POLAND Law and Practice Contributed by: Wojciech Ługowski, Lawarton Lugowski Kapica Spolka Komandytowa
of value that is not issued or guaranteed by a central authority and does not have the status of legal tender. The key difference between virtual currencies and oth - er blockchain assets lies in their intended use. Virtual currencies are mainly used as a means of exchange or store of value, whereas blockchain assets can include security tokens, utility tokens or other financial instru - ments with broader applications. 10.12 NFTs Non-fungible tokens (NFTs) are not explicitly regulated under Polish or EU financial laws. They are unique digital assets stored on a blockchain, typically repre - senting ownership of digital or physical items. However, only “true” NFTs, genuinely unique and non- interchangeable, fall outside financial regulations. If an NFT is not “truly unique”, it may be classified as a regular crypto-asset under MiCA (potentially subject - ing it to financial regulations). 10.13 Stablecoins Stablecoins are regulated in Poland primarily through directly applicable EU law (MiCA), rather than through a standalone national regime. At the national level, Poland has not adopted the complementary crypto- assets statute. As mentioned previously, Poland has not yet adopted a crypto-assets act. As a result, while the substantive stablecoin rulebook applies directly under MiCA, certain local supervisory procedures and enforcement mechanisms remain dependent on fur - ther domestic legislative action.
Despite a strong fintech sector, challenges persist. Strict authentication rules complicate user experi - ence, while API inconsistencies remain a barrier. Some banks have delayed or limited API functional - ity, treating open banking as a compliance obligation rather than an opportunity. Regulatory interventions have been necessary to enforce compliance. PSD3 is expected to address these issues, introduc - ing stricter oversight and standardised interfaces to improve API interoperability. 11.2 Concerns Raised by Open Banking Banks and technology providers use encryption, tokenisation and strong customer authentication (SCA) to protect data in open banking. AI-driven fraud detection and transaction monitoring help ensure compliance with PSD2 and the GDPR. However, fin - techs face barriers to accessing banking APIs and strict SCA rules impact user experience. Regulatory audits and industry collaboration seek to balance security and seamless transactions. Fraud in fintechs includes identity theft, where crimi - nals steal personal data to access bank accounts or secure loans. Phishing scams also pose a threat, with fraudsters impersonating banks or authorities to extract sensitive information through fake emails or calls. Investment fraud remains a major risk, luring victims with promises of high returns on fictitious ventures, such as real estate or foreign markets, often leading to severe financial losses. 12.2 Areas of Regulatory Focus Polish regulators are focused on authorised push pay - ment fraud, investment scams, crypto-fraud and iden - tity theft. Payment providers must detect suspicious transactions and warn users. Banks and fintechs face growing pressure to enhance AML measures, fraud detection and transaction monitoring to improve cus - tomer protection. 12. Fraud 12.1 Elements of Fraud
11. Open Banking 11.1 Regulation of Open Banking
PSD2 defines the regulatory framework for open banking in Poland, requiring banks to provide TPPs access to customer accounts via secure application programming interfaces (APIs). KNF enforces compli - ance and most banks use Berlin Group API stand - ards. Poland has also introduced PolishAPI, a national standard developed by the Polish Bank Association to improve API integration and compliance.
637 CHAMBERS.COM
Powered by FlippingBook