US supervisory agency the Federal Financial Institutions Examination Council (FFIEC) has issued proposed guidance on the application of consumer protection and compliance laws to bank social media programmes.
The FFIEC says that each financial institution should have a risk management programme that allows it to identify, measure, monitor, and control the risks related to social media.
It says increased risk can arise from poor due diligence, oversight, or control on the part of the financial institution and has laid down a set of governance principles for banks to follow.
The size and complexity of the programme must be in line with the depth of a bank's involvement with the medium but should at the very least include input from specialists in compliance, technology, information security, legal, human resources, and marketing.
Although the guidance does not impose additional obligations on financial institutions, the FFIEC says it expects banks to take steps to impose controls on social media, as they would with any new process or product channel.
The agency is inviting comments on the proposals within the next 60 days, before the new rules are formally issued as supervisory guidance.
"Accordingly," says the FFIEC "institutions will be expected to use the guidance in their efforts to ensure that their policies and procedures provide oversight and controls commensurate with the risks posed by their social media activities."
Read the proposed guidance:Download the document now 110.2 kb (PDF File)