Advertisement
Five Ways for Mortgage Lenders to Remain Compliant on Social Media
In today’s digital landscape, social media should be a key element for any mortgage lender’s marketing strategy. After all, social media is now a major part of the homebuyer’s journey.
According to data my company compiled, 55 percent of homebuyers conduct online research—via Web searches and social media—before reaching out to an agent, and agents report that 80 percent to 90 percent of their business comes from social media. Because 88 percent of all buyers finance their homes, the next step in that journey is usually finding a mortgage lender, which means that mortgage lenders should be hopping on the social media train, too.
That said, financial institutions belong to a highly regulated industry. Regulators like the Financial Industry Regulatory Authority (FINRA) and the Federal Financial Institutions Examination Council (FFIEC) define how mortgage lenders and banks can communicate with current and prospective customers, and this also applies to electronic communications.
This means that mortgage lenders must approach their social media strategies with careful thought and consideration.
A minefield of regulations
In 2017, FINRA doled out $8.3 million in fines for electronic communication violations. The largest fine fell on financial services firm Raymond James Financial at $2 million for failing to adequately supervise e-mails. After reviewing a nine-year period, FINRA found that millions of emails sent by Raymond James employees had evaded review. The system in place failed to flag misconduct, and the Raymond James team neglected to allocate suitable staff and resources to its review team, which allowed employee misconduct to go unnoticed.
A minefield of regulations
In 2017, FINRA doled out $8.3 million in fines for electronic communication violations. The largest fine fell on financial services firm Raymond James Financial at $2 million for failing to adequately supervise e-mails. After reviewing a nine-year period, FINRA found that millions of emails sent by Raymond James employees had evaded review. The system in place failed to flag misconduct, and the Raymond James team neglected to allocate suitable staff and resources to its review team, which allowed employee misconduct to go unnoticed.
FINRA’s supervision requirements aren’t limited to e-mail, though. In fact, they cover all electronic communication—including social media. In May 2018, for example, FINRA filed a complaint against a representative of a broker dealer regarding claims he’d made on a Web site and on a social media page for an e-book he authored. FINRA cited his claims as misleading and even false. Furthermore, he failed to have the Web site or social media page approved before making them public.
Financial brands must comply with regulations in all aspects of their marketing strategies to avoid similar consequences. Staying compliant, however, does not have to mean implementing a bland or ineffective social strategy. To avoid having your social media posts, comments and responses land you in hot water, follow a few important steps to implement a culture of compliance.
While these five tips are by no means a comprehensive list of rules, they can be useful in helping mortgage lenders balance an active and effective social media presence with consistent compliance:
1. Establish governance over your social strategy. Your social media strategy won’t be compliant unless it’s properly governed, so start by clearly documenting who has access to and control over what social media channels.
According to the FFIEC, your social media policy needs to clearly outline the individual roles and responsibilities of each person posting on the brand’s behalf and each person in charge of reviewing and approving content. If employees are posting content related to your brand, products, or services on their personal social media profiles, this will need to be outlined in the policy as well.
When roles are clearly defined, you’ll eliminate any confusion around who had authorization to post what, which will help you avoid many of the regulatory trip wires.
2. Compose a well-documented social media policy. If you don’t already have a social media policy in place, then it’s time to put one together—with the governance structure included. Your policy should also include:
►Guidelines for responding to comments or messages.
►How employees can identify themselves as bank representatives.
►What kind of content is acceptable to post and share.
►On which company devices employees can use social media and when.
►Which social platforms are included.
►The consequences of violating the policy.
1. Establish governance over your social strategy. Your social media strategy won’t be compliant unless it’s properly governed, so start by clearly documenting who has access to and control over what social media channels.
According to the FFIEC, your social media policy needs to clearly outline the individual roles and responsibilities of each person posting on the brand’s behalf and each person in charge of reviewing and approving content. If employees are posting content related to your brand, products, or services on their personal social media profiles, this will need to be outlined in the policy as well.
When roles are clearly defined, you’ll eliminate any confusion around who had authorization to post what, which will help you avoid many of the regulatory trip wires.
2. Compose a well-documented social media policy. If you don’t already have a social media policy in place, then it’s time to put one together—with the governance structure included. Your policy should also include:
►Guidelines for responding to comments or messages.
►How employees can identify themselves as bank representatives.
►What kind of content is acceptable to post and share.
