10-06 – Social Media Websites Guidance on Blogs and Social Networking Web Sites
- 11-39 – Social Media Websites and the Use of Personal Devices for Business Communications
- 12-29 – Communications with the Public
- FINRA’s Guide for the Web for Registered Representatives
Securities and Exchange Commission-
Although this seems like a lot to wade though, you’ll see it’s worth the effort. Financial institutions that deploy social media are reaping the rewards of enhanced customer service at lower costs, broader brand recognition and an increase in new accounts and revenues.
On a personal note, as compliance in retail banking is a new area for me, I particularly welcome your insights. I would also welcome suggestions for additional resources for me to read or conference or webinars to attend. And finally, here at Actiance, we’ll be drafting a White Paper on regulations for the Retail Banking Industry. Look for that soon.
LinkedIn Endorsements: What should you do?
Posted by SarahActiance in Compliance, Electronically Stored Information (ESI), Employee Behavior, FINRA, LinkedIn on October 16, 2012
Sarah Carter contemplates a particular new Social Network feature set, that is causing some concern in certain sectors.
You can’t have helped but notice all the new features delivered by the social networks in recent months. As a point in fact, here at Actiance, we’ve tracked a whole lot so far this year. In 2012, we’ve tracked 150 changes on Twitter, 178 on LinkedIn and a whopping 1272 on Facebook.
In today’s blog entry, I wanted to touch on one of the recent new features from LinkedIn: Skills and Endorsements – the very term “endorsement” raises particular issues in the financial services industry, so I wanted to explain more about how you can deal with this.
With LinkedIn, there are two elements to Endorsements.
1) Skills
2) Endorsements of those Skills.
SKILLS:
As a LinkedIn user I can add a skill to my profile. Once I have added this skill to my profile, ANYONE that I am connected to can endorse that skill. Right now, I have no control over who can or cannot endorse me. I can however, hide that endorsement. Once I have hidden that endorsement, there is no current way to unhide it.
In addition to skills that I might add to my own profile, any of my connections can suggest a skill for my profile, with this suggestion comes an attached endorsement. This skill (and endorsement) does not attach itself to my profile until I add that to my profile. In other words, I have to take affirmative action to make this happen.
ENDORSEMENTS:
Any connection I have may endorse skills that I have against my profile. As the owner of that profile, I have no control available over these people adding this endorsement to my profile.
BEST PRACTICE RECOMMENDATIONS:
1) Specify in your social media policy that items such as endorsements are considered recommendations and are expressly prohibited. Advise regulated users that they should NOT apply or accept skills on their profile and should hide all endorsements if any are present.
2) Enforce your written policy with technology and do not allow individuals to add Skills to their LinkedIn profile (i.e. control with technology, moderate all profiles and ensure that these additions are rejected).
3) Search all existing (relevant) users to provide a report on who has Skills against their profile.
4) Request the removal of skills against those relevant users and/or hide any endorsements that are present.
Actiance provides technical controls to report on the addition of Skills and Endorsements to LinkedIn profiles for regulated users, the Socialite platform also enables firms who require additional controls in this area to pre approve changes to areas of static content, such as LinkedIn Profiles.
Through a combination of teams at Actiance, from our Social Media Labs to our Social Engagement Team, Actiance provides alerts and best practice notifications to customers of changes on social networks, that positively or negatively impact a best practice approach. If you’d like to speak to one of our social engagement team, drop us a line social@actiance.com or drop us a message through @Actiance
