The FDIC has asked us, in conjunction with an upcoming compliance exam, how we comply with the CAN-SPAM Act. I confess I had never heard of the Act, but upon research found it was enacted in 2003. Does anyone have a policy and procedure they would be willing to share? Or, information on where I might buy one?
cstrauss – Have you had any instructions in place on the use of email for marketing? With an exam coming, seems like it would be tough to institute a procedure that allows employees to send commercial messages but includes the required opt out procedure. If you have prohibited messages that are not transactional, or limited the email marketing to certain individuals, the documentation would be much easier to tackle!
We now use a commercial email marketing program so our procedures centralize the function and allow other employees only to send transactional and relationship email messages. This controls the opt out process so it was implemented to avoid problems with that. Previously we allowed employees to send commercial messages, subject to marketing and compliance reviews, that included a footer with opt out instructions. But we did not have any way to capture violations. Our guidelines reflect the information on the FTC web site. I’ll share what I have – but looks like I need contact info.