Avoiding Information Leakage in Social Media

Will the financial services industry limit its use of social media as yet another branding and marketing channel?

For Mike Manning, co-founder and CEO of start-up DealVector, social media offers financial institutions a way to connect and interact to drive revenue. The key, he says, is to protect one’s identity and provide just enough information to avoid any unintended information leakage.

DealVector launched its LinkedIn-esque investor-to-investor networking platform approximately two months ago so that user could find fellow collateralized loan obligation (CLO), collateralized debt obligation (CDO), residential mortgage-backed securities (RMBS) and trust preferred securities (TRUPS) investors without tipping their hands to the world like CXA Corp. had to do in 2012.

For those who don’t remember the event, CXA took advertisements in the Wall Street Journal and other publications seeking other investors in several RMBS series so they could pursue “rep & warranty” breaches against the dealers who sold them the securities. The advertisements were a simple laundry list all of the instruments in question. CXA did not published how much of each instrument it owned, but the world knew that CXA had inventory in those securities.

To avoid information leakage, DealVector provides access to its networking platform to only those who can bring something to the table. The vendor vets everyone who applies for membership and users should not expect to sign up with a G-mail or Hotmail address. And if they are purposely vague on their details, expect a follow-up phone call from DealVector.

Once vetted, users will notice that there is zero creativity when it comes to user names. Everyone has a DealVector-assigned user number- 62, 183, 451 or whatever. This prevents users from accidentally revealing their identities accidentally by using a name that they might already use for an email account, social media site or online gaming.

Users can message known community members directly or send a message to the community at large and only those users who previously registered interest in that specific topic can see the message.

When it is time to take a conversation offline, a click of a button will send the user’s contact details to the fellow user. However, DealVector’s holds all the identity and contact information in escrow and users will not see another user’s information until they send their own.

This is not to say that DealVector users know absolutely nothing about other community members. Similar to eBay and e-commerce sites, each user is given a “seller’s rating” based on previous transactions as well as the number of fellow users a member has recruited personally to join the platform.

No other information is stored on the hosted platform beyond user contact details, conversation details and interaction statistics, which should make information security staff sleep sounder at night.

As Manning often says, “DealVector’s purpose is to bring parties to a table so that they can start a conversation and that is it.’