Develop an Effective Social Media Policy

Manage the risks when your CU tweets, blogs, or chats.

February 14, 2011
KEYWORDS compliance , media , policy , social
/ PRINT / ShareShare / Text Size +

A social media policy

You’ve finished your due diligence and are ready for the next step: board approval.

The best way to show you’re committed to maintaining a quality and compliant social media program is to adopt a social media policy. But you’ll really want two policies (or one overall policy with two major subparts): one addressing issues surrounding the credit union-sponsored site and a second addressing your employees’ use of social media.

Thorough policies can be a deterrent to conflicts, misunderstandings, and litigation. Even if you choose not to use social media, consider adopting a policy to address potential issues that might arise from staff who do.

Consider these components of a social media policy:


The complexity and technology-related nature of social media will undoubtedly require specific definitions of terms your policy uses.

Designated contact

Designate a specific individual (name the position, not the person) as the “social media contact.”

This person’s duties should include (but aren’t limited to):

  • Managing social media tools and channels;
  • Responding to questions internally and externally about the social media site;
  • Addressing problems/providing direction for staff if a user becomes threatening, abusive, or harassing; and
  • Suggesting changes in the credit union’s social media policy when warranted.

This position also may be charged with two duties:

1. Working with other staff to make sure opportunities aren’t overlooked in marketing credit union services; and

2. Training staff to ensure they understand how to use the credit union’s social media program.


Senior management might or might not be the “public face” of your credit union’s social media program. But the policy should designate who will decide what positions at your credit union will have authority to contribute content—who can blog, tweet, or chat on your credit union’s behalf.

While some policies may include examples of appropriate and inappropriate content, selecting the correct professional staff who “speak for your credit union” should allay such concerns.

The policy (as well as the social media site) might want to include a statement that your credit union doesn’t endorse nor is responsible for any comments and/or viewpoints on social media or networking sites made by its employees unless they’re authorized representatives.

Your policy should state that your credit union will take the necessary steps to make sure the content complies with applicable laws and regulations. Management must determine who’s responsible for compliance.

For instance, marketing staff might not know that certain words or phrases trigger Truth in Lending advertising rules or require posting certain government logos. The designated “social media contact” might or might not be the appropriate person responsible for compliance, depending on the person’s expertise.

Disaster planning

The credit union policy may want to address how you will use social media in conjunction with your business continuity plan.

The policy also can address how the site will be used to quell fears and communicate accurate information regarding rumors, such as those that may arise when the credit union faces challenging economic conditions.


The policy should address technology safeguards, generally outlining such items as program administration responsibilities, regular system monitoring and testing, and dual controls for overseeing and auditing the program.

Content ownership

Include a statement in the policy that the credit union owns all authorized social media and networking content. This includes restrictions on terminated or separated employees from taking, saving, or sending any credit union content distributed via social media while they were employed with the credit union.

Employees’ use of social media

This section of your policy should address employees’ participation in social media and networking sites, including:

  • Restricting use of credit union resources (i.e., computer, phone) for such activities.
  • Prohibiting employees from using social media and networking as a forum to discuss the credit union, including any mention of confidential information and sensitive topics involving the credit union.

You might want to specifically indicate that employees aren’t supposed to list your credit union’s name or include its logo on social media and networking sites they participate in, or ascribe personal viewpoints to those of your credit union.

  • Advising employees that other users might know they’re employed by the credit union, so employees should make it clear that their social-media participation is in a personal capacity. For instance, communication should be written in the first person to make it clear the person isn't speaking on behalf of your credit union.
  • Stating that using social media that interferes with job responsibilities and work commitments, misrepresents the credit union’s position, or criticizes the credit union’s management practices could be grounds for discipline or termination. You might want to elaborate on the steps you’ll take.

After developing your credit union’s social media policy, an often overlooked but essential step is to make sure your credit union’s policy gets into the hands of every employee.

Because online activities inconsistent with your credit unions’ standards of conduct could result in liability for employees and your credit union, consider having employees sign a form that acknowledges they’ve received and read the policy.

And then get tweeting, blogging, and chatting! 

STEVE GIBBS is assistant vice president, shared compliance resources, for the Texas Credit Union League. Contact him at 800-442-5762, ext. 6637.

Post a comment to this story

What's Popular

Popular Stories

Recent Discussion

Who Should Be the 2015 CU Hero of the Year?

View Results Poll Archive