News Room


  • Watch Webinar: Social Media Compliance and Risk Management
    • Lori Haley, VP Social Media COmpliance Officer, Bank of West
    • Lisa Melton, Asst. Vice President Marketing, Amica Mutual Insurance

Regulations & Laws

There are many laws and regulatory guidelines to protect segments of the public. Depending on your industry, your company’s social media content can fall under these guidelines.

We’ve compiled a list of guidelines and laws from regulatory authorities that may govern your communications activity and can be incorporated into your company’s social media plan.

Financial Services

  • FINRA – The Financial Industry Regulatory Authority (FINRA) is an independent, not-for-profit organization authorized by Congress to protect America’s investors by making sure the securities industry operates fairly and honestly. FINRA writes and enforces rules governing the activities of more than 4,030 securities firms with approximately 638,320 brokers.
  • FFIEC - The Federal Financial Institutions Examination Council (FFIEC) is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination in the supervision of financial institutions.
  • SEC – The mission of the U.S. Securities and Exchange Commission (SEC) is to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation. The SEC oversees the key participants in the securities world, including securities exchanges, securities brokers and dealers, investment advisors, and mutual funds.


  • FDA – The Food and Drug Association (FDA) is a federal agency of the U.S. Department of Health and Human Services. The FDA protects public health through the regulation of food safety, pharmaceuticals, dietary supplements, cosmetics, animal and pet products and more.


  • FTC – The Federal Trade Commission (FTC) is a bipartisan federal agency with a dual mission to protect consumers and promote competition. The FTC protects consumers by stopping unfair, deceptive or fraudulent practices in the marketplace. They also monitor business practices, review potential mergers, and challenge them when appropriate.


  • HIPAA – The Heath Insurance Portability and Accountability Act of 1996 makes it easier for people to keep health insurance, protects the confidentiality and security of healthcare information and helps the healthcare industry control administrative costs.
  • ECPA - The Electronic Communications Privacy Act (EPCA) of 1986 applies to email, telephone conversations, and data stored electronically.
  • CDA - The purpose of the Communications Decency Act (CDA) of 1996 is to stop, or inhibit the profusion of pornography, and other obscene material in electronic communications.
  • FCRA – The Fair Credit Reporting Act (FCRA) regulates the collection, dissemination, and use of consumer information, including consumer credit information. Along with the Fair Debt Collection Practices Act (FDCPA), it forms the base of consumer credit rights in the United States.
  • COPPA - Children’s Privacy Protection Rules (COPPA) imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
  • NLRA - The National Labor Relations Act (NLRA) of 1935 protects the rights of employees and employers, to encourage collective bargaining, and to curtail certain private sector labor and management practices, which can harm the general welfare of workers, businesses and the U.S. economy.
  • DMCA – The Digital Millennium Copyright Act (DMCA) criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works. It also criminalizes the- act of circumventing an access control, whether or not there is actual infringement of copyright itself and heightens the penalties for copyright infringement on the internet.
  • CFAA – The Computer Fraud & Abuse Act (CFAA) criminalizes the act of intentionally accessing a computer without authorization or exceeding authorized access, and thereby obtaining information from any protected computer if the conduct involved an interstate or foreign communication.  There are seven types of criminal activity enumerated in the CFAA: obtaining national security information, compromising confidentiality, trespassing in a government computer, accessing to defraud and obtain value, damaging a computer or information, trafficking in passwords, and threatening to damage a computer.


Hero Image: 
Hero Image Title: 
Resources - Be Informed
Hero Image Description: 
Stay ahead of all industry news and regulations