(Article from Securities Law Alert, September 2022)
For more information, please visit the Securities Law Alert Resource Center
On August 8, 2022, the Northern District of California dismissed with leave to amend a securities fraud class action alleging that a financial technology company and certain of its executives made false or misleading statements about the company’s regulatory compliance. Kang v. PayPal, 2022 WL 3155241 (N.D. Cal. 2022) (Breyer, J.). Plaintiffs’ core allegation concerned the company’s statements that it had complied with a Consumer Financial Protection Bureau (“CFPB”) consent order (the “Consent Order”). The court held that plaintiffs failed to plausibly allege a material false statement or omission because none of the company’s alleged conduct violated the Consent Order.
The CFPB Complaint and the Consent Order
The company offers credit and debit products and allows consumers and merchants to send and receive digital payments. In 2015, the CFPB filed a complaint alleging that the company violated the Consumer Financial Protection Act by deceptively advertising promotional benefits, misleading customers about deferred interest, and enrolling customers in its credit product without their consent. The subsequent Consent Order enjoined the company from misrepresenting the terms and conditions of any promotion (such as deferred interest or money-back offers), required it to ensure that consumers receive the benefit of merchants’ promotional offers, and prohibited the company from enrolling customers in its credit product without affirmative consent.
Purported Corrective Disclosures
In 2020, a nonprofit focused on alleviating student debt announced in a press release that for-profit colleges had misleadingly described the company’s credit promotion. In 2021, Bloomberg News reported that the company faced a probe from the CFPB regarding the marketing of its credit product, and the company disclosed in a quarterly report that it had received a civil investigative demand from the CFPB “related to the marketing and use of [the company’s] Credit [product] in connection with certain merchants that provide educational services.”
Plaintiffs’ Allegations
Plaintiffs commenced a lawsuit alleging that defendants made misleading statements in violation of Section 10(b) and Rule 10b-5(b) and for scheme liability in violation of Rule 10b-5(a). Among other things, plaintiffs alleged that the company was not complying with the Consent Order because it “knowingly enabled” educational institutions to deceptively market the terms of the company’s credit product and continued to enroll customers in its credit product without their consent. Plaintiffs further alleged that defendants made false statements when describing the company’s compliance efforts. For example, the company’s Form 10-Q for Q1 of 2016 stated that the company monitors changes in laws and regulations “closely to ensure compliant solutions for our customers who depend on us,” and the company’s Form 10-Q for Q2 of 2016 stated, “We continue to cooperate and engage with the CFPB and work to ensure compliance with the Consent Order, which may result in us incurring additional costs associated with compliance or redress.”
As No Alleged Conduct Violated the Consent Order, the Company’s Compliance Statements Were Truthful
The court granted the company’s motion to dismiss all claims because plaintiffs did not plausibly plead that the company made any misrepresentations. The court observed that a statement about compliance, such as with the Consent Order, is not made misleading just because a later regulatory inquiry occurs. The court pointed out that when the statements were made the company “had no obligation or requirement to elaborate on any alleged non-compliance because it had not yet been found to be non-compliant.” (quoting In re Facebook Sec. Litig., 477 F. Supp. 3d 980 (N.D. Cal. 2020)).
The court further determined that plaintiffs failed to plausibly allege that the company in fact violated any regulatory obligation. The Consent Order forbade the company from misrepresenting “any material aspect” of its credit product including “the terms and conditions of any promotional offer.” However, the court noted that plaintiffs alleged that the merchants had misrepresented the credit product, not the company, and found that plaintiffs’ alleged “mutual understanding” between the company and its merchants that both “were responsible for” adhering to the Consent Order did not impose additional legal obligations on the company. The court concluded that because no alleged conduct violated the Consent Order, the company was truthful when it stated that it complied with the Consent Order. The court also pointed out that plaintiffs did not plausibly allege that the company violated its obligation not to enroll customers without their consent because plaintiffs only included a bare allegation that a confidential witness spoke to some customers who “did not recall” giving consent, and that general statements about compliance were quintessential corporate puffery not actionable under the securities laws.
Separately, the court also concluded that “[e]ven assuming the existence of one or more misleading statements, Plaintiffs fail to plead a strong inference of scienter.” The court pointed out that plaintiffs failed to allege that any officer acted intentionally or with conscious recklessness because—even assuming that the company was in serious noncompliance that rendered its statements misleading—there was no plausible allegation that any of the officers knew this fact. Contrasting this case with
Oklahoma Police Pension & Retirement System v. LifeLock, 780 F. App’x 480 (9th Cir. 2019), the court stated that even assuming that significant noncompliance occurred here, there were no allegations that any defendant was ever aware of it.