Social media compliance isn’t all focused on endorsements and reviews – financial institutions must ensure that their accounts and posts do not violate any of the applicable regulations specific to their financial product or service.
Here are a few regulations outlined in the Federal Financial Institutions Examination Council (FFIEC)’s supervisory guidance on social media and how financial institutions can ensure compliance as part 2 of this blog series.
Truth in Savings Act
Social posts must include and clearly state certain information, such as minimum balance required to obtain the advertised APY or bonus. These do not have to be directly in the post (especially since platforms like Twitter limit character count), but you should at least provide a link to a place that clearly discloses all necessary information.
Fair Lending Laws
Institutions should ensure that their social posts do not violate fair lending laws, such as the Equal Credit Opportunity Act and the Fair Housing Act. Companies should not, through their social media marketing efforts, discourage or limit people against applying for a credit card, mortgage or housing based on race, religion, national origin, sex, marital status, age, handicap or because they receive public assistance.
Truth in Lending Act (TILA)
Any time a creditor promotes or advertises credit products through their social channels, they must ensure that they are presenting in a clear and conspicuous manner. It is required that certain disclosures such as loan terms, annual percentage rates, and costs must be included in order to promote the informed use of consumer credit options.
Real Estate Settlement Procedures Act (RESPA)
RESPA requires all lenders and mortgage brokers to provide clear and complete information concerning real estate transactions, settlement services while meeting consumer protection laws on social media. The act also prohibits promoting fee-splitting, kickback or exchanging something of value in order to acquire referrals or business through social media.
Fair Debt Collection Practices Act (FDCPA)
FDCPA restricts debt collectors from using social media to contact consumers (and their friends or family) and publicly disclosing the owed debt. This act prohibits communication over social media, whether publicly or privately, to state false or misleading information, declare the existence of a debt and harass or embarrass consumers about any debts they may have incurred.
Deposit Insurance or Share Insurance
When a depository institution or credit union promotes or advertises any FDIC or NCUA insured products through social media, they must include a statement of membership of the FDIC or NCUA, respectively. If a depository institution promotes non-deposit investment products to their consumers through social media, they should disclose that these products are not insured by the FDIC or NCUA and are not guaranteed insurance.
Bank Secrecy Act/Anti-Money Laundering Programs (BSA/AML)
An institution’s BSA/AML program must provide for the following minimum components: a system of internal controls to ensure ongoing compliance; independent testing of BSA/AML compliance, a designated BSA compliance officer responsible for managing compliance, and training for appropriate personnel. These controls should apply to all customers, products and services, including customers engaging in electronic banking (e-banking) through the use of social media, and e-banking products and services offered in the context of social media.
Gramm-Leach-Bliley Act Privacy Rules and Data Security Guidelines
The Gramm-Leach Bliley Act requires financial institutions to maintain the privacy and security of consumer information. When such institutions use social media to take applications or upgrade their consumer’s online account experience, they are required to provide disclosures about their privacy policies clearly and are apt to face reputation risk when discovered to be treating consumer information carelessly or lacking transparency in their policies.
CAN-SPAM Act and Telephone Consumer Protection Act (TCPA)
The CAN-SPAM Act and TCPA establishes requirements for sending unsolicited commercial messages or spam, and unsolicited communications by telephone or SMS messaging. Financial institutions should be familiar with the provisions of the CAN-SPAM Act and TCPA to evaluate whether social media activities trigger the application of either or both laws.
Fair Credit Reporting Act (FCRA)
The FCRA requires certain regulations to be applied, especially when using social media, to promote the accuracy, fairness and privacy of consumer information. This act includes restrictions and requirements necessary for making negligent solicitations, responding to disputes and collecting medical information in connection with loan eligibility.
Interested in learning more about how to stay compliant on social media to mitigate your risk? PerformLine can help. Speak to one of our experts today.