A new report from Proofpoint’s Nexgate research team found that many Fortune 100 companies are not doing a good job of policing compliance violations tied to their social media accounts.
The report, entitled the ‘State of Social Media Infrastructure, Part II’, outlines how Fortune 100 social media pages are failing to keep up with the pace of social communication while following various federal regulations. The study is based on research conducted over a 12-month period between July 2013 and June 2014 that focused on the social media presence of Fortune 100 companies.
“The average firm suffered from a total of 69 unmoderated compliance incidents during our 12 month research window,” according to the report. “These incidents that went virtually unnoticed by internal compliance staff since they were posted and not removed from public social pages. An unknown number of additional incidents occurred but were removed by compliance staff before our scanners evaluated each account at the end of the period.”
These compliance violations can come from both employees and members of the public, the report notes. Employees accounted for 12 incidents per firm, while public commenters accounted for 57. Only 47 percent of branded posts were routed through marketing and content publishing platforms despite the fact that most Fortune 100 brands own these tools, suggesting employees are either unaware, ignoring or deliberately circumventing their company’s approved publishing workflow, according to Proofpoint.
The challenge facing these organizations can be significant. According to the report, the average Fortune 100 firm has more than 320 branded social media accounts as well as thousands of followers and employees potentially interacting in discussions on social media such as Facebook, Twitter and LinkedIn.
“FINRA [Financial Industry Regulatory Authority] financial service and FDA [U.S. Food and Drug Administration] healthcare regulations are examples of standards with specific provisions covering Commenter postings,” the report explains. “These requirements require much larger scale compliance operations than regulations applied only to Brand posts.”
Nine different U.S. regulatory standards triggered incidents, including FINRA Retail Communications, FINRA Customer Response and SEC Regulation Fair Disclosure, according to the report. Financial services firms accounted for the largest volume of incidents, averaging more than 250 per firm.
“Compliance violations pose a particular threat as they have serious financial and regulatory consequences,” said Devin Redmond, vice president and general manager of Nexgate for Proofpoint, in a statement.
The report recommends organizations establish a committee responsible for compliance with social media policies. The team should include the organization’s internal social media users – such as the marketing and sales department – and security team.
“The primary role of this crossfunctional team is to assign clear roles and responsibilities within the organization for policy, training, enforcement, and audit,” according to the report.