Financial institutions no longer need convincing that a social media presence is essential.

Endless studies and research data demonstrate the point so persuasively that even the initially-reluctant have come around. But practical acceptance of the need for meaningful social media policy guidelines is less universally acknowledged. In the absence of policies, however, social activity can be a landmine for mortgage companies, potentially more damaging than helpful.

Social media policies are essential because of the known risks of unconstrained social activity. Consider a handful of sources of possible damage:

• Malicious content can enter an enterprise through social channels. A recent Osterman Research paper says nearly a fifth of organizations have suffered malware infiltration through social media.
• Sensitive or confidential corporate data can be inadvertently disclosed on social media.
• Social messages may breach the privacy of consumers, employees, or other stakeholders.
• Regulatory investigations may result from advertising on social platforms if deemed unfair or deceptive.
• Inconsistent or contradictory messages across multiple social platforms may lead to enforcement actions, consumer complaints, litigation and/or reputational damage.
• Costs for monitoring inappropriate or unauthorized social messages, fixing problems, and retrieving records of social activity may be higher for organizations without established policies.

Despite these risks, about half of all organizations that use social media don’t have written policies for their use. That’s simply unwise. Even a rudimentary policy is better than none, and it’s not that difficult to implement one.

While different organizations have different needs and will vary in the detail required for an appropriate and enforceable policy, here are 12 key pointers for developing a mortgage lender/broker’s social media policy:

1. A lender’s social media policy should include basic “do’s and don’ts,” indicating how the policy applies to employees.
2. Social media policies should be in writing.
3. Policies should include sanctions and penalties for noncompliance, making it clear that violations have consequences.
4. Regulatory rules and expectations of relevant supervisory agencies, such as the CFPB, FTC, and banking commissioners should be incorporated in the policy.
5. The policy should be reviewed by legal counsel to ensure it doesn’t violate individual rights of expression, applicable labor laws, personal privacy, or other HR concerns or policies (such as employee handbooks).
6. The social media policy should be integrated with other corporate policies to prevent incompatible results or confusing employee expectations.
7. Social media policies should be updated periodically as circumstances (internal and external) change, to reflect current laws and rules as well as best practices in the financial industry and in social media.
8. If appropriate, the policy should be translated into all languages used in business operations (particularly in transactions with consumers).
9. Employees should be trained (and retrained as necessary) in the organization’s social media policy.
10. The company should monitor social activity and employee (and consumer) posted content, for policy compliance.
11. A social media policy should provide for retention and archiving of social messages, should they be required for litigation, investigations or regulatory compliance purposes.
12. An enterprise’s social media policies should be archived as they are amended, to provide an irrefutable record of what policy guidelines were in place at any particular point in time.

To learn more about the essentials of a social media policy, take a look at the ‘Social Media Policies for Mortgage Lenders and Brokers’ webinar below.