Broker-Dealer Consents to De-Gamification
Commentary by Steven Lofchie
A broker-dealer settled charges brought by Massachusetts Secretary of the Commonwealth William F. Galvin (the "Securities Division") over the online trading platform's (i) insufficient vetting of accounts for options approval, (ii) cybersecurity failures, (iii) inadequate operational systems and (iv) the use of gamification strategies to attract customers.
In the Consent Order, the Securities Division found that the broker-dealer/trading platform violated the Massachusetts securities laws "by marketing itself to Massachusetts residents, in part, by deploying certain in-app features and other promotional campaigns, and [by failing] to maintain the infrastructure and procedures necessary to meet the demands of its customer base." The Securities Division also stated that the platform lacked cybersecurity controls "at the time of a November 3, 2021 data breach[,] which resulted in an unauthorized third-party obtaining names, emails, or phone numbers for approximately 117,000 Massachusetts consumers."
As to gamification strategies, the Securities Division had asserted in its original Complaint and the Amended Complaint, filed in December of 2020 and October of 2021, respectively, that the broker-dealer aggressively marketed itself to investors without regard for their best interests and failed to maintain the infrastructure and procedures necessary to meet the demands of its then rapidly growing customer base. The Securities Division stated that the broker-dealer targeted younger individuals and allowed them to potentially make an unlimited number of trades, including over 200 customers with no self-reported investment experience averaging at least 5 trades per day. Further, the Securities Division stated that the broker dealer marketed to these customers through strategies that included:
- a "First List" provided on the home screen that included stocks "chosen based on their popularity on [the] platform.";
- a "section titled 'Popular Lists' that all customers could search to browse potential investments";
- "push notifications sent to certain customers regarding specific changes in the value of stocks held in their accounts";
- "push notification[s] sent to certain customers after funding an account that", if clicked, redirected customers to the "100 Most Popular List";
- "digital confetti raining down from the top of the screen after a customer’s first trade";
- an "offer of free stock rewards for new customers," which "required customers to mimic the motion of 'scratching off' a lottery ticket, highlighting the possibility to receive stocks such as 'Microsoft, Visa, or Apple' despite a low probability of receiving shares of those companies"; and
- the "ability for customers to improve their position on an early access waitlist by 'tapping' a digital representation of a debit card displayed in the Application up to 1,000 times per day."
The claims that marketing strategies based on gamification were in violation of law were made based on regulations adopted by the Massachusetts securities regulators that imposed fiduciary duties on broker-dealers that went beyond Regulation Best Interest. (See Massachusetts Court Says Broker-Dealers Can Be Held to Fiduciary Standard; in which the Massachusetts Court determined that the regulations were within the power of the Commonwealth.)
In the Consent Order, the broker-dealer agreed to attest that: (1) its Application’s pre-populated list disclosures are displayed to customers; (2) emojis have been removed from customer communications related to the life-cycle of a transaction; (3) there are no more waitlist features allowing certain customers to advance over others by tapping; and (4) there are no more generalized push notifications highlighting specific lists; (5) it would permanently cease features that mimic games of chance. In addition, the broker-dealer was censured, ordered to engage an independent compliance consultant on, among other things, addressing cyber security vulnerabilities, and required to pay an administrative fine of $7,500,000.
Commentary
This is an example of how regulation should not work; i.e., it is regulation by enforcement.
To start with the bad as to the defendant: Taking the facts of the settlement as true, the defendant did some things poorly, particularly from an operational standpoint; e.g., taking on customers when it had system capacity issues and having a significant cybersecurity breach. Likewise, it is not possible to see how the firm could justify rejecting a customer for options trading and then approving the same customer minutes later.
That said, is the Commonwealth of Massachusetts now saying that it is illegal to "have confetti rain down on a screen" or that it is illegal to send a customer a list of the 100 most popular trades? Certainly, Secretary Galvin is happy to have this as a strong suggestion, but there is no way to know. The only conclusion that can be reached, given the defendant was going to lose on some of the issues, is that the broker-dealer in this case had no reason to go the mat for the sending of digital confetti. So it is a win for Secretary Galvin, but it is not a good way to regulate. (See also Massachusetts Court Says Broker-Dealers Can Be Held to Fiduciary Standard.)
Separately, there is more than a little irony in the settlement pointing to the electronic act of "scratching off" a lottery ticket as being an improper inducement to a customer. Here is a link to the home page for the Massachusetts Lottery; follow some of the further links and dropdowns. Whatever the broker-dealer defendant did to encourage business in the instant case, it likely pales by comparison to the aggressive advertising campaign for gambling run by the Commonwealth of Massachusetts.