In 2014, the Forrester “Social Media Risk and Compliance” report stated that “All organisations need to manage social media risk… but very few do”. This resonated with me back then as it does today. CrowdControlHQ was marked as a ‘world-wide’ contender in the same report and we felt the responsibility to help educate enterprise organisations of what we knew about social media risk and the simple steps that they could take to reduce the risk of a reputational disaster.
Sadly, today awareness of the risks are still lacking in some industry sectors. The risks have moved on from 2014 and the stakes are even higher than ever before as more of the population actively engage in social media, with the scope for reach growing exponentially, putting brands at even more risk than ever before. However, perhaps of greatest concern is the apathy of those, who despite being in the know are still acting in some to guard their organisation against them.
All the signs indicate that operationally we still have some way to go to grasp the issue of risk. For example, in a series of workshops focused on the automotive sector across the UK, we discovered that 52% of organisations were yet to recognise the risks of social media. However, staggeringly 63% admitted that they were potentially operating in breach of the FCA guidelines on social media.
The main challenge that was cited was the lack of interest and attention by senior management teams. We have always used the phrase “You don’t know what you don’t know”, which sums up why social media risk is not discussed around the boardroom table. In some boardrooms social media is still thought of as being used mainly by kids to communicate with each other and share what each had for breakfast! Well social media has moved an extremely long way since these statements held any validity, if indeed they were ever true!
Social media is increasingly becoming communication channel of choice within organisations. No longer is it just used by the communications team to push out updates about new products or services being offered. It is now becoming an operational tool with a clear role in the delivery of great customer services. NPower even made a bold statement stating that customers will get a faster response on social media than any other channel highlighting its standing inside the organisation.
The FCA were quick to identify the role of social media in financial communications and knew that social media had to be treated alongside all other forms of communication and so in late 2014 the Financial Conduct Authority (FCA) released their initial consultation on guidance for social media use in regulated sectors, such as finance and automotive.
The guidelines were launched as a result of many organisations in the Financial Services Sector not taking social media seriously.
It is important to highlight the thinking that sits behind it and the learnings that all organisations can take from these guidelines:
- Retweets are endorsements - Firms are entirely responsible for anything that is retweeted by the organisation’s accounts. Organisations need to include the boundaries for retweeting in their social media guidelines and policies. Getting it wrong can cause huge embarrassment for the brand. It might not be the content within the actual retweet that causes embarrassment, but the association and previous content originated by the same user in the trail that can trigger a PR crisis.
- Record keeping - For the protection of both the organisation and the employee, organisations are expected to keep full, clear records of social media interactions, which can be referred back to by compliance teams for governance purposes. If senior managers are required to investigate customer complaints, then records must be kept in order to be able to conduct such an investigation. Regulated companies are reminded these cannot be held on the native platforms (i.e. Facebook, Twitter, Linkedin).
- Social media risk management - Within the FCA guidelines organisations are advised to put in place adequate social media “risk management practise”, encompassing all relevant risks, including legal, operational, IT and reputational risk. A lot of this is common sense, but brings us dangerously back to the comment “You don’t know what you don’t know”.
Point three appears pretty broad and this is the reason as to why all organisations need to discuss social media and social media risk at board level, which should then be filtered down to operational teams.
As social media moves out of the marketing environment and into customer services and operations then its reach and power will become exponentially more important to the organisation and as a result needs to have focus and attention from the senior team.
In conclusion, there are some very sensible learnings from the FCA’s approach to social media that all social media managers should be aware of and more importantly act on.