Thank you!

The outcome of the scenario you've raised would depend upon a few factors. Most importantly, did the developer itself deploy the model? Or did they sell it to other companies (eg wealth management firms) who then deployed it? In all likelihood, something as egregious as you are describing would be caught early by any firm complying in good faith with basic safety and security standards for agents. So if something like this did slip through, it would probably indicate some sort of malf…