Mitigating Compliance Risk for Digital Marketing and Social Media

Digital marketing and social media are a must-have for every financial institution. They are invaluable tools, enabling you to reach the right person at the right time with the right message, reduce marketing costs and increase ROI. Their successful implementation can be linked to a 3-step process—data collection and analysis followed by informed action. However, to mitigate compliance risk, digital marketing and social media posts must adhere to the same fair lending and regulatory guidelines and practices as other forms of marketing.

A marketer’s dream. A compliance officer’s nightmare.

Financial institutions collect a tremendous amount of data on their customers. They know addresses, age, gender, ethnicity, marital status, financial status, credit card purchases, vehicle age … priceless data that enables precise targeting. However, certain data triggers may open the window for digital redlining and other fair lending risks if they rely on protected class definitions.

Does this mean financial institutions should shun digital marketing and all its benefits? How do we make sure our institutions are protected from compliance risk in a world where marketing relies on data filters? Let’s explore the ramifications of using targeted, digital marketing and social media in the world of banks, credit unions and regulators.

Does Digital Marketing reach everyone equally?

While the vast majority of Americans use the internet regularly, 10% of the US population is not digitally engaged. Of those, 14% are Hispanic, 15% are black and 27% are over 65 years old.1 These are all protected classes, and they occupy a digital desert; with no data coming in, not even targeted direct mail can reach them. We also have to consider the credit-invisible population, those who have not had the chance or opportunity to develop a credit score, good or bad.

If digital marketing and social media do not reach these individuals, this could be considered disparate impact and/or treatment. It pays to be overly cautious and to decide early how to reach these small, but important, populations.

The Pitfalls of Digital Marketing and Social Media

The more internet-based marketing is used to target advertising, the more likely target data may inadvertently categorize consumers by protected classes. Knowing Alice is a 65-year old Hispanic female who likes to browse fashion is great for shoes. It’s not so great for financial institutions as most of the indicators can be considered protected classes – over 65, Hispanic, female, etc.

With the help of cookies, data is collected and attached to an individual through email addresses, phone number and other personal forms of identification. Algorithms ensure Alice, who has visited numerous real estate sites, sees mortgage offers and links to relevant posts. Sounds innocent enough. But what if Alice’s data excludes (or includes) her based on gender, age or national origin? This opens financial institutions to possible compliance risk.

Compliance Risk and Digital Marketing

Banks and credit unions are increasingly engaged in digital marketing. It’s a cost-effective and powerful platform to reach customers and prospects where they are most engaged with a message that resonates. It often involves collecting real-time consumer data that can be used to create detailed profiles and data triggers for communications, such as product viewed, product bought, income and ethnicity. Triggers based on protected classes, even if it’s done unintentionally, could put your financial institution under scrutiny for fair lending risk.

Compliance Risk and Social Media

Today’s consumer wants more. They want to engage with brands that reflect their values and deliver more than targeted offers. Social media channels are where they turn. They look for meaningful communication that sets your financial institution apart from others. Insightful articles on debt consolidation, Facebook posts about employees and tweets on community involvement are just a few ways you can connect with your customers on a deeper level and reinforce brand loyalty. A strong social media presence helps set your financial institution apart, enhances existing relationships and helps attract prospects. However, the same fair lending risks arise as in digital marketing.

The Equal Credit Opportunity Act (ECOA) and the Fair Housing Act (FHA) provide clear guidance on what is acceptable for marketing and advertising. To ensure targeted digital marketing and social media  posts avoid the pitfalls of compliance risk, financial institutions must make sure their efforts follow all guidelines. Finding a partner with a deep understanding of the financial world can help you navigate the complexities of compliant digital marketing and social media presence.

The Solution

Marquis Compliance Professional Services can help you navigate the digital world. Marquis Compliance Professionals Services experts have a deep understanding that enables them to recognize the risk factors of targeted marketing. They can help develop policies and procedures to collect and analyze data. By implementing risk mitigation tools like demographic balance testing, back-end testing of campaign results and reviewing matching factors, Marquis’ experts can help you avoid and/or uncover fair lending risks.

