Record £250,000 fine imposed by the CMA on Paypal for integration activities during merger review process

On 24 September 2019 the UK Competition and Markets Authority (CMA) imposed its largest ever fine for a single breach of an interim enforcement order (IEO) on Paypal, in the context of its acquisition of iZettle.

IEOs are now routinely imposed in almost all completed mergers investigated by the CMA (and, occasionally, in anticipated mergers), preventing any further integration of the merging businesses pending completion of the CMA's investigation. The rationale behind such orders is to avoid any action being taken which might prejudice the CMA's investigation, or affect its ability to impose effective remedies. This record fine is the latest in a series of recent fines which have underscored the CMA's commitment to enforcement of its procedural merger control rules, in line with the increasingly strict approach taken to "gun-jumping" offences by other competition authorities around the world.

Background

On 20 September 2018, Paypal Holdings, Inc. (Paypal) acquired iZettle AB (iZettle). The parties were the two largest suppliers of mobile point of sale devices in the UK, and the deal was subject to an in-depth Phase 2 merger control investigation by the CMA. At the outset of the CMA's investigation (indeed, prior even to the formal launch of its Phase 1 inquiry), the CMA imposed an IEO on Paypal requiring it to freeze any integration of the merging businesses pending the conclusion of the CMA's investigation.

The CMA agreed to a derogation from the IEO in respect of international integration planning outside the UK, including conducting cross-selling pilot campaigns involving non-UK businesses, on the basis that such activities would not affect the UK. This sort of derogation is fairly common where the CMA is satisfied that the activities in question would not risk prejudicing its review or impede the implementation of any remedies ultimately deemed necessary.

The acquisition was ultimately cleared by the CMA on 12 June 2019. However, during the course of its investigation of the competitive impact of the transaction, the CMA identified concerns that Paypal had breached the IEO, which were investigated separately.

Failure to comply with the IEO

During the CMA's Phase 2 investigation, a Monitoring Trustee was appointed to ascertain the level of compliance with the IEO and to monitor compliance going forward. The Monitoring Trustee identified that Paypal had conducted three waves of cross-selling pilot marketing campaigns in France and Germany, promoting the iZettle offline point-of-sale solution to a sample of existing PayPal customers, which led to PayPal also contacting potential customers in the UK.

The CMA considered that this breached the IEO in several ways:

• it risked impairing the ability of iZettle and Paypal to compete independently;

• it risked undermining the separate sales or brand identities of Paypal, Paypal Here (its mobile point of sale service) and iZettle; and

• it meant that Paypal was not operating the customer lists of the two businesses in the UK separately.

Whilst the derogation granted by the CMA permitted Paypal to engage in international integration activities, it was clear that it did not extend to activities that affected the UK. PayPal claimed that it had deliberately targeted what it deemed to be small business merchants which did not have a UK presence. However, a sample test carried out by the Monitoring Trustee revealed that 76 out of 221 customers being targeted by PayPal had a UK presence (online and/or offline), and included a number of large international enterprises. Additional filters put in place by PayPal for the third wave of the campaign, after concerns were first raised by the Monitoring Trustee, had only limited effect.

The CMA emphasised repeatedly in its Penalty Notice that the precautionary purpose of an IEO seeks to protect against the possibility of prejudice to the CMA's investigation. It therefore did not matter – at least for the purposes of determining whether the IEO in this case had been breached – that potential UK customers receiving the marketing email may have had difficulties signing up for an iZettle reader (due to the landing pages and the sign-up process being in French or German), or that large enterprises with a UK presence mistakenly contacted as part of the campaign would not have been interested in iZettle's offline offering. Such factors were deemed relevant to the assessment of the seriousness of the breach and the appropriate level of the penalty, but not to the assessment of the existence of the breach.

Similarly, the CMA also emphasised that it is not necessary for it to determine the degree of risk of prejudice to its investigation. As such, it did not need to show how an email received by the French or German part of a corporate group might have been received by the UK-based entity or how that email was translated into English. It was sufficient to show that the French or German customers contacted were part of a business that had a UK presence, in breach of the terms agreed to by Paypal as part of the IEO.

