LinkedIn, Twitter, Facebook and the Unwary CFO

The conventional wisdom is that CFOs in Asia do not engage in social media in their professional lives. The natural reticence of finance professionals, combined with worries about inadvertently revealing confidential information, is supposedly holding back online participation. And who has the time anyway?
But things may be shifting on the ground. A new CFO Innovation survey, the first in 2014, suggests that Asia’s finance professionals are becoming more active professionally on the Internet. We asked 100 chief financial officers and other finance executives how they use social media in their professional life.
More than a fifth of respondents – 23% – say they do not engage in online social networks. However, the majority – 52% – indicate they participate in discussions in LinkedIn groups, 43% post on LinkedIn while 38% post on Facebook. And one out of ten (11%) is on Twitter, while 8% engage with bloggers and 4% maintain their own blog.
Click image to enlarge 
How do you use social media in your professional life?
Source: CFO Innovation. Total does not add up to 100% because multiple responses are allowed.
Which brings up the question: Are CFOs and their company really prepared to navigate their way in the new world of social media, whose “extreme, viral and permanent nature,” as Big Four accounting firm Deloitte puts it, can expose companies to new risks?
Towards ‘Social Business’
It is perhaps not surprising that CFOs are engaging more actively in social media in their professional capacity. Across the world, CFOs, treasurers, controllers and other finance executives increasingly regard ‘social business’ as an opportunity to fundamentally change the way businesses work (see chart below).
Click image to enlarge  
CFOs Are Embracing ‘Social Business’
Source: Social Business: Shifting Out of First Gear, a survey of 2,545 executives in 99 countries
The business school publication MIT Sloan Management Review, which conducted the 2012 study Social Business: Shifting Out of First Gear, uses the term ‘social business’ to describe an organization’s usage of consumer-based social media such as blogs, internally developed social networks such as GE’s Colab, social software for enterprise such as Yammer, or data derived from social media and technologies such as marketing intelligence.
For finance, the first element – use of consumer-based social media – is particularly fraught, if also possibly the most effective for professional development and talent recruitment and management efforts.    
“What makes social business riskier than other traditional or even online communications vehicles is its extreme, viral and permanent nature,” says Deloitte. “Information posted on social media platforms can potentially reach millions of people in a matter of minutes.”
Beware the Risks
In Asia, there are possibly apocryphal anecdotes about how a CFO’s tweet thanking executives in another company for hosting dinner alerted a competitor that an acquisition was in the offing. Or how a blog post bitterly complaining about having to work over the holidays because some people wanted to show off caused suspicions of an unpleasant surprise in the upcoming earnings report.
For the unwary or social-media newbie finance executive, the risks include the following:
Regulatory risk. “A careless reference to a client’s confidential business goals or performance posted on a social networking site may be just as problematic as sharing insider information among friends over lunch,” warns Deloitte. “Social business may expose publicly traded companies to increased compliance risk.”
Brand and reputation damage. A small incident that ruffled feathers could have been ignored in the past with little consequence. These days, it can spiral out of control on the Internet. Case in point: the damaged guitar of a United Airlines passenger in 2008. Negotiations over compensation dragged on for nine months, causing the passenger to write a song about how “United breaks guitars.” It caused a sensation on YouTube, caught the media’s attention and forced United to embark on a damage control campaign.      
Information leakage. Sensitive information can be inadvertently disclosed on social media, such as customer data, health information and personal accounts. “Information leakage may result in loss of competitive advantage and brand damage and, in some cases, there may also be legal consequences,” Deloitte points out.
What to Do?
So what should companies and the finance function do? Staying out of social media is an option, but this is probably unrealistic when everyone else is piling on and gaining competitive advantage. According to the MIT Sloan survey, CFOs in particular regard social business as important for increasing sales, recruiting and managing talent, and providing customer service.
“It is important to think of the risks involved and the impacts on regulatory compliance,” counsels Deloitte. “Companies should work closely with employees to help them understand the role that social media plays in the company and the ways that it can be leveraged to help achieve strategic goals.”
The action steps to take include the following:
Understand how individual business areas and activities are regulated. In the US, the Securities Exchange Commission allows companies to use social media to announce key information as long as investors are told which social media platform will be used. The Federal Trade Commission has issued rules about disclosing identity and affiliations, disclaimers and endorsements. Stock markets, central banks, accounting bodies and other regulators may have different standards and guidelines, depending on jurisdiction.
Develop a social business governance strategy and enterprise-wide policies. At Deloitte, a social media working group has been established, comprising staff from risk, talent, information technology and business units. Their diverse perspectives help the company “address and set policy on the various risks and issues that come up around using social tools and technologies.”
Harness Internal Audit on social media issues. Internal auditors are an often overlooked resource, says Deloitte. In fact, their training, experience in identifying and assessing risks and broad view of the organization are useful in managing social media risks. Specifically, Internal Audit can be harnessed to:
  • conduct gap analysis by assessing the organization’s current policies and procedures on social media use against legal and regulatory requirements and recommend changes and refinements
  • help create effective governance structures that are in line with the organization’s culture and risk appetite
  • provide insights into the effectiveness of the company’s social media governance structures as part of independent audit and risk assessment engagements
  • provide input into data classification methodology to help ensure that appropriate loss prevention controls are applied to data that will be shared in social channels
  • get involved in the due diligence process in selecting third-party providers when social media activities are outsourced, including examining the third party’s control environment, security, legal, and compliance history
Educate employees on the role social media plays in the company. Training, monitoring and enforcement are important. Specifically, employees should be told and periodically reminded of:
  • the company’s vision of social media’s role in the business and how it can be leveraged to help achieve strategic goals
  • the dos and don’ts of social media usage
  • the nature of regulations, why they exist and the potential consequences of violating them
Ownership and Accountability
It is also important for companies to clearly designate who has ownership and accountability for social media usage, whether it is the social media team, legal, HR or risk management function. These are the units that were cited as responsible for managing social media policy in a flash poll of almost 1,500 respondents who accessed a 2012 Deloitte webcast on social business and regulatory compliance.
Despite the seriousness of risks, observes Deloitte, “there is little consensus over who should own their mitigation.” One out of ten of the respondents (11%) even said no one was in charge, while 30% said they did not know or that the question was not applicable.
Fortunately in Asia, we have yet to hear of a company being sanctioned by regulators or tarnishing its reputation because of careless social media usage. But it may only be a matter of time given the increasing social media engagement by finance and other in the business – unless organizations put sensible policies in place and make sure they are enforced.
About the Author
Cesar Bacani is Editor-in-Chief of CFO Innovation.   
Photo credit: Shutterstock



Suggested Articles

Some of you might have already been aware of the news that Questex—with the aim to focus on event business—will shut down permanently all media brands in Asia…

Some advice for transitioning into an advisory role

Global risks are intensifying but the collective will to tackle them appears to be lacking. Check out this report for areas of concern