FFIEC Issues Final Guidance for Social Media Compliance

The Federal Financial Institutions Examination Council (FFIEC) has released its final guidance on social-media usage by financial institutions. The guidance doesn’t differ too much from the original proposal released earlier this year, but it does provide some important clarifications.

The final guidance, which is effective immediately, is not intended to be a one-size-fits-all document, the FFIEC says. Instead, credit unions should use the guidance to help shape their risk assessment and ensure that social-media activities are addressed in their risk-management program.

Among the risks that credit unions should consider, according to the council: harm to consumers, compliance and legal risks, operational risks, and reputation risks. Keeping these in mind, credit unions should use their risk assessment to form their social-media program and develop processes for identifying, measuring, monitoring and controlling risks related to the credit union’s specific social-media activities.

The final guidance also clarifies that credit unions are not required to monitor all Internet communications for potential consumer complaints. Instead, credit unions should have channels in place so that consumers can contact the credit union with complaints, and processes in place to respond to those complaints in accordance with the risk assessment. The FFIEC also stated that text messages and emails are not considered communications via social media.

Whether credit unions already use social media or are just venturing into this type of communication, they should review the FFIEC guidance and become familiar with its contents. The document provides a clear path for credit unions to follow, but also provides supervisory agencies with guidance that can be used during examinations.

You can read the final guidance here.


Questions? Contact the Compliance Hotline: 1.800.546.4465, compliance@nwcua.org.

Posted in Compliance News.