No materiality threshold

The CMA notably rejected Paypal's argument that a materiality threshold is applicable when determining whether an IEO has been breached, below which a "possibility" of prejudice to the CMA's investigation is too remote to constitute an infringement. It pointed out that no such materiality threshold has been established in the relevant case law; rather, the Competition Appeal Tribunal (CAT) has held that "pre-emptive action" should be interpreted broadly to give full effect to the legitimate precautionary purpose of an IEO, and that it is a matter of public importance that the duties that the merger control process creates are strictly, and conscientiously, observed.

Moreover, in this particular case, the CMA rejected the suggestion that the risk of prejudice to the CMA's investigation arising from Paypal's international integration activities was remote. It considered that it should have been obvious to PayPal that contacting UK potential customers was something that the CMA would be concerned about, and the onus was on PayPal to seek consent from the CMA if its conduct created the possibility of prejudice to the CMA's investigation.

No reasonable excuse

The CMA has the power to impose a penalty for failure to comply with the terms of an IEO if the failure is "without reasonable excuse". Once a breach has been established, the evidential burden of setting out a prima facie case for an objectively reasonable excuse lies with the person who has committed the breach.

In this case, the CMA rejected Paypal's argument that it had a reasonable excuse for believing that no infringement would arise because any possibility of prejudice was so remote as to be immaterial. In the CMA's view the possibility of prejudice was not remote (as explained above), and it was not objectively reasonable for Paypal to believe that it was.

Level of the penalty

When deciding whether it was appropriate to impose a penalty in this case, the CMA had regard to both the need to achieve general deterrence and the seriousness of the breach. Having concluded that a penalty was appropriate, in determining the level of the penalty the CMA then had regard to:

• aggravating factors, such as Paypal's conduct in providing assurances about safeguards to the CMA, and the public expense involved in investigating the infringement;

• mitigating factors, such as the technical difficulties faced by UK potential customers in signing up for the iZettle card reader through the French and German cross-selling campaigns; and

• the financial resources available to Paypal to ensure compliance with the IEO.

Whilst the £250,000 fine imposed on PayPal is a record fine for a single breach of an interim order, it was substantially below the maximum fine which the CMA could have imposed, which would have been 5% of the total value of the global turnover of the enterprises owned or controlled by Paypal. Interestingly, the CMA also noted in its Penalty Notice that whilst this may be the highest fine to date in absolute terms, it is in fact the lowest fine by proportion of profits after tax; as such, the CMA rejected Paypal's argument that it was disproportionate in terms of the level of penalties imposed in previous cases.

Comment

As noted above, this record fine is the latest in a series of recent fines which have underscored the CMA's commitment to enforcement of its procedural merger control rules. The first such fine was imposed on Electro Rent in June 2018 (upheld on appeal to the Competition Appeal Tribunal - see our previous briefing here), followed by further fines on Ausurus (£300,000 in January 2019 in respect of two breaches), Electro Rent (a second fine of £200,000 in February 2019, in respect of a further breach of the same IEO), and Nicholls (£146,000 in June 2019, in respect of three breaches).

This line of cases has also been developing against the background of a trend towards increased enforcement by other competition authorities around the world in respect of "gun-jumping" infringements involving breach of prohibitions on pre-clearance integration of merging businesses, as illustrated by the fines recently imposed by the European Commission on Altice (EUR 124.5m in May 2018 – see our previous briefing here) and Canon (EUR 28m in June 2019), and by the ACCC in Australia on Cryosite Limited (AUS$1.05m in February 2019 - see our previous briefing here).

Exactly where the line is drawn between permissible transition planning and prohibited early implementation can be a complex issue, which depends on the facts and circumstances of the individual transaction. This latest decision is a reminder of the importance of having clear and practical guidance in place as to what is and is not permissible pending a clearance decision, and the need for ongoing oversight and internal monitoring of compliance.