►On which company devices employees can use social media and when.
►Which social platforms are included.
►The consequences of violating the policy.
To avoid confusion in adhering to guidelines now or conducting compliance reviews in the future, an institution’s social media policy should be as descriptive as possible. For example, be clear that employees’ social media activity will be monitored, that employees should not post negative content about competitors, and whether employees should be posting during work hours.
Also, ensure that the policy is easy for all relevant employees to digest, understand, and implement. Though social media regulations can be dense, your policy should be designed for easy comprehension. A confusing policy will only discourage employees from using social media, but compliance should not deter your team from having a great social strategy. It should simply guide team members in the right direction—and keep them from making potentially damaging mistakes.
3. Create a system for monitoring and oversight. Informing employees that their social media activity will be monitored isn’t always enough to prevent misconduct or regulatory violations. Therefore, be prepared to monitor all activity across your brand’s social media channels. For example, keyword and phrase filtering can detect and stop potentially noncompliant posts from ever going live.
3. Create a system for monitoring and oversight. Informing employees that their social media activity will be monitored isn’t always enough to prevent misconduct or regulatory violations. Therefore, be prepared to monitor all activity across your brand’s social media channels. For example, keyword and phrase filtering can detect and stop potentially noncompliant posts from ever going live.
But this doesn’t have to mean limiting employees’ abilities to respond to questions and comments on social media. Encourage engagement, but give your employees clear guidelines around what is and is not acceptable. You want employees to listen to what your audience members are saying and interact with them where appropriate.
By tuning into the conversation, you can make sure your social media posts will resonate with readers. You can also monitor feedback—both positive and negative—and adjust your strategy more fluidly as the need arises.
4. Gain a clear picture of your social media risks. Often, financial firms are fined for mistakes that slipped through the cracks due to a lack of fail-safes in the workflow. That’s one reason why the FFIEC requires institutions to keep their risk assessments updated.
4. Gain a clear picture of your social media risks. Often, financial firms are fined for mistakes that slipped through the cracks due to a lack of fail-safes in the workflow. That’s one reason why the FFIEC requires institutions to keep their risk assessments updated.
If you haven’t performed a social media risk assessment, this is a great place to start when ensuring compliance. If you already have an assessment in place, consider reviewing it to make sure it meets regulatory standards. The FFIEC guideline regarding risk assessments is designed to give you, your employees and federal regulators a heads-up if any controls, measures, policies, or procedures are inadequate.
5. Prepare for an audit at the drop of a hat. Your routine risk assessments should include some method of monitoring everything that’s posted to your brand’s social media pages. Archiving is paramount to controlling risks and staying compliant, and it is an excellent way to capture social media activity for audit and compliance purposes.
5. Prepare for an audit at the drop of a hat. Your routine risk assessments should include some method of monitoring everything that’s posted to your brand’s social media pages. Archiving is paramount to controlling risks and staying compliant, and it is an excellent way to capture social media activity for audit and compliance purposes.
You can manage archiving by posting manually from native social media accounts, keeping a Microsoft Word document of social media content, and using analytics provided by the social media networks. However, this strategy is time-consuming and isn’t sustainable if you use several social channels across multiple departments or branches or if individual employees are posting branded content on their personal profiles. Using cloud-based technology, you can digitally archive activity across all accounts from all employees throughout the organization.
Social media compliance for mortgage lenders can seem like a daunting responsibility, but it doesn’t have to be. Creating a policy that highlights governance, close monitoring, adequate risk assessment, and archiving will give you a solid footing in creating a compliant and effective social media strategy. You can also review compliance resources and risk management guidelines regularly to ensure you’re covering all the bases.
Social media compliance for mortgage lenders can seem like a daunting responsibility, but it doesn’t have to be. Creating a policy that highlights governance, close monitoring, adequate risk assessment, and archiving will give you a solid footing in creating a compliant and effective social media strategy. You can also review compliance resources and risk management guidelines regularly to ensure you’re covering all the bases.
Doug Wilber is CEO of Gremlin Social, an integrated solution that combines social media marketing with ABA-endorsed compliance tools to make it easy for financial services companies to master the social media landscape and engage customers using social networks. Doug has worked in the fintech space for more than a decade, and has experience working with Discover Financial Services, PYMNTS.com, and Assembly Payments, among others.
This article originally ran in the July 2019 print edition of National Mortgage Professional Magazine.
About the author