PayPal Took USD 45,889.97 as “AUP Damages”. No Proof of Any Damage Has Ever Been Shown.

Singapore law applies the penalty doctrine from Dunlop Pneumatic Tyre Co Ltd v New Garage and Motor Co Ltd [1915] AC 79, as clarified by the Court of Appeal in Denka Advantech Pte Ltd v Seraya Energy Pte Ltd [2020] SGCA 119. A liquidated damages clause may be unenforceable if it is out of all proportion to the legitimate interest in enforcement and operates as a deterrent rather than compensation.

Application: In June 2023, PayPal's Executive Escalations correspondence used differing rationales (Exhibits B and C) without identifying the specific transactions for either rationale. Without disclosure of whether the calculation incorporated assumptions based on (i) broad interpretations of third-party platform policies (for example Minecraft-related guidance) and/or (ii) unauditable third-party signals (for example legacy DonateBot.io logs), it is not possible to assess whether the USD 45,889.97 figure represents a genuine attempt at loss estimation or a mechanical sweep of the available balance based on unverified inputs.

Consequence of non-disclosure: PayPal has stated that its methodology is proprietary and will not be disclosed. Under the Dunlop/Denka framework, PayPal bears the burden of proving that the clause represents a genuine pre-estimate of loss. A refusal to produce the internal data, calculations, or records necessary to discharge that burden is not a neutral position: it means the burden cannot be discharged. A liquidated damages clause that cannot be shown to be a genuine pre-estimate of loss at the time of contracting is an unenforceable penalty as a matter of Singapore law, regardless of whether it appears in a signed agreement.

The Mathematical Anomaly: The arithmetic of the debit independently confirms this conclusion. PayPal's User Agreement stated liquidated damages of USD 2,500 per violation. USD 45,889.97 divided by USD 2,500 yields 18.35 violations. Since transactions are discrete units, 18.35 violations is a mathematical impossibility. This figure cannot represent a genuine application of the contractual formula. It is irreconcilable with the stated per-violation rate and cannot reflect a pre-estimate of loss. The most obvious alternative explanation is that the amount simply swept the available balance. Without an itemised breakdown, that explanation cannot be ruled out, and PayPal has refused to provide one.

On September 10, 2025, in direct response to the claimant's specific inquiry about the March 11, 2020 debit of USD 45,889.97, a PayPal representative named Cristofer stated in writing that "the money belongs to you but is held in reserve to cover any disputes or reversals" (Exhibit E). This was not an automated message: it was a signed written response from a named human employee, addressed specifically to the claimant's question about that debit, while PayPal continued to retain the balance. This written representation by PayPal activates promissory estoppel: PayPal made a clear and unequivocal representation of fact, the claimant relied on it by continuing to pursue resolution through correspondence rather than commencing proceedings, and it would be unconscionable to permit PayPal to resile from that representation.

PayPal cannot simultaneously acknowledge that the funds belong to the claimant and retain them as institutional "damages". The September 2025 statement is a written acknowledgment of the claimant's entitlement to the funds and is irreconcilable with the 2020 debit characterisation.

The second part of that statement introduces a further contradiction. PayPal stated the funds are held in reserve to cover "disputes or reversals", yet it has never identified any specific dispute or reversal that justified retaining the balance, let alone one capable of accounting for USD 45,889.97. If the funds were genuinely held to cover pending third-party claims, PayPal should be able to identify those claims, their amounts, and their current status. It has done none of this across six years of correspondence. The "disputes or reversals" rationale is therefore either an admission that no such claims exist, or a further instance of the shifting and unsubstantiated explanations that characterise PayPal's entire handling of this matter. Either way, it provides no legitimate basis for retention. It also directly undermines the 2020 "AUP damages" characterisation: if the funds were held as a reserve for third-party claims, they were not PayPal's damages to begin with.

Limitation Act consequences: The September 10, 2025 written acknowledgment constitutes an acknowledgment of the claimant's right to the funds within the meaning of the Limitation Act (Cap 163). This acknowledgment restarts the limitation period, extending the claimant's right to commence legal proceedings to approximately 2031. PayPal cannot rely on any limitation defence arising from the original 2020 debit.

