BREAKING NEWS: Reed Hastings, the CEO of Netflix an active Facebook user commonly posts about the success of Netflix, often thanking users of the service for their loyal support, which sounds like the first line from a book on how to correctly promote a product using social media. But Hastings may have become a little too comfortable sharing certain aspects of the company’s information. In July of this year, he posted to his 240,000+ Facebook subscribers that “Netflix monthly viewing exceeded 1 billion hours for the first time ever in June.” SEC issued Netflix a Wells Notice, which means SEC staff will recommend that the SEC issue either a cease-and-desist action and/or a civil injunction against Netflix and Hastings over the alleged violation.
Source: Risk Management Monitor Link
Did Hastings violate rules regarding selective disclosure? Should all companies, especially those the size of Netflix, have legal counsel review all social media posts representing the company’s views? Should every company employ a social media risk manager?
Here is a storified version I just published from my twitter feed.
DELL Leads The Way
Dell was one of the first companies to realize the enterprise side risks around Social Media usage and came up with a very innovative and industry leading Social Media Certification through its Social Media University.
Amy Fowler-Tennison is Dell’s SMaC University Program Lead. Dell’s Social Media and Community University program or SMaCU. The program is designed to educate Dell team members on our overall social media strategy, governance and principles. While many social media training classes and documents are available online, our program focuses specifically on how Dell team members can use these tools to build
authentic and long lasting relationships with our customers.
The certification program was established last year to equip team members to be effective Brand Ambassadors for our company. Any team member, regardless of their function or business unit, that wants to engage on behalf of Dell in the social media space is required to complete SMaC Professional Certification. Once certified, team members receive an official certificate and they can start interacting with customers within their area of expertise. They can also request new social media pages, groups or accounts to be created with approval from the social media leadership team.
Social Media Policy
Policy is a guiding light that governs organization and individual behaviour. Building a Social Media Policy is just the right FIRST step for an organization to start the journey towards de-risking itself. Getting Started With Your Social Media Policy is a very useful Step 1 for organizations that are just beginning to build a Social Media Policy.
Regulated companies have to be conscious about the following aspects to stay compliant.*
(Source: Hearsay Social)
Advertising financial products or services: Many regulated industries, such as life insurance and securities, have strict rules on advertising language and archiving procedures. For example, many states’ insurance laws provide keywords that cannot be used in life insurance advertisements. Make sure your employees are trained to avoid prohibited terms.
Endorsements and testimonials in advertising: If you are a financial adviser, the SEC Adviser’s Act Rule 206(4)-1 bans client testimonials in advertisements altogether. Hearsay Social recommends that investment advisers disable LinkedIn’s recommendation function. If you choose to enable the LinkedIn recommendation function, pay special attention to third-party content, as your employees’ recommenders may think they are doing you a favor by providing a high level of detail about an investment, product, or service. In reality, comments may trigger suitability, monitoring, and archiving violations. Similar challenges and concerns arise from Facebook’s “like” function.
Suitability of investment recommendations and products: Any recommendation to buy or sell a security must be specific to each prospective investor to whom it is made. As a result, specific investment products, services, or valuations should never be recommended via social media, as unsuitable investors will have access to the recommendation on public social media sites.
SEC’s Books & Records Rules & FINRA Notice 10-06 Together, SEC Rules 17a-3 and 17a-4 of the Securities Exchange Act and FINRA Notice 10-06 instruct broker-dealers that they must 1) create a written social media policy reasonably designed to supervise firm communications, 2) train employees on the policy, 3) distribute only suitable content, 4) pre-approve static content, 5) monitor static and interactive content, and 6) capture and archive firm advertisements and sales literature for a minimum period of 3 years in an indexed, readily retrievable format. For more information on these regulations, please consult our whitepaper The Financial Professional’s Guide to Brand and Regulatory Compliance on Social Media. SEC Rule 204-2(a) of the Investment Adviser’s Act of 1940 sets out similar content, monitoring, and archiving rules for registered investment advisers (RIAs) on investment recommendations, advertisements, and other “business as such.”
Business activities performed outside of firm activity: Because securities firms may be held responsible for the personal conduct of employees, it is especially crucial that financial services companies prohibit their employees from using personal social media sites for professional use. Make sure your policy creates clear boundaries on personal vs. professional accounts.
Regulation S-P: In addition to Regulation FD, financial institutions should also consult the SEC’s Regulation S-P, privacy rules promulgated under section 504 of the Gramm-Leach-Bliley Act. This regulation concerns the disclosure of nonpublic personal information about customers. Nonpublic information includes any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived without using any personally identifiable financial information that is not publicly available.
Customer complaint filings FINRA requires that member firms report statistical information regarding written customer complaints relating to annuities and life settlement products. Make sure to report customer complaints transmitted via social media and handle them according to established complaint handling procedures. This may require workflow functionality.
Solutions
CMP.LY Social Media disclosure solutions allow you to mitigate risk, fulfill regulatory obligations and reduce the overhead of social initiatives. Our easy-to-implement social media disclosure platform leaves plenty of room for companies of all sizes — even those in the most highly regulated industries — to run effective and creative programs.
HearSaySocial Enterprise-ready compliance for regulated companies, including FINRA, IIROC, SEC, and FSA regulated financial firms. Delight and equip your compliance team with pre-approval workflow, real-time alerts, supervision and approval trails.
Attensity Enterprise organizations recognize that today’s social customers are actively talking about their products and services on millions of sites across the social web. Buried in these conversations are valuable insights that can have a significant impact on their business.
The Attensity Pipeline collects data from more than 150 million social media and online sources including the full Twitter Firehose, public Facebook and Google Plus posts, YouTube, Reddit, Pinterest, LinkedIn, blogs, forums, and video and review sites. It uses the full power of Attensity’s patented semantic engines to transform the chaos of social chatter into actionable information for the enterprise.
My pick is the Market Leading GRC Platform MetricStream MetricStream Compliance Management Solution provides a common framework and an integrated approach to manage all compliance requirements faced by an organization. It enables companies to manage cross-industry mandates and regulations such as SOX, OSHA, EH&S, and FCPA as well as industry focused regulatory guidelines from FDA, FERC, FAA, HACCP, AML, Basel II, and Data Retention laws.
Comments