Operational Risk & Regulation Magazine has published a list of ten operational risks that banks need to monitor in 2015. Alongside risks such as cyber threats, model risk and illicit transactions, social media is highlighted as a leading issue that operational risk managers need to consider.
Here are five key extracts from the report:
1. Mandatory warnings on investment performance or suitability may not be possible in a 140-character tweet or a short Pinterest caption; the UK’s Financial Conduct Authority issued guidelines on this matter in August 2014, noting that whatever the content limitations, any communication aimed at selling would need to include safeguard statements.
2. Regulators in 2015 will be paying increasing concern to “suitability” and the industry may even see the development of a much more finely graded system than the current binary distinction between sophisticated and unsophisticated investors. But if a successful social media-based marketing campaign goes viral, it will inevitably spread beyond its target market and reach customers the bank did not intend; another concern highlighted by the FCA.
3. Social media’s growing power and influence allows bad news to spread with unprecedented speed and reach, and the interaction between social media activity and the link structure of the internet means that search engine results too can quickly become dominated by a viral news items. The wrong bit of news can, as a result, come very quickly to dominate a company’s entire digital presence.
4. Few users of social media services such as Facebook entirely understand the privacy limits around their personal information, and these limits are far from completely secured. The risk of a leak of identifying information that would enable customer impersonation, blackmail or coercion is real and significant, and pose a threat of loss to the victim’s bank as well as them personally.
5. Banks will need to provide staff with advice on how to manage their personal (and of course work-related) social media presence. And it may even become necessary for banks to monitor their own key employees’ public profile and activity on social media to become aware of any weaknesses or exposures.
The report does highlight that social media can be useful to the risk manager in the area of business continuity citing the example of banks using social media platforms to maintain communication with customers and staff in disaster zones.
See the full report by Alexander Campbell at risk.net (paywall).
Crisp protects banks and other financial services companies from risks on social media. Contact us to speak to our social media risk specialist for banking and finance.