I recently attended JiveWorld11, where a key theme in many of the presentations, as well as most of my conversations, was compliant communities. I’ll admit to being a little bit surprised, because to date, Enterprise 2.0 and social media practitioners seem to be, if not completely unconcerned with compliance, at least less concerned than they should be.
Many of them come to social media and Enterprise 2.0 from marketing or agency backgrounds, which are areas that typically have low involvement in enterprise-compliance activities. Additionally, E2.0 and social media tools and capabilities are predicated on openness, collaboration and freedom, so imposing tight compliance seems to go against the very reasons we get involved in them in the first place.
And it doesn’t help that on top of all this, with the exception of FINRA, regulators in the U.S. have been silent on social media and E2.0 -- heck, most regulators are just getting around to addressing things like email and instant messaging.
Winds of Change
But despite the fact that compliance has been somewhat absent from discussions of Enterprise 2.0 and social media to date, the situation is changing, and fast, for a number of reasons:
- Regulation is coming -- FINRA has paved the way with Notice 10-06 and Notice 11-39; other regulators are not far behind.
- Social media and Enterprise 2.0 are hitting the big time -- 12 months ago, I was the one starting the conversation around social media and E2.0 with my clients; today, this is one of the first topics they broach when I show up.
- Vendors are starting to get it -- an increasing number of E2.0 and social media vendors are incorporating compliance into their marketing and product roadmaps, and the number of pure-play compliance solutions is increasing (e.g., Actiance, Hearsay).
- The number of Enterprise 2.0 and social media business cases is growing -- we’re moving way beyond generic employee communities, knowledge sharing applications or expertise management tools. Today, organizations are looking to use social media and E2.0 tools and capabilities to enable core business processes, such as sales force enablement, front-line customer service or product development. And these core business processes tend to require more compliance, not only because they are core to the business, but also because they are more specific, i.e., regulators don’t have as much to say about expertise management as they do about working with brokers, for example.
Compliance is a Bummer
None of this changes the fact that compliance is seen as a buzz kill, not just in the world of Enterprise 2.0, but Enterprise 1.0 as well. I mean, nobody really likes compliance or is excited to do it. Folks do it because they have to -- that’s why we have regulations in the first place: to make folks do things they ordinarily wouldn’t do because they’re not in their best interest (or they compete with things that are more in their best interest).
And even large organizations in heavily regulated industries that typically spend lots of time and money on enterprise compliance activities (and market their ability to be compliant to the wider public) wouldn’t do any of this if they didn’t have to…or at least not to the degree that they do now.
There’s the sense that we could do business more effectively, efficiently, and profitably if all these pesky regulations weren’t in the way, and this is doubly true for E2.0 and social media activities.
Barriers to Entry
But I take issue with these typical attitudes to enterprise compliance activities, because I think they miss the opportunity presented by compliance as a barrier to entry.
Most business folks understand that barriers to entry make a market more profitable for those organizations that can overcome them. Most business folks seek out markets with barriers to entry that their organizations are well placed to overcome or work to build their organization’s capacity to overcome them.
Compliance is simply another barrier to entry that in general presents tremendous opportunity for those organizations that can overcome them before their competitors. Of course, specific compliance scenarios present differing degrees of entry barriers, depending both on how difficult the regulations are to comply with, as well as how mature the solution space is to the specific compliance requirements.
OSHA compliance on a shop floor, for example, presents a fairly low barrier to entry: The specifics of the regulations are well-known and defined and the methods for complying with the regulations are mature and akin to a commodity.
Social media and Enterprise 2.0 compliance, in contrast, presents a very high barrier to entry: The specifics of the regulations are mostly undefined and the methods for complying with whatever regulation might emerge are only now in the earliest stages of development (if they exist at all).
Window of Opportunity
Enterprise 2.0 and social media compliance won’t always present such a high barrier of entry, however. At some point in the next few years, most regulators will specifically address social media and E2.0, vendors will bring solutions to market to meet these regulations, and leading edge organizations will have solved the core compliance challenges.
Once this happens, we’ll start to see things like industry certifications for social media and E2.0 compliance and the path to compliance will be a commodity.
But until that happens, organizations have a window of opportunity to get the jump on their competition. Whoever solves the compliance challenges associated with social media and E2.0 for their industry can go all in on using these tools and capabilities to transform their business…and reap the customer acquisition and retention, profitability, product development and operational efficiency benefits waiting out there.
So far from holding back your social media or E2.0 efforts, you need to approach compliance as a key strategic enabler: Until you figure out how to adequately address compliance, the governance, risk and compliance functions in your organization like legal, records management, regulatory compliance and HR will never fully support you.
And without their support, your CEO will never be all in on social media and E2.0, even if she is a passionate and knowledgeable advocate of both of these. At the end of the day, she knows that her organization needs to do business in a compliant way no matter whether it’s Enterprise 1.0, 2.0, 3.0 or beyond.
The Final Word
I’m personally excited to be a part of helping organizations solve the Enterprise 2.0 and social media compliance problem. Insurance, banking, financial services, pharma, health care, manufacturing, CPG, retail, mining -- you name an industry, and there are difficult, exciting and ultimately profitable barriers to entry for their social media and E2.0 efforts.
Those who solve them sooner rather than later will enjoy first-mover advantages and reap tremendous profits. Those who don’t will still have to build their social media and E2.0 compliance programs, they’ll just be doing so in catch-up mode and in order to gain a commodity rather than a strategic differentiator.
Which organization would you rather be a part of?
Editor's Note: You may also be interested in reading:
- Social Media Marketing 101: Creating Proactive Policies
- Monitoring, Analyzing and Governing Social Media in a Compliant Enterprise
- SharePoint, eContent and the GRC Challenge