On August 8, 2022, Judge Charles R. Breyer of the United States District Court for the Northern District of California granted a motion to dismiss a proposed securities class action suit against a financial technology company (the “Company”) and four of its executives alleging violations of Sections 10(b) and 20(a) of the Securities Exchange Act of 1934. Huei-Ting Kang v. PayPal Holdings Inc., No. 3:21-cv-06468 (N.D. Cal. Aug. 8, 2022). Plaintiffs alleged that the Company misled investors about its compliance with (1) a Consumer Financial Protection Bureau (“CFPB”) Consent Order (the “Consent Order”) prohibiting deceptive marketing of the company’s revolving line of credit; and (2) the Federal Reserve Board’s Regulation II, which caps debit card interchange fees. The Court’s dismissal of the complaint (with leave to amend) is a reminder of the challenges plaintiffs face when trying to assert securities claims in the wake of company announcements of regulatory investigations.

In 2015, the Company entered into the Consent Order following a complaint alleging that the Company deceptively advertised promotional benefits, misled customers about deferred interest, enrolled customers in credit products without their consent, engaged in illegal billing practices, and mishandled customer disputes for a wide range of violations of the Consumer Financial Protection Act. Plaintiffs alleged that the Company subsequently violated the Consent Order and its own internal policies by failing to block merchants who did not meet the Company’s internal standards. Specifically, plaintiffs alleged that the Company enabled for-profit colleges that were ineligible for federal student loans to use the Company’s credit product as a method for students to pay tuition expenses. These for-profit colleges allegedly made misleading promises regarding the interest rates associated with the credit product. On July 29, 2021, the Company revealed that it received a civil investigative demand from the CFPB, which plaintiffs claimed meant the Company had violated the Consent Order by allegedly enabling for-profit educational institutions to deceptively market their credit product. Plaintiffs also alleged that the Company made false and misleading statements about its compliance with Regulation II, which caps interchange fees charged on debit transactions by large financial institutions. Plaintiffs alleged that the Company was actively exploiting a loophole in Regulation II by having a smaller bank, which was exempt from Regulation II, serve as the issuer for its debit cards.

In dismissing the suit, the Court found that the complaint failed to plausibly allege that any of the challenged statements were false or misleading. With respect to alleged misstatements about compliance, the Court found that the Company had “no obligation or requirement to elaborate on any alleged non-compliance because it had not yet been found to be non-compliant.” The Court emphasized that “a statement about compliance is not made misleading just because a later regulatory inquiry occurs.” The Court also held that general statements about compliance are “the kind of corporate puffery that are rarely (if ever) actionably misleading.”

The complaint also was held to insufficiently allege that the Company violated either the Consent Order or Regulation II. With respect to the Consent Order, the Court held that plaintiffs at most alleged that merchants using the Company’s credit products were the alleged source of misinformation. As to Regulation II, plaintiffs were held to have provided “no support for their opinion that [the Company] violated Regulation II by issuing debit cards through [a smaller bank] and taking advantage of the small issuer exemption.” Instead, the Complaint at most alleged that the Company “took advantage of an apparent ambiguity as to whether a small issuer holding a nominal quantity of the relevant funds suffices to ‘hold’ the funds, when [the Company] brands the debit card and holds the rest of the funds.” Although the Court acknowledged that this alleged practice “appears to dodge the intent of the regulatory scheme,” that is, “without more, . . . not an actual violation.”

Finally, the Court found the complaint failed to plead scienter. First, the Court noted that plaintiffs “point to no statement or conduct by any Individual Defendant that indicates knowledge about any regulatory violation.” Second, the Court rejected plaintiffs’ argument that scienter could be inferred because the alleged misconduct regarding the interchange fees involved products of “critical importance” to the Company. The Court held that “[e]ven assuming (improbably) that [the Company’s] purported violation of Regulation II jeopardized all debit card revenue, 1.2% of a company’s revenue is not sufficient to impute scienter.” Third, the Court held that “the individual defendants’ stock sales [were] not suspicious because [the defendants] increased their overall holdings over the Class Period through vested options.”