Marquis’ marketing and compliance solutions were developed specifically for the financial industry. With over 30 years of experience dedicated to financial institutions of all sizes, they understand the unique dynamic between compliance and marketing. They can provide proven and effective strategies to collect, analyze and act on data. Leveraging their unique perspective can help elevate marketing efforts and mitigate risk before it becomes an issue.

CONCLUSION

Digital marketing and a strong social media presence are extremely cost-effective mediums that enable financial institutions to enrich relationships and deliver a message that resonates. Ignoring digital marketing and social media will only handicap your institution’s marketing efforts.

Partnering with Marquis and Marquis Compliance Professional Services can help improve digital marketing and social media efforts and minimize inadvertently triggering compliance risk.

FOOTNOTES:

1 Pew Research Center, Internet/Broadband Fact Sheet: 2019 https://www.pewresearch.org/internet/fact-sheet/internet-broadband/

Tips for Staying Connected Using Digital Marketing

Our current environment is changing daily. With the future remaining uncertain, financial institutions must be quick to adapt and utilize all resources available to maintain business as usual, even in unusual circumstances.

Now more than ever, your customers/members need to be able to connect with you and feel a sense of protection. With social distancing practices and shelter-in-place orders in effect around the globe, it may seem like connections are strained. Despite this new temporary normal, you can still maintain your customer/member connections.

It is important to meet your audience where they are – in the digital space. In the month of March Marquis clients used DocuMatix to send more than 87 million emails to their employees and customer/members. How did you communicate with your employees and customers/members?

Here are some helpful tips and best practices to help you navigate the digital marketing space.

Don’t Neglect Internal Communications

Your front line needs to stay in the know in order to provide accurate and timely information to customers/members. Ensure your staff stays updated on things such as operational changes, new procedures and branch closures through internal emails or newsletters. Providing accurate information to your employees will be key in maintaining customer/member trust and making them feel comfortable in an uncomfortable situation.

Utilize Text Messaging and Email

Because in-person interaction is at a mandatory minimum, maintaining timely contact through texting and emails where appropriate will be most impactful. Consider creating a text message key word just for emergency notifications and notify your audience about branch closures and modified hours. Emails and text messages are a quick, effective way to ensure your message is delivered.

Apply Real-Time, Accessible Updates

With branch closures and modified business hours changing daily, your customers/members are looking for your updates. In addition to text messages and emails, post on your institution’s social media accounts and website with frequent, important news regarding new procedures, branch closings, etc. Messages should be clear, easily accessible and should provide your customers/members with the affirmation that you have their backs.

Maintain Web Forms to Schedule Appointments

Web forms are your new best friend. Provide appointment scheduling options through webforms placed on your website or in emails to schedule virtual appointments and minimize in-person branch visits to maintain safe social distancing requirements. Web forms will ensure accurate staffing levels are maintained and personalized interactions still occur.

Stay Vigilant and Flexible

A strong digital marketing platform is imperative for every financial institution. Evaluate what works for your institution and where your strategies could use change. Visit www.gomarquis.com/marketing-solutions to learn more about DocuMatix, the Marquis digital marketing product suite.

The Value of a Compliance Management System

A financial institution’s Compliance Management System (CMS) is the backbone of risk management and also acts as the pathway to success (or failure) when it comes to reviews, exams and audits. The CMS should cover all of an institution’s risk areas ranging from loan processes to customer/member complaints. A robust and comprehensive CMS helps ensure proper procedures are being followed, uncovers risks before potential issues arise and helps assure compliance with regulatory demands and requirements.

The CMS touches almost every department, from marketing to administration. The FDIC, just one of the regulatory bodies of several who evaluate the efficacy of a CMS, has provided guidance that a CMS is how financial institutions 1) learn about compliance responsibilities, 2) make sure employees know and understand compliance responsibilities, 3) review operations to ensure responsibilities are fulfilled and requirements met, 4) define risk areas and take corrective action and 5) update materials as needed.1

A CMS that has been implemented and functioning the way it is intended can save a financial institution from compliance failure and fines as well as a loss of reputation.

