GRC Roll Up: Social Media Guidance and a Comply or Die Report

Wasn’t it just last week that we were pondering the sustainability of GRC as an acronym? Have no fear; the world of GRC still spins. This week: financial advisers tackle social media, how to comply with multiple regulations and security compliance predictions for 2010.

FINRA Offers Guidance on Blogs and Social Networking Websites

Have you ever wondered what rules or guidelines there are for financial advisers on social media? Maybe not, but still it’s an interesting question. And it’s one that the Financial Industry Regulatory Authority Inc. (FINRA), the largest independent securities regulator in the US, has been pondering.

They are the governing body responsible for what registered personnel can and can't say in public. On Monday they issued guidance to securities firms and brokers regarding the use of social networking websites such as Facebook, Twitter, LinkedIn and blogs to communicate with the public. The guidelines were made available via Regulatory Notice 10-06, and are presented in Q&A format.

It seeks to clarify the responsibilities of firms to supervise the use of social networking sites to ensure that recommendations are suitable and their customers are not misled. While transparency among the financial industry is crucial, FINRA makes it clear that:

interactive electronic forums are subject to other supervisory requirements and to the content requirements of FINRA’s communications rule.

However, FINRA makes some surprising statements. For instance, because:

many blogs enable users to engage in real-time interactive communications…if the blog is used to engage in real-time interactive communications, FINRA would consider the blog to be an interactive electronic forum that does not require prior principal approval. (Q4)

As far as Facebook and Twitter are concerned, FINRA takes a more supervisory role stating:

a registered principal of the firm must approve all static content on a page of a social networking site established by the firm or a registered representative before it is posted. (Q5)

Overall the guidelines strike a fair balance between common sense and the need for oversight. Considering how sensitive the financial industry can be to public scrutiny over its practices, it’s a noble step for a governing body to think proactively about a platform that many industries would rather choose to ignore.

Will this Help with Compliance?

It’s no surprise that the enterprise is concerned about being compliant, or at least enough so as to avoid incident. According to a recent InformationWeek Analytics survey on regulatory compliance, 80% of respondents indicated that there are at least 2 requirement sets their organizations are addressing, while 35% indicated that they are focused on 4 or more.

To help ease the hardship, Information Week has released “Comply And/Or Die” a report that provides ways companies can work smarter and cover multiple compliance mandates with careful planning.

comments

Useful article?

 Email It      

Follow @cmswire

Related Articles:

• Is There A Business Case For Using SharePoint as an Enterprise CMS?
• Alfresco Enterprise 4: Social, Collaborative, Mobile, Cloud Connected Content Management
• Choosing an Enterprise CMS: Ovum Names EMC, IBM, OpenText Market Leaders

Tags: blogs, compliance, enterprise cms, facebook, facta, finra, grc, hipaa, hitech, records management, regulations, social media, twitter

Wasn’t it just last week that we were pondering the sustainability of GRC as an acronym? Have no fear; the world of GRC still spins. This week: financial advisers tackle social media, how to comply with multiple regulations and security compliance predictions for 2010.