Organizations in all sectors and industries must meet applicable compliance standards, such as the Fair Lending Laws, the Consumer Protection Act, and the CAN-SPAM Act. However, when it comes to social media governance, firms in the mortgage industry face an added compliance burden to adhere to the strict compliance and monitoring requirements outlined by the Federal Financial Institutions Examination Council. These guidelines went into effect December 2013 with state requirements (some strict and some more lenient) following.
In theory, the FFIEC guidance was straightforward in helping protect the consumer and to reduce mortgage companies’ risks to fraudulent brand activity on the web. In practice, however, staying compliant, and keeping a solid compliance process, is quite a challenge! These are the challenges I work with every day:
- The mortgage industry has about a 30% turnover of loan officers, making it difficult to keep an audit and governance process up to date.
- Loan officers are “in the field” and in many cases act as independent agents, making it difficult to get new information.
- Social networks create new pages automatically (like Facebook Place Pages) making it difficult to ensure compliance when you are not aware of the existence of a page.
- New social networks are created, including vertical industry sites like Zillow and RedFin, making it necessary to keep reaching out to loan officers (even after they have already submitted some accounts).
Most mortgage firms currently have sound compliance and monitoring procedures on their corporate sites, but their local branch and loan officer compliance process is still fraught with error. Here are the top items I see fall through the cracks:
- No clear established roles and responsibilities for board members and senior management, which direct corporate objectives, establish controls, and define an ongoing assessment of social media usage risks. (Required in FFIEC Guidance).
- No robust policies and procedures regarding social media use and monitoring to adhere to all applicable laws and regulations. There should be a policy for employee and loan officers (with examples) and a policy for the compliance and monitoring team (including measures to address risks of fraudulent misuse of their brand).
- No formal and ongoing employee training program that incorporates policies and procedures regarding social media usage. This should also include the policy, procedures, and expectation of removing any corporate affiliation in case an employee leaves the company.
- Incomplete oversight process for web and social media compliance monitoring of all accounts and platforms. Often, only a loan officer’s website, LinkedIn page, Facebook Page and Twitter are monitored. What about Youtube, all other social networks, and the industry-specific network micro pages like RedFin, Zillow, and Lender 411?
- No audit or procedures in place for dormant, inactive accounts, network generated pages (such as Facebook and Google+ Place Pages for branch locations), or fraudulent accounts.
- Limited resources to stay in the audit process of reviewing web and social accounts against the policies and FFIEC guidelines for existing employees, new employees and terminated employees. Not reviewing an ex-employee’s accounts to ensure all removal of corporate affiliation (and staying on top of them until all is cleared) is a common error.
- No meaningful evaluation parameters to measure the compliance monitoring objectives set-out by the board and senior management.
Remember — compliance is an ongoing process that helps mitigate risks and not just a one-time event. Keeping a compliance process active and up-to-date is a key sign that your are adhering to the FFIEC regulations and will avoid any CFPB fines.
If your firm is making any or all of these mistakes — or, more likely, you are not 100 percent certain if your firm is following all of the rules regarding social media compliance monitoring — then contact the Brandle team today. We have in-depth experience working with firms in the mortgage industry and can help you apply the rigorous compliance standards you must follow. Request a free demo of the Brandle Presence Manager now: