Fintech 2025

POLAND Trends and Developments Contributed by: Michał Mostowik, Karol Juraszczyk, Kamila Mróz and Jakub Lach, Deloitte Legal, Gizicki i Wspólnicy sp.k.

formalised data governance regulations by many financial institutions. It also affected cloud com - puting adoption projects, as the repealed soft law issued by the KNF outlined some require - ments in a more detailed manner. Banks are continuously making efforts to imple - ment behavioural biometrics tools as security features of payment transactions. The lack of legislative solutions providing a clear legal basis for the processing of sensitive data means that the use of these tools depends on client consent. This results in the limited coverage of customer portfolios with behavioural biometric solutions, thereby slowing down the entire process. On the other hand, the implementation of behav - ioural biometrics remains one of the key recom - mendations issued to PSPs by the UOKIK at the end of 2024. These recommendations are part of the ongoing dialogue between the UOKIK and the banking industry, related to proceed - ings conducted by the UOKIK regarding alleged infringement of unauthorised payment transac - tion regulations. The Polish government is also setting high ambitions in the area of cyber-resilience, dem - onstrated by its investment in the Polish Cyber Command, established in 2022, which employs over 6,500 specialists. This move is essential for Polish society, the economy and public services, considering that Poland is the second most tar - geted country in cyberspace. The government’s efforts are in line with the financial industry’s growing focus on cybersecurity. Digital Identity, Open Finance and Data Protection Digital identity services in Poland must be viewed in the context of the continuous advancement in the digitalisation of public services in recent

years. Government efforts have led, for instance, to the implementation of the mObywatel app (a government superapp that includes electronic ID among other features) and extensive digital correspondence through the ePUAP platform. Additionally, Poland is working on a project to implement a robust electronic delivery system to replace the ePUAP platform. The system has been in operation since 1 January 2025, but it still faces a considerable number of limitations. An important milestone in terms of digital identity services is the eIDAS 2.0 Regulation. It requires each EU member state to establish at least one European Digital Identity Wallet (EDIW) by 2026, designed to enable users to securely authenti - cate their identity when accessing both public and private services. In Poland, the mObywatel app is likely to be designated as the national EDIW. Although Polish financial institutions are already advanced in implementing e-identity and remote onboarding solutions (as a result of a statutory obligation to accept the mObywatel app in KYC processes since 2023), the changes will have a significant impact on the market. Concerns are increasingly being raised that the relationship between EDIW and the regulations concerning unauthorised payment transactions and strong customer authentication (SCA) under PSD2 remains unclear and may pose significant chal - lenges for the industry. The Polish financial market is also closely moni - toring regulatory developments in the area of open finance and open banking, including the new FIDA regulation. Despite temporary uncer - tainty about the continuation of legislative work at the start of 2025, work on FIDA is still expect - ed to continue during Poland’s Presidency of the

674 CHAMBERS.COM

Powered by