1. ActiveComply User Guide

Social Media Vendor Selection Process

Working with third parties to provide social media marketing or supervision services can greatly lessen the burden of your marketing or compliance departments, but it can also expose your company to substantial risk.

To mitigate this risk, your firm should develop a risk management process for selecting and managing third-party relationships in connection with social media.

Selection Process

A financial institution should regularly monitor the information it, or a third-party provider on its behalf, places on social media sites. This monitoring is the direct responsibility of the financial institution, as part of a sound compliance management system, even when such functions may be delegated to third parties. Your company should conduct an evaluation or prospective providers and perform due diligence appropriate to the risks posed by the prospective service provider prior to engaging. This evaluation should include:

  • A review of the provider’s reputation in the marketplace (reviews)
  • Having the provider complete a questionnaire disclosing any legal or regulatory issues it may currently or previously had
  • A copy of the provider’s consumer information retention and privacy policies

Third-Party Management

To manage third-party providers, create a third-party management program to stem from your selection process. Use your selection evaluation materials as the base criteria for reaffirming that the provider is still a business in good standing. After evaluating the provider as a business, carefully look at the content or supervision services they are providing to determine if they are meeting your company’s social media policy and procedures. This evaluation is typically done once a year but is performed more frequently during the first year of using the services.