Exclusive: XTB Accidentally Releases Affiliate Data in Email

Finance Magnates learned on Monday that retail brokerage XTB accidentally sent out an email on Friday that contained details for hundreds of its Affiliates Affiliates Affiliates serve as an essential component of a broker’s client acquisition tactics and marketing. One of the most important functions of affiliate marketers is the sending of leads to the broker, which are directly opening an account or visiting the broker’s website. There are several ways in which brokers are compensating affiliates based on the number and type of clients they refer to the company and whether or not or how much they end up depositing.Understanding CPA or Cost Per Acquisition T Affiliates serve as an essential component of a broker’s client acquisition tactics and marketing. One of the most important functions of affiliate marketers is the sending of leads to the broker, which are directly opening an account or visiting the broker’s website. There are several ways in which brokers are compensating affiliates based on the number and type of clients they refer to the company and whether or not or how much they end up depositing.Understanding CPA or Cost Per Acquisition T Read this Term.

The broker appears to have been attempting to send an email to its affiliates, updating them about a new company policy.

This is not an unusual thing for a broker to do.

But usually, these messages are sent via a mail merge, meaning that a user who gets the email won’t be able to see who else has received it.

In this instance, it appears as though someone at XTB accidentally copied all affiliate marketers into the email.

That meant everyone receiving the email could then see the addresses of all other affiliate marketers working for the broker.

GDPR breach

It’s unclear exactly what the fallout from such a mistake could be.

General Data Protection Regulation Regulation Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Read this Term (GDPR), which was introduced by the European Union last May, places stringent rules on how firms must treat data.

Breaching those rules can result in fines reaching up to four percent of a company’s annual revenue.

Beyond any potential regulatory infringements, there is also the simple damage that such a leek could do to XTB’s reputation.

Affiliates and introducing brokers (IBs), like many other internet users, may not want others to know who they are working for.

Thus, affiliates may be less inclined to work alongside the broker in the future.

Similarly, if someone now has all of that data, they could take it to another firm - one looking for affiliates - and they would have a substantial list of leads.

Finance Magnates reached out to XTB for comment on this article but, at the time of publication, the company had not responded.

UPDATE: Finance Magnates received the following comments from X-Trade Brokers:

We would like to inform, that we have reported that one of our subsidiaries dedicated solely to the marketing activity, has unintentionally disclosed email addresses of members of our affiliate program. The incident was the result of a failure of one employees [sic] exercising due diligence measures undertaken by XTB in order to keep personal data of the company in secret. We assess that processes established in XTB and its subsidiaries for the purpose of personal data protection are adequate, however they turned out to be not resistant to each possible human factor that could challenge them.

Please be informed, that X-Trade Brokers Dom Maklerski S.A. and its subsidiaries are highly devoted to maintain the highest professional standards in personal data protection and keeping any confidential information in secret. The discussed incident clearly indicates that X-Trade Brokers DM S.A. has much room for improvement in this respect, and we hope that this incident will positively affect our organization and shall strengthen safeguards we have in place.

Best regards,

X-Trade Brokers DM S.A.