Social Media Policy Manual Table of Contents [Sample Client] Table of Contents. Sample

Transcription

1 Table of Contents Table of Contents TABLE OF CONTENTS... 1 CHAPTER 1 INTRODUCTION GOALS AND OBJECTIVES REQUIRED REVIEW APPLICABILITY ROLES AND RESPONSIBILITIES Compliance Officer Social Media Manager Responsibilities DEFINITIONS SOCIAL MEDIA ADVERTISING TYPES OF SOCIAL MEDIA ADVERTISING Facebook Twitter and other Instant Messaging sites LinkedIn BUSINESS PURPOSE... 7 CHAPTER 2 ACCOUNTABILITY AND MONITORING INTERNAL CONTROLS BOARD/SENIOR MANAGEMENT OVERSIGHT... 9 CHAPTER 3 STAFF AND TRAINING ONGOING TRAINING NEW HIRE TRAINING SOCIAL MEDIA TRAINING CHAPTER 4 RISK IN SOCIAL MEDIA REPUTATION RISK Consumer Complaints and Inquiries Employee Use of Social Media Sites Fraud and Brand Identity Privacy Concerns Third Party Concerns OPERATIONAL RISK COMPLIANCE AND LEGAL RISK CHAPTER 5 REGULATORY COMPLIANCE LENDING ACTIVITIES this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 1

2 Table of Contents Fair Debt Collection Practices Act Fair Lending Laws Real Estate Settlement Procedures Act (RESPA, Regulation X) Truth in Lending Act (TILA, Regulation Z) Unfair, Deceptive, or Abusive Acts or Practices DEPOSIT ACTIVITIES Deposit Insurance or Share Insurance Truth in Savings Act (TISA)/Regulation DD, Part PAYMENT SYSTEMS Electronic Fund Transfer Act (Regulation E) Rules Applicable to Check Transactions BANK SECRECY ACT (BSA) COMMUNITY REINVESTMENT ACT (CRA) PRIVACY Fair Credit Reporting Act Gramm Leach Bliley Act Privacy Rules and Data Security Guidelines CAN SPAM Act and Telephone Consumer Protection Act Children s Online Privacy Protection Act CHAPTER 6 INDUSTRY PRACTICE PROFILES LINKED IN HANDLING DEFAMATORY CONTENT this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 2

3 Introduction Goals and Objectives Chapter 1 Introduction is committed to the highest standards of federal consumer compliance and requires all management, employees, and third party vendors follow these policies and adhere to these standards. Components of social media risk management shall include this Social Media Policy and underlying procedures regarding the use and monitoring of social media and compliance with all applicable consumer protection laws and regulations. 1.1 Goals and Objectives The standards set out in this policy represent minimum requirements based on applicable legal and regulatory guidance and apply throughout s operations. These requirements are intended to prevent, our employees, and third party vendors from violating federal regulations related to mortgage banking and consumer compliance, and to understand and manage risks associated with activities conducted through social media use. may use social media to market its products and services, to provide incentives, facilitate applications for new accounts, to invite feedback from the public, and to engage with existing and potential customers, for example, by receiving and responding to both positive and negative feedback, or providing loan pricing. 1.2 Required Review requires this policy be reviewed no less than annually. The review shall include the compliance of this policy with current law, regulation or directive, the procedural implementation of this policy within the then current scope of business lines and operations, internal or external audit results received during the previous year, and then current industry trends or regulatory guidance. 1.3 Applicability The purpose of this policy is to implement consumer protection mechanisms as required by the United States statutes and related federal regulations administered by the CFPB and other prudential regulators. this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 3

4 Introduction Roles and Responsibilities Wherever state or local regulations overlap and are stricter than the requirements set out in this policy, the more conservative approach shall be applied. If any applicable laws are in conflict with this policy, must consult with the appropriate legal counsel to resolve the conflict and to set forth s policies and procedures for compliance. 1.4 Roles and Responsibilities Compliance Officer This policy provides for the appointment and designation of a compliance officer. The compliance officer is responsible for daily coordination and monitoring of compliance within this policy and for overseeing and administering the use of social media by and its personnel for promoting business. The compliance officer is responsible for reporting compliance matters to senior management. Notwithstanding the required annual review, the compliance officer shall examine social media strategies, goals, and objectives on an ongoing basis and maintain an effective social media program. The compliance officer may delegate duties to other employees, but the compliance officer is responsible for overall social media compliance. The board of directors is responsible for ensuring that the compliance officer has sufficient authority and resources (monetary, physical, and personnel) to administer an effective compliance management system, including social media compliance, based on s risk profile. The compliance officer must be fully knowledgeable of guidance and all related regulations. The compliance officer must also understand 's products, services, customers, and geographic locations, and the potential risks associated with using social media to promote business objectives Social Media Manager Responsibilities The compliance officer may hire an experienced Social Media Manager with web knowledge and expertise to oversee all company sites and monitor the web for content related to. The Social Media Manager must possess dedication in promoting s communication and brand guidelines and maintain up to date practices for social media communication. The Social Media Manager will be responsible for day to day social media communication. this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 4

5 Industry Practice Profiles Chapter 6 Industry Practice 6.1 Profiles Social media profiles of employees engaged in solicitation on behalf of must be registered with Compliance and Marketing for approval prior to publication on social media. Employee s social media activity that is suspected to be non compliant with s Social Media Policy will be directed toward the marketing manager or the compliance officer. 6.2 LinkedIn restricts advertising or marketing of professional services or products of [ Client] by its employees to approved social media websites. Professional profiles or pages are permitted only for LinkedIn or other professional social media sites, where s employees may maintain work experience profiles. No promotional content representing is allowed. considers it permissible for employees to identify their job titles and as their employer within their user profiles of general social media websites. However, employees must not submit posts or comments that could be misunderstood by users as official statements by [ 6.3 Handling Defamatory Content may incorporate into its processes the following practices for handling defamatory or unlawful content about the company posted on its social media websites or those maintained by thirdparty service providers: 1. Preserve the evidence by printing the content to include the Uniform Resource Locator (URL) on the World Wide Web 2. Weigh the pros and cons to determine impact to reputation, operations, and resources 3. Analyze the content in conjunction with the Legal and Compliance Departments to determine the appropriate action 4. Take action as appropriate, including any of the following remedies: this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 23

6 Industry Practice Handling Defamatory Content a. Submitting a takedown notice through the social media platform for matters of copyright infringement b. Issuing a cease and desist letter for illegal use of trademark or other deceptive behavior c. Taking in court action for content removal, to seek an order against the user from posting similar content, and to recover damages 5. Be proactive in managing the company s online presence, train employees in best practices, and conduct positive campaigns on social media to build the business brand shall perform due diligence and evaluate the operational, compliance, legal, or reputation risks and determine appropriate policies to adopt in light of those risks. this work may be used, reproduced or transmitted in any form or by any means, by or to any party outside of [ 24