Social media use remains a polarizing issue among mortgage origination companies—they either embrace it or shun it totally. The latter is in part because of the fear, not entirely unfounded, that their regulators who don't have a policy in this area could come down hard on any missteps.
The public accounting firm of Crowe Horwath LLP, Oak Brook, Ill., offers up some recommendations for companies looking to implement an effective social media risk management strategy. These are some generic suggestions, not tailored to the specific needs of the mortgage business.
However, many businesses of all types do face similar legal, employment, reputation and information security risks and these are a starting point for the discussion each mortgage originator needs to have when deciding to go forward with a social media presence.
These ideas come from Raj Chaudhary, a principal in Crowe's risk consulting practice. "Employees, customers and vendors can be an organization's greatest ambassadors or can seriously undermine its brand and image," he said. "While no one can control or change this feedback, it can be monitored and responded to in a timely manner, as appropriate."
His suggestions for creating a social media risk management policy are:
1. Engage a multidisciplinary team. Since social media activity affects a wide range of functions, representatives from the following teams should be brought together: human resources, legal, information technology, marketing, risk management, public relations, compliance and any other affected functions.
2. Document current and intended social media use. The team should define how the use of social media aligns with organizational objectives and each department should report how it uses or intends to use social media.
3. Perform a risk assessment. Based on the information received in the documentation step, the organization should then conduct a formal review of risks associated with social media. The multidisciplinary team should determine what steps, if any, have already been taken to control or mitigate risks such as defamation of the company, its products or leaders.
4. Expand current policies to include social media and implement safeguards. This step requires that organizations review and enhance current policies to cover use of social media. This should include appropriate and inappropriate employee use of social media, information security policies to protect information, marketing and communications, as well as vendor management policies.
5. Provide social media training. For the policies to be effective, it's critical that organizations educate their workforce on the social media policy. Ongoing training sessions should include appropriate and inappropriate communications, highlight the constant threats present on social media sites and distinguish between the positive and negative use of the medium.
6. Monitor social media channels. Organizations should also consider how they would stay current on social media chatter that might have an impact on their objectives. Social customer relationship management tools, comprised of software products and vendor services, help organizations monitor by listening on public channels for social media chatter that affects the organization.
"Social media channels represent far more than an intriguing business opportunity. They have become part of the fabric of social interactions for an increasing segment of the population," said Erika Del Giudice, senior manager in Crowe's Risk Consulting practice. "Organizations that implement social media guidelines that promote the responsible use of social media will be better equipped to reap the new medium's benefits."
