Either they have a working portfolio valuation model, and they missed this rather obvious case of linking a written call to its underlying, or they don't have a proper valuation model at all. If they actually do portfolio valuation by simply valuing each line and adding them, then it's not just wrong but gross incompetence. It would not be the first broker to blow up due to mispricing clients derivatives portfolios. The idea that a startup is letting millenials trade derivatives like this is absurd in the first place.
It doesn't seem, from the descriptions, to be possible to exploit this bug without knowing that you're doing it. It's not like they simply don't enforce margin limits; in fact, it looks like you have to apply the bug iteratively to do anything interesting with it. That being the case, it doesn't appear to me like the people exploiting it will have any way of talking their way out of the intentionality of their actions, at least not to a "reasonable person" standard that would be applied in civil court. It looks like cut-and-dried fraud. Am I wrong about that?
Oh, in that case it's definitely fraud because, as you pointed out, it's clearly intentional (you have to repeat the trick many times).
But the $8 billion question is: are we talking about an obscure bug, a missed case in an otherwise perfectly sound valuation and risk management model, or is it actually a case of dodgy valuation and risk modelling? Which implies that many well-meaning clients are also seeing the wrong portfolio value, and trading with invalid margins?
Again, I don't have the details so I don't want to speculate too much, but apparently they've had similar "bugs", so it's possible that their entire valuation and risk model is dodgy. It has happened to more reputable organizations.
It's hard to think of a bug or vulnerability that you couldn't compose an argument like this for. Does it matter? They left the back door unlocked; you'd still get in trouble for letting yourself inside.
They clearly don't take the issue very seriously, as they allow margin trading to continue. That is not normal. They're exposing customers to more risk than they should be, and that's a very serious no-no.
I don't think small bugs in high quality shops would fall under this argument.
What's a "small bug"? What's a "high quality shop"? I've spent years doing software security assessments for much larger financial service firms than Robin Hood, and found far worse things than this.
The broker/dealer I work for stops trading on bugs causing much smaller (even $0) material impact.
For brokers in particular, they are highly regulated and I can't imagine them not ending up with a nasty investigation+large fine from regulators over this.
Good point. Generally, most people should not be trading derivatives.
I was pointing out millenials in particular because it's the population targeted by those startups, whose business models is more or less implicitly: millenials have no clue about money and finance. Which is true, but also unethical.
Either they have a working portfolio valuation model, and they missed this rather obvious case of linking a written call to its underlying, or they don't have a proper valuation model at all. If they actually do portfolio valuation by simply valuing each line and adding them, then it's not just wrong but gross incompetence. It would not be the first broker to blow up due to mispricing clients derivatives portfolios. The idea that a startup is letting millenials trade derivatives like this is absurd in the first place.