PayPal is licensed by MAS as a Major Payment Institution and is subject to the Payment Services Act 2019 framework. The debited balance represented accumulated customer funds received from prior transactions. As such, it qualified as "relevant money" within the meaning of Section 23(14) of the PSA 2019, being money received from a customer that the Major Payment Institution continues to hold at the end of each business day.

Prohibition on set-off against customer funds: Regulation 16(1)(c) of the Payment Services Regulations 2019 mandates that a Major Payment Institution must "treat and deal with all the relevant money received from a customer as belonging to the customer." A financial institution cannot unilaterally appropriate customer funds to satisfy an alleged institutional debt or claim without a customer instruction or a court order. The 2020 debit, characterised as PayPal's own "damages", is a direct appropriation of customer funds for PayPal's own benefit in violation of this principle. PayPal's own 2025 written confirmation that "the money belongs to you but is held in reserve to cover any disputes or reversals" further acknowledges the customer-property character of the funds, making the 2020 debit irreconcilable with Regulation 16(1)(c). Notably, if the funds were held in reserve for disputes or reversals, they were safeguarded customer money and not PayPal's institutional property to appropriate as "damages".

Additional PSA safeguarding provisions engaged: Section 23(2) requires deposit of relevant money in a trust account no later than the next business day. Section 23(7) restricts the use of trust account moneys for the payment of the debts of the Major Payment Institution. Converting customer funds into institutional "damages" without a court order or customer instruction is inconsistent with both provisions.

The "Notice for non-Singapore residents" cannot apply retroactively: PayPal's disclosure "Terms under the Singapore Payment Services Act 2019" containing the non-resident safeguarding exception was added on 27 June 2023, more than three years after the 11 March 2020 debit. At the time of the debit, no such exception had been published or communicated to the claimant. PayPal cannot rely on a policy disclosure published in 2023 to retrospectively characterise as unsafeguarded funds that were held and debited in 2020. At the material time, the funds were subject to the safeguarding framework applicable to a Singapore-licensed MPI without the benefit of the 2023 carve-out.

PayPal's conduct constitutes an unfair practice under the Consumer Protection (Fair Trading) Act (CPFTA) on multiple grounds.

Misleading representation as to fund availability: PayPal communicated to the claimant that her funds would become available after a defined holding period of 180 days. That representation was false. The funds were not released at 180 days. They were not released at all. They were permanently confiscated 11 days before the represented period had even elapsed, without notice, without particulars, and without any contemporaneous explanation. Under section 4(a) of the CPFTA, a supplier engages in an unfair practice if it makes a false claim. The 180-day availability representation was either knowingly false at the time it was made, or became actionable when PayPal chose to act in direct contradiction to it.

Material omission: Under section 4(b) of the CPFTA, a supplier also engages in an unfair practice if it employs deceptive or misleading tactics, including through omission of material information. At no point before the March 2020 debit did PayPal inform the claimant that: (i) her balance was at risk of being taken as institutional damages; (ii) a debit rather than a release was contemplated; or (iii) PayPal considered itself entitled to appropriate the entire balance unilaterally. The claimant was kept in structured ignorance while the debit was prepared and executed. That omission is not incidental. It is what made the debit possible.

Shifting and contradictory explanations as an unfair practice: The CPFTA reaches conduct that, taken as a whole, is unfair having regard to the circumstances. PayPal provided three materially different explanations for the same debit across multiple years: "AUP damages" (2020), "accepting payments for copyright gaming services" (June 2023, Exhibit B), and "Minecraft Commercial Usage Guidelines" (June 2023, Exhibit C). It then declared the underlying methodology permanently confidential as a "proprietary review model." A consumer who receives three different explanations across six years, followed by a refusal to disclose any supporting records, has been subjected to a sustained pattern of misleading conduct. Taken together, that pattern constitutes an unfair practice under the Act regardless of which individual representation is assessed in isolation.

PayPal's conduct in connection with the 180-day holding period constitutes three distinct and sequential breaches of contract, all arising from the same promise made to the claimant at the moment of account limitation.

