Compliance and Social Media: Friends or Foes?

It is increasingly frustrating for innovators to get social media tools past hyper-risk-adverse compliance specialists.
This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.

A consistent theme keeps popping up as I discuss social media innovations with bankers these days. It is increasingly frustrating for innovators who want to use mobile, social media, the web and other such tools to get these past hyper-risk-adverse compliance specialists. It seems as if many of the bankers I'm meeting are saying that the favorite word of the compliance officer of today is simply "No..

That needs to change...

Compliance holding up social media adoption

In a recent American Banker's Association survey they reported that 74% of participating banks confirmed that all "social media efforts were to be vetted by compliance first." In an environment where minutes matter, and the response is key, such a logjam to social media participation is a frustrating mismatch with the realities of dealing with customers in today's uber-connected world.

On Sunday I enjoyed brunch with Matt Dooley who heads up Direct Customer Experience for HSBC's Commercial team in Asia, and his wife Maria Sit who runs Heath Wallace's Asia division. Over lunch, the issue of culture, compliance, philosophy and the reluctance to experiment broadly with social media, mobile engagement and other such issues came up.

Matt used a brilliant illustration to identify the problematic compliance hurdles we face today as bank innovators. He asked me whether or not a compliance department of a major financial institution would approve "snail mail" as a new initiative if it was proposed today. Let me explain. If snail mail did not exist today, what would your average compliance officer think if you came along and explained you wanted to use this great new technology for distribution of bank material like statements, new credit cards, PIN #'s, etc. You'd have your PowerPoint deck ready to go explain the process where you stuff an envelope, hand it on to someone you don't know in the bank (likely a very junior staff member), he then puts it in a bag which is picked up by a truck with another person you don't know, they take it to a large warehouse and sort it according to Geography, etc, etc...

There just ain't no way that snail mail would make it through the compliance check list of today's modern financial institution. The compliance officers would no doubt quote scenarios like this to justify why it would be absolutely impossible for the bank to consider using this new 'snail mail' technology.

This is the dilemma. Today there are those of us trying to improve customer experience, knowing full well that compliance departments are citing risk mitigation, regulations and laws, bank policy and procedures, and other such issues as reasons why innovators can't release a new mobile app, engage in social media conversations in real-time with customers, and so forth. In the meantime, there are existing processes, procedures and systems that are far more riskier than things like social media, but they are immune to the compliance department's gaze because they are already in place.

Is it riskier to do nothing?

Let's take Twitter as an example. Today it's rudimentary to do a Twitter search on major FI brands to see topics trending that in the old days if they were carried by mainstream media would turn a banker's hair on end. In many cases, however, such interactions are simply ignored because there are no dedicated resources listening and responding to such social media conversations. The processes internally around getting compliance approval for a formal response simply make any such response useless by the time it is approved.

But aren't social media free form responses risky?

Take for example the very public Twitter faux pas recently committed by a Westpac employee who stated "Oh so very over it today..." Honestly, this is probably about the worst that it could get on Twitter -- and it just isn't that bad. I hear compliance departments the world over rejoicing and justifying their stance at the next Social Media strategy review meetings -- saying, "see, see - we told you so!" The reality is, that this particular faux pas actually ended up humanizing the Westpac team and probably won them new supporters more than anything else...

It is far more likely that a serious breach of customer trust, a poor service or policy decision, or some other very public social media trending topic could do far worse brand damage if left unanswered out in the social media conversation.

Classic examples are those of Ann Minch with Bank of America and Citibank with the Fabulis debacle. In observing the Facebook and Twitter effect of such PR nightmares, the lack of timely response by the bank across the social media landscape made these issues far more impactful and damaging than they needed to be. So the real risk is in not responding quickly enough.

The reality is that banks are increasingly likely to face a major PR disaster and have it escalated more rapidly than they can every imagine through social media networks. Take the example of BP and the recent Gulf Oil Spill -- their lack of maturity in handling PR issues over social media has absolutely punished their brand. The spill is bad enough, but BP's response to the social media conversation has simply made it much worse than it had to be.

No amount of brand advertising and traditional PR can ever undo the sort of reputation damage that is possible to your brand in the social media landscape.

Compliance as an enabler

Compliance needs to understand the negative risk of increasing workload on the frontline in respect of customer service perception, and decreasing the ability of the organization to respond to social media events in real time. They need to start thinking about their function as an enabler of the core business with customers, rather than just risk mitigation. They can also be lobbying regulators to help regulators adapt and make their processes more user-friendly, while retaining security of identity and the assets of the customer.

Customer experience is being hampered by compliance-heavy processes that look to reduce risk, but make the engagement unnecessarily complex. Translating the Terms and Conditions from a paper application form onto the first 7 pages of a web-based application process might seem legally sound, but is quite ridiculous from a Usability and Customer Experience perspective.

Compliance departments need to learn to stop saying no, and be embedded within social media, customer advocacy and customer experience teams so they understand the implications of 'risk' and 'legal' decisions that actually hamper the organizations ability to respond to customer needs.

Popular in the Community

Close

What's Hot