Poland -- Licensing Requirements Regulatory Overview

Poland, like other EU member states, has implemented specific requirements for Virtual Asset Service Providers (VASPs) primarily driven by the Anti-Money Laundering Directives (AMLDs). The current regime is largely one of registration rather than a full licensing regime, though this will change significantly with the advent of MiCA (Markets in Crypto-Assets Regulation).

Current Regulatory Framework: Registration Regime

The primary piece of legislation governing cryptocurrency/virtual asset service providers in Poland is the Act of 1 March 2018 on Anti-Money Laundering and Counter-Terrorist Financing (Ustawa o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu), as amended, which transposes the EU's 5th Anti-Money Laundering Directive (AMLD5).

This Act mandates registration for entities providing "virtual currency services" in Poland.

Regulatory Authority: The authority responsible for the register of virtual currency activities and supervision of AML/CTF obligations is the General Inspector of Financial Information (Główny Inspektor Informacji Finansowej - GIIF), which operates under the Ministry of Finance.

Specific Regulatory References:

• Polish AML Act (current consolidated text, in Polish): Ustawa z dnia 1 marca 2018 r. o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu. You can find the consolidated text on the Polish government's legislative information system (ISAP) at: https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20180000723
• GIIF (Ministry of Finance page regarding Virtual Currencies - in Polish): https://www.gov.pl/web/finanse/dzialalnosc-w-zakresie-walut-wirtualnych (This page provides information on the register and requirements).

Required Licenses/Registrations for Specific Services:

The Polish AML Act defines "virtual currency services" that require registration. These largely cover the services mentioned:

1. Virtual currency exchange service: This includes exchanging virtual currencies for fiat currencies and vice-versa, as well as exchanging one virtual currency for another. This category explicitly covers exchanges.
2. Virtual currency safekeeping wallet service: This refers to the provision of services for safeguarding private cryptographic keys on behalf of clients, to hold, store, and transfer virtual currencies. This explicitly covers custody providers.

Payment Processors: The situation for payment processors depends on the nature of their services:

• Fiat-to-fiat payment processing related to crypto transactions: If a payment processor only handles traditional fiat currency payments (e.g., processing credit card payments for a crypto exchange) without ever touching the virtual assets themselves, they would typically fall under the traditional Payment Services Act (Ustawa o usługach płatniczych) and potentially require a license from the Polish Financial Supervision Authority (KNF) as a payment institution or small payment institution.
• Crypto-to-crypto payments or accepting crypto as payment: If a "payment processor" facilitates payments directly in virtual assets, converts virtual assets for payment purposes, or provides services that involve the transfer or exchange of virtual assets, they would likely fall under the definitions of "virtual currency exchange service" or "virtual currency safekeeping wallet service" (if they hold keys) and thus require registration under the AML Act. If they merely provide technical infrastructure without ever controlling funds or keys, it might be more ambiguous, but a conservative interpretation would lean towards registration if they are integral to the crypto value transfer.

Registration vs. Licensing Regime:

• Current (Registration): Poland operates a registration regime for VASPs under its AML Act. This means entities must register their activities with GIIF and comply with AML/CTF obligations. It is not a full "licensing" regime in the sense of prudential supervision (e.g., capital adequacy, operational risk, consumer protection oversight by KNF) like banks or investment firms currently face. The focus is purely on preventing money laundering and terrorist financing.
• Future (MiCA - Licensing): The EU's Markets in Crypto-Assets Regulation (MiCA) will introduce a comprehensive licensing regime for a broader range of crypto-asset services across the EU. MiCA will come into full effect in December 2024 for most provisions. Once MiCA is fully applicable, entities providing crypto-asset services (CASPs) as defined under MiCA will need to obtain a license from a national competent authority (in Poland, likely KNF) and will be subject to more extensive prudential, organisational, and consumer protection requirements, including capital requirements.

