By Evan Sparks
In March, the U.S. Department of Housing and Urban Development filed a landmark lawsuit against Facebook, alleging that the Silicon Valley giant was violating the Fair Housing Act by filtering housing-related advertising to potential viewers based on protected characteristics, such as race, sex and disability. In the case, which is still pending, HUD alleged that Facebook enabled housing advertisers to exclude—for example—parents, foreign-born individuals and customers interested in accessible units from seeing ads.
The lawsuit was just the latest wrinkle in the challenge of digital marketing compliance, an area that poses challenges to bankers because of its rapid change, its relative newness and a variety of regulatory implications—challenges that are usually outweighed by the benefits of digital marketing.
“It makes a lot of sense for your institution to be involved in this,” says Renee Huffaker, CRCM, senior compliance manager at Arvest Bank in Tulsa, Okla., who spoke recently at the ABA Regulatory Compliance Conference in New Orleans. “Today you can be so much more refined and efficient with your marketing dollars. But it does present a much wider array of compliance risks than traditional marketing does.”
In fact, those risks can present themselves even if the bank as advertiser does all the right things. In its lawsuit, HUD alleged that “Facebook also uses the protected characteristics of people to determine who will view ads regardless of whether an advertiser wants to reach a broad or narrow audience.”
In other words, says Kevin Georgetti, CRCM, “you could be doing everything right” in terms of your intended market, but an advertising platform’s algorithm could still serve your ads to audiences in a way that could inadvertently result in what he calls “digital redlining.” “How do you control that from a compliance perspective?” asks Georgetti, who is chief compliance officer at First United Bank in Durant, Okla. fac
To help bankers mitigate the risks associated with digital marketing—which applies on Facebook, Google or whatever digital or social media advertising platform a bank uses—Huffaker offers four key takeaways.
- Eliminate the unknown unknowns
“It’s very reasonable to expect . . . that your regulators are going to start asking you detailed questions about what you’re doing for the digital marketing perspective,” says Huffaker, and banks need to take into account the spectrum of risks created.
For example, deposit products generally involve more marketing risk than general branding, and credit products are riskier to market digitally than non-credit products. Marketing channels where the bank controls who sees the ads—such as manual buys—are generally lower-risk than programmatic buys, where algorithms determine which sites not on a blacklist the ad will run on and who might see it. With the latter, she says, “you are going to be left completely at the discretion of the process.”
Social media look-alike advertising—in which the advertiser shares a list of consumers who engage with the company and ask the ad platform to display the ad to a similar audience—likewise involves higher levels of risk. “It’s important that you dive deep into the demographics of the data you are sharing with Facebook.”
To understand how digital marketing works and how it fits into a bank’s risk management program, Huffaker recommends getting to know marketing vendors. “It’s important that you are spending time with your marketing technology vendors,” she says. “Vendors don’t know everything you know about compliance…. [but]they educate you on digital marketing.”
- Rein in rogue sub-vendors (and other third parties)
“Make sure you have some awareness about who the sub–vendors are and how they’re involved,” says Huffaker. She tells a story about a social media contest her bank ran in connection with a popular holiday ice skating event. Consumers would leave a comment on the bank’s social media page about their favorite winter experience to win the prize. To manage the numerous responses, the bank looked into engaging a Facebook sub-vendor that would manage the entries.
But it turned out the sub-vendor required contest entrants to agree to share their personal information, demographic information and future online browsing activity. The bank decided that wasn’t appropriate, so marketing had to manually review the contest entries. “Sometimes vendors can show up in sneaky places and cause issues with you that you weren’t expecting,” Huffaker says.
She adds that banks need to understand the alternative data that vendors use to select the audience that sees the ads—and how the data is validated and tested. “To the extent that any of your audience selection tactics rely on this alternative data, you need to understand how accurate it is.”
- Get comfortable with imperfect targeting
Bankers need to make sure digital marketing is covering all of a bank’s assessment area. Arvest adds some buffer to the areas it targets with digital ads to ensure it serves ads to its market area. Even though the bank has no branches in Osage County, Okla., it has a branch in Tulsa County just across from the county line, so including Osage in its digital marketing area made sense, Huffaker says.
“It’s not the worst thing in the world to have an imperfectly targeted digital ad,” she explains. “It’s more important to get that spill as a compliance department—and to not have this perfectly targeted ad—in order to reduce risk to the institution.”
- Socialize with your sellers
There’s a role for everyone in the bank in making compliant digital advertising succeed. Part of that is helping other employees stay on message with a policy on employee use of social media. “You [may] have loan officers out there who put things on LinkedIn, and you have to be concerned,” says Georgetti. “What if they throw an interest rate out there? What if they throw a term on a loan that leads to a triggering term that means further disclosure? How do you get a handle on that? How do you put some controls in place?”
Huffaker encourages compliance officers to educate executive leadership on the use of customer characteristics in marketing models. Key to delivering effective digital messaging, though, is the partnership between compliance and marketing. “Build a strong partnership with your marketing department,” she says. “Our marketing team, like most marketing teams, is very passionate about what they do.”