First breach (failure to notify): PayPal represented that it would contact the claimant after the 180-day holding period to advise her how to access her funds. It never did. No proactive communication was sent to the claimant in the period leading up to or following the debit. She was not informed that the retention period was ending, that a debit was being contemplated, or that her funds were at risk of permanent confiscation. She discovered what had happened only when she logged into her own account and observed the balance had been taken. PayPal's silence during that period was not an oversight. It was a breach of a specific, communicated promise to keep the claimant informed, and that silence made every subsequent breach possible.

Second breach (early debit: 169 days, not 180): The account was permanently limited on September 24, 2019. The balance was debited on March 11, 2020. That is 169 days. Not 180. PayPal's own communications represented that funds would be available after 180 days. PayPal executed the debit 11 days before that period had elapsed. This is not a procedural technicality. It is a breach of a specific promise made to the claimant at a moment of acute financial vulnerability, on the same day the WHO declared COVID-19 a global pandemic, when the funds constituted essential subsistence resources.

Third breach (wrongful appropriation instead of release): The 180-day representation carried an unmistakable implication: at the end of the holding period, the funds would be returned to the claimant. Instead, PayPal permanently appropriated them as alleged "AUP damages." The claimant was told her money would be held and then made available. It was instead taken, without notice, without particulars, without itemisation, and without any prior indication that confiscation rather than release was what PayPal intended. The contractual basis for that taking has never been coherently explained in over six years of correspondence.

These three breaches are not independent failures. They form a sequence: PayPal made a promise it did not intend to keep, stayed silent while the deadline approached, acted before it arrived, and took the money rather than returning it. At every step where it was obliged to act transparently, PayPal did the opposite.

PayPal appropriated USD 45,889.97 from the claimant's balance. It has never produced proof of damages, a valid contractual basis, or a coherent calculation. On any of those grounds independently, the deduction fails: it is an unenforceable penalty, or it was not calculated in accordance with the stated formula, or it was made without lawful authority. Where a payment is made and the basis for that payment wholly fails, the law requires it to be returned. This is not a contingent or marginal argument. It is a straightforward claim for money had and received. PayPal holds USD 45,889.97 that belongs to the claimant, for which it has provided no valid legal justification in over five years of correspondence. It must be returned.

The term relied upon to justify the debit is subject to a Unfair Contract Terms Act (UCTA) reasonableness analysis. The clause, as applied, operates as a self-help right to appropriate customer funds, and/or as an indemnity or limitation of PayPal's liability, written into standard-form terms presented to consumers on a take-it-or-leave-it basis. Under UCTA, PayPal bears the burden of establishing that the term satisfies the reasonableness requirement. A clause that purports to authorise appropriation of USD 45,889.97 from a consumer's balance, without notice, without itemisation, and without any documented actual loss, cannot plausibly satisfy that standard.

As a Major Payment Institution licensed by MAS, PayPal is subject to the MAS Guidelines on Fair Dealing (FSG-G04, effective 30 May 2024), which require boards and senior management to ensure that fair dealing outcomes are delivered to all customers across all products and services.

Outcome 1: Institutional culture of fair dealing: Six years of non-response, shifting explanations, and refusal to provide particulars for a debit of USD 45,889.97 is irreconcilable with a genuine institutional culture of fair dealing. The debit was executed without disclosing what damages PayPal actually suffered. Subsequent correspondence provided three different and contradictory explanations across multiple years. This pattern is inconsistent with the expectation that boards and senior management champion fair dealing as a foundational institutional value.

Outcome 4: Clear, relevant and timely information: PayPal has never provided clear, relevant, or timely information about the basis for the debit. The claimant was directed to broad policy language instead of record-based particulars. Explanations shifted from "AUP damages" to "copyright gaming services" to Minecraft's Commercial Usage Guidelines, all without transaction-level evidence. PayPal then declared its methodology permanently undisclosed as part of a "proprietary review model". This is a sustained, six-year failure of the information standard required under Outcome 4.

Outcome 5: Independent, effective and prompt complaints handling: PayPal's complaints process in this matter operated as a mechanism of attrition rather than resolution. After six years of formal complaints, the claimant has never been told what damages were suffered, how they were quantified, or what records support the decision. No complaint process that produces this outcome over six years can be described as independent, effective, or prompt. The MAS guidelines are explicit that systemic complaint failures must be addressed through trend analysis and structural remediation.

