It is easier for the frontend developer to look only to the status code of the response and pop up a paywall or something, rather than some message in the boby. The same goes for 401 Unauthorized or 403 Forbidden, etc.