CMS Structure

Before examining preventative measures, let’s delve into what’s expected from a CMS. Although regulatory bodies are looking for the same general and overall components, emphasis can differ based on the scope of the audit or exam, the examiner, and of course the regulatory body doing the examination.

The FDIC presents three elements considered essential for an effective CMS.

Board and Management Oversight
It is imperative that the Board and Management be committed to compliance efforts. A culture of compliance encourages cross-enterprise support and is supported by a well-defined policy, clear expectations and a compliance officer with the authority to do what is necessary to keep the institution as free from risk as possible. This is often referred to as the “tone at the top”.

The Compliance Program
A strong compliance program includes policies, procedures, training and monitoring guidelines that are clearly stated and carried out. Response to consumer complaints is an integral part of the compliance program. The path for escalation and resolution should be adopted and consistently applied enterprise-wide.

The Compliance Audit

An independent review of how an institution adheres to internal policies and procedures, and how these policies and procedures comply with consumer protection laws and regulations, helps ensure compliance and identify risk.

The CFPB breaks a CMS into two main elements: Board and Management Oversight and the Compliance program. When reviewing a CMS, the CFPB examiners apply the following five modules.2

Module 1: Board and Management Oversight
Examiners focus on the Board and Management’s commitment to the CMS, change management, identifying risk and understanding its source and the ability to proactively identify risk and take corrective action.

Module 2: Compliance Program
A solid CMS includes a clearly defined compliance program that details policies and procedures, provides effective and relevant training, performs routine monitoring and audits and has a responsive customer/member complaint system in place.

Module 3: Service Provider Oversight
Financial institutions are responsible for their service providers. They must ensure service providers are in compliance with Federal standards to avert consumer harm and avoid liability.

Module 4: Violations of Law and Consumer Harm
If a violation is discovered, examiners will consider the cause, severity, duration and prevalence of the violation. Examiners will delve into the CMS to make sure it identified the issue and triggered the necessary corrective action.

Module 5: Examiner Conclusion and Wrap-up
No matter the institution’s risk profile, examiners will conclude by summarizing and recording their findings and identifying weak spots. They must also review their findings with the bank or credit unions and outline considerations for the following exam and/or any follow-up deemed necessary.

In a broader sense, like the FDIC and CFPB, other regulatory bodies’ examinations consider different components necessary for an effective CMS. But, on a more granular level, each cover similar topics, each nuanced by that body’s particular area of concern. For example, the CFPB’s Compliance Program includes policies and procedures, training, monitoring and/or audits and the consumer complaint process while the FDIC spreads these essential components over the Compliance Program and the Compliance Audit.

With almost every detail of a CMS requiring a host of supporting documents, processes, tools, controls and functions, it’s imperative for the compliance officer to ensure their institution’s CMS answers the needs of each regulatory body. Doing it alone can be overwhelming. That’s where Marquis can help.

CMS Development and Maintenance

Identifying risk and weak spots can be challenging when reviewing how a CMS is functioning and details can be missed if the right questions are not asked and evaluated. Enlisting the help of Marquis Compliance Professional Services will ensure your CMS will effectively manage risk, support compliance and prevent consumer harm. Here at Marquis, we are well versed in the ins and outs of building, refining, and maintaining an effective CMS and will apply this expertise to your compliance program. We get what each regulatory body is looking for.

Conclusion

With recent submissions barely in the rear-view mirror, focus on the risks of potential CMS shortcomings should be on the top of all our minds. Now is the time to refresh and update your CMS. With the help of partners like Marquis Compliance Professional Services, by the time submission season or your next Compliance Exam rolls around your CMS can be addressing the examination nuances of the FED, FDIC, OCC and CFPB.

1 FDIC.gov https://www.fdic.gov/regulations/resources/director/presentations/cms.pdf

2 CFPB https://files.consumerfinance.gov/f/documents/201708_cfpb_compliance-management-review_supervision-and-examination-manual.pdf