It’s not just the Government that wants judicial of social media, in March this year the Securities and Exchange Board (SEBI) issued Cir/ISD/1/2011, its latest guidance on electronic communications specifically relating to circulating unauthenticated news via social media web sites. The circular points out that a lack of internal controls is placing many organizations in danger of being out of compliance and puts the individual and the compliance officer firmly in the firing line if investigated. But squaring up to compliance obligations can have unexpected positive results.
The line between enterprise and consumer real-time communications has never been clear cut. The last five years have seen a dramatic change in the internet and financial institutions have been swift to take advantage. As one of the early adopters of instant messaging, it’s a sector that understands the advantages of timely communications, so it’s not surprising that users have introduced into the workplace all manner of Web 2.0 applications and tools from social networking, instant messaging peer to peer, streaming video, voice over IP applications such as Skype.
Recognizing the trend, and its potential, organizations have been swift to introduce enterprise platforms such as Microsoft Lync, IBM Lotus Sametime, or social collaboration platforms, such as Connections from IBM, or SharePoint from Microsoft. However, this hasn’t stopped users from continuing to use their favorite consumer applications – particularly when their customers or partners are only available – and particularly active on those platforms.
From building a loyal following of customers, collaborating with colleagues and developing new business, social media has proved to be a formidable tool. But there is also a darker side, one where data leakage, non-compliance, malware and errant employees threaten to undo any success at the tap of a tablet, or the click of a mouse.
Regardless of whether the regulations an organization follows are SEBI, FSA or SEC to name but a few, most require member firms to follow due process on approvals as well as to keep and archive adequate records of all electronic communications. However, in practice not many firms are able log content posted to Facebook, let alone try to control the content of the actual message. Thus the obvious procedure has been to simply ban its use.