The debit of USD 45,889.97 was executed on 11 March 2020, the same day the World Health Organisation declared COVID-19 a global pandemic. The claimant is a resident of Argentina for whom these funds represented essential subsistence resources. The debit was executed without notice, without particulars, in breach of PayPal's own 180-day representation, and at the precise moment of maximum external financial shock to individuals and households globally.

MAS issued guidance during the COVID-19 period calling on financial institutions to exercise heightened sensitivity and support toward customers experiencing financial difficulty. PayPal's conduct, executing a large, opaque, unilateral debit against a customer with no documented loss, no calculation, and no itemisation, at the height of a global economic crisis, is inconsistent with those expectations and with the fair dealing principle that institutions must consider the needs and interests of vulnerable customers.

The MAS Fair Dealing Guidelines (FSG-G04) explicitly require financial institutions to give extra consideration to customers who are more vulnerable, including those facing financial hardship or difficult personal circumstances. A financial institution that responds to six years of demands for basic accountability with boilerplate deflection has not given any consideration to the claimant's circumstances, let alone the extra consideration the guidelines require.

As a licensed Major Payment Institution, PayPal is subject to MAS's technology risk management guidelines and the general governance expectations applicable to Singapore-licensed payment service providers. These include the obligation to maintain adequate records supporting material decisions affecting customer funds, and to implement governance frameworks ensuring that enforcement actions of this type are subject to human review, documented approval, and audit trail retention.

PayPal has been unable, after six years of written demands and a formal Letter of Demand, to produce: (i) the internal decision record supporting the 11 March 2020 debit; (ii) the basis used to determine the quantum of USD 45,889.97; (iii) the identity and role of the reviewer(s) who authorised the debit; (iv) any contemporaneous documentation linking the debit to a quantified, actual loss suffered by PayPal; or (v) any third-party data inputs that were relied upon and whose integrity can be tested.

The inability to produce any of these records after six years is a governance and recordkeeping compliance failure. A licensed MPI executing a debit of this size must be able to reconstruct that decision from its own internal records. If it cannot, that is not a customer service issue. It is a material compliance deficiency under the PSA 2019 framework.

MAS technology risk management guidance further highlights governance and oversight expectations for material automated decisions and third-party data dependencies. If the debit was executed automatically based on third-party platform signals (such as DonateBot.io integration data or Minecraft policy flags), PayPal should be required to demonstrate that such automated decisions were subject to adequate human oversight, that the third-party data inputs were independently verified, and that audit records were retained. DonateBot.io is no longer publicly accessible or auditable, which means any reliance on its data cannot be independently tested without PayPal disclosing its own records.

PayPal has implied in its communications that the underlying activity was unlawful, specifically citing "copyright issues". That position is irreconcilable with retaining the same funds as institutional "AUP damages." Under section 39 of the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) (now section 45), a financial institution that genuinely believes funds are linked to unlawful conduct is required to file a Suspicious Transaction Report (STR) with STRO, not appropriate those funds for its own benefit.

The consequence is unavoidable: if PayPal believed the funds were connected to unlawful activity, it should have filed an STR and left disposition to the authorities. If it did not file an STR, that is affirmative evidence it did not genuinely hold that belief, and the insinuations of illegality are unfounded. Either way, PayPal has no legitimate basis to retain the funds. The absence of an STR strips away the only remaining implied rationale for the deduction.

1. Proof of Damages: Documentary evidence of the actual, quantifiable loss or damage suffered by PayPal as a direct result of the alleged AUP violations, including contemporaneous records linking each alleged breach to a specific, identified monetary loss. This is not a secondary demand. It is the threshold issue. PayPal cannot retain USD 45,889.97 as "damages" and simultaneously refuse to show what those damages were;
2. Restitution: Return of USD 45,889.97, which PayPal itself acknowledged in writing in September 2025 belongs to the claimant;
3. Interest: Pre-judgment and post-judgment interest as applicable;
4. Transparency: Full disclosure of the specific data inputs, calculation methodology, and internal decision record behind the AUP finding and the debit;
5. Record Correction: Removal of adverse internal labels and confirmation regarding whether any adverse information was transmitted to third parties;
6. Costs: As appropriate in the circumstances.