Close Close

Practice Management > Marketing and Communications > Social Media

What 'BYOP' Means for Advisors' Social Media Compliance

Your article was successfully shared with the contacts you provided.

These days, social media offers organizations tremendous business advantage in terms of reaching potential new customers and staying in touch with the ones currently on their roster. In fact, the number of organizations now actively using social media as one of its standard outbound forms of communications is on the rise.

With that being said, some social media channels are more popular than others and staying compliant is the key driver. For example, according to data from the Smarsh annual compliance survey for 2016, the use of Twitter and LinkedIn by compliance professionals, as well as those employed at financial services firms, has grown considerably where the use of Facebook has not.


Similar to the bring your own device (BYOD) phenomena, having the proper management tools and technology in place will be the key to making bring your own persona (BYOP), the use of personal social media applications and networks for business communication, safe to use. Another key to the successful adoption of BYOP will be the need for the entire organization to work together to form the right strategies, plans, implementation and support processes.

Success with BYOP will require open cooperation between IT, legal and marketing stakeholders in addition to the traditional compliance professionals and teams responsible for meeting regulatory requirements. The benefits derived from BYOP and their positive impact goes beyond just your compliance stakeholders.

When it comes to staying competitive in regulated industries, organizations are challenged daily by the dilemma of balancing risk versus reward for allowing social media communications, and the use of personal networks to promote and grow the business, and keep in touch with customers. Pre-approval for social media communications mitigates risk, but severely impacts the timeliness of communication, and the ability for the organization to initiate and participate in social media opportunities because they appear and play out so quickly.

Supervision of social media communications with real-time monitoring and automated policy checking is proving to be the right balance of appropriate governance and control, combined with sufficient business and communications agility.

Collaborating to Work Through Compliance Challenges

As BYOP moves from concept to reality, it’s important to understand the roles and challenges of your stakeholder groups when it comes to permitting social media use, and how they work together to safely manage use, address regulatory requirements, and reduce the likelihood of individual — and potentially conflicting — strategies for your organization’s social media presence.

Compliance has to ensure inbound and outbound content is safely and securely captured, archived and managed through active supervision, policies for flagging keywords or phrases, and guidelines that address questionable content. The challenge to this team is magnified particularly when communications happen under the radar on personal networks or devices. Your legal team must be able to quickly respond to discovery requests or litigious events where specific messages and content are relevant, and understand current industry regulations, including consumer protection laws, and local and state statutes that may have a direct impact on how you use social media.

Collaborating allows all groups to communicate their specific needs and pain points, which can inform the creation of a comprehensive and robust social media strategy and policy. It also decreases the potential for system silos and can eliminate instances of separate, narrowly focused plans that may inadvertently increase the potential for risk.

The collaboration process is an excellent opportunity to identify individuals within the larger stakeholder groups who can be looked upon as super users. Each member of the smaller group can represent their native team and communicate notable updates such as new regulations or platforms that may impact your social media activities. This team can double as a cross-department training team to explain the benefits of social media, risk and risk management procedures, your organization’s position and strategy, internal and external use, rules of engagement, and the needs and roles of stakeholder groups as they pertain to the bigger picture.

Four Steps for Establishing a Strategy for BYOP

After understanding the drivers, risks and benefits of allowing the use of personal social media accounts and networks, you can establish a company-wide social media strategy and plan that keeps you competitive and compliant.

First, determine which stakeholders in your organization have an existing business need for it. As mentioned above, chances are that your marketing department has wanted to leverage the reach provided by personal social media networks for quite some time, if it could be done safely and in a compliant manner. Another example we see a lot is individual advisors or reps wanting to leverage their own personal social media networks and accounts to keep in touch with their existing customers, and promote themselves and the financial offers they represent to their constantly growing network to attract new customers.

Second, determine which social media channels to start with, based on the discovered needs in the first step. The Big 3 social media platforms most organizations in the financial services sector start with are LinkedIn, Twitter and Facebook. LinkedIn is by far the most popular starting point, due to its professionally oriented “networking” attributes and functionality. Twitter is a close second and is a highly effective means of disseminating headline-style sound bites and actionable links to a defined group of “followers.” Facebook is typically the third channel to use with a corporate page, but is not a great candidate for BYOP because of its highly personal nature, and lack of controls on the content others can create on an individual’s page.

Once the initial set of social media channels to be used has been determined, the third step is to create policies for their allowed use. These can be determined using a coordinated approach between the key stakeholders who will use the social media channels and the compliance team to establish rules for the type of content that can be disseminated using social media, and who has access to use it. Establishing the right set of policies for BYOP is probably the single biggest consideration and factor in making it successful. This is also the time to establish who the lead individuals are in your organization that will manage the BYOP process once it is adopted and implemented.

Finally, determine how best to enforce the established policies, and the process to take action when potential violations occur and need to be reviewed. This is where the use of today’s advanced archiving technology can play a major role in automating the management of BYOP, and ensuring the completeness of the supervision to mitigate risk while maintaining compliance according the organization’s policies.

Putting the Right Technology in Place

Pre-approval versus active monitoring of social media communications is a major topic of debate. In a perfect world, every response, action, comment or proactive statement delivered by the company via social media would be checked and approved before being allowed to be communicated. However, as most firms that do pre-approval will tell you, it is very hard to stay agile and responsive if pre-approval is applied to every piece of communication and not implemented selectively.

Automating the process of checking all social media communications, especially when personal social media accounts and networks are in play, against established policies for approved use is critical to achieving the right balance of speed, agility and reach, while mitigating the risk associated with violating compliance regulations.

Archiving technology will inspect all social communications and flag any messages or content that needs to be reviewed for potential violations as it is being retained in real time. Yes, the messages and content have gone out, but the messages will be caught and corrective action can be taken if they are indeed a problem from a compliance or risk standpoint.

— Read 3 Powerful Benefits Financial Company CEOs Realize by Getting Social on ThinkAdvisor’s TechCenter.