Key Requirements for Registration (Under Polish AML Act):

1. Legal Entity / Local Presence:

   • The applicant must be a Polish legal entity (e.g., Spółka z ograniczoną odpowiedzialnością - limited liability company, or Spółka akcyjna - joint-stock company).
   • The management board members (or individuals managing the business) and beneficial owners must meet "fit and proper" criteria.
   • At least one individual from the management board of the Polish legal entity must have their residence in Poland or possess a Polish citizenship.

2. AML/KYC Requirements:

   • Internal AML/CTF Procedures: Develop and implement robust internal anti-money laundering and counter-terrorist financing procedures, including a risk assessment specific to the business and its clients.
   • AML Officer: Appoint a designated individual responsible for AML/CTF compliance (AML Officer or Compliance Officer).
   • Customer Due Diligence (CDD): Implement procedures for identifying and verifying the identity of clients, including beneficial owners, and understanding the purpose and nature of business relationships. This involves collecting identity documents, verifying data, and screening against sanctions lists.
   • Ongoing Monitoring: Conduct ongoing monitoring of client relationships and transactions to detect suspicious activities.
   • Transaction Monitoring: Implement systems to monitor transactions for unusual patterns or thresholds.
   • Reporting: Report suspicious transactions and activities to GIIF.
   • Record-keeping: Maintain records of client identification data and transactions for at least 5 years.
   • Training: Provide regular AML/CTF training for relevant employees.

3. Capital Requirements:

   • Under the current Polish AML Act, there are NO specific minimum capital requirements solely for VASP registration. This is a significant difference from traditional financial licenses.
   • Future MiCA Impact: MiCA will introduce capital requirements for Crypto-Asset Service Providers (CASPs), ranging from €50,000 to €150,000 depending on the type of services provided.

4. Fit & Proper Criteria (Management/Owners):

   • Individuals intending to perform activities in the field of virtual currencies, as well as members of the management board and beneficial owners, must:
     • Have no criminal record for intentional financial crimes (e.g., money laundering, terrorist financing, fraud, tax offenses).
     • Not have been subject to a final decision declaring bankruptcy or being declared bankrupt.
     • Demonstrate sufficient knowledge and experience relevant to the virtual asset services (though this is less formally defined than for KNF licenses).

Application Process:

1. Preparation:

   • Establish a Polish legal entity (e.g., Sp. z o.o.).
   • Draft comprehensive internal AML/CTF procedures and policies.
   • Identify and appoint an AML Officer.
   • Gather documentation for management and beneficial owners (e.g., criminal record certificates, declarations).

2. Submission:

   • Applications are submitted electronically through a dedicated online portal maintained by the Ministry of Finance / GIIF.
   • The application requires providing details about the company, its services, management, beneficial owners, and attaching the required documents.

3. Required Documents (Examples):

   • Application form.
   • Company registration documents (KRS extract).
   • Internal AML/CTF procedures document.
   • Declarations regarding the fulfilment of "fit and proper" criteria by management board members and beneficial owners.
   • Criminal record certificates for relevant individuals (e.g., from the National Criminal Register - Krajowy Rejestr Karny).
   • Proof of Polish residence/citizenship for the required management board member.

4. Review and Decision:

   • GIIF reviews the application for completeness and compliance with legal requirements.
   • GIIF may request additional information or clarifications.
   • If approved, the entity is entered into the register of virtual currency activities.
   • Timeline: The statutory processing time for registration is generally not explicitly defined as a fixed period for the entire process, but GIIF has deadlines to notify applicants of deficiencies. The actual process can take several weeks to a few months, depending on the quality of the application and GIIF's workload.

5. Fees: There is typically an administrative fee for the registration itself, which is relatively low (e.g., PLN 616 as of late 2023). The main costs are associated with legal and compliance consultancy services for preparing the application and AML documentation.

Future Outlook: MiCA (Markets in Crypto-Assets Regulation)

MiCA will fundamentally change the regulatory landscape for crypto-assets in the EU, including Poland, by introducing a harmonized licensing framework.

• Entry into force: Rules related to stablecoins (asset-referenced tokens and e-money tokens) will apply from 30 June 2024. The remaining provisions (e.g., for other crypto-assets and CASPs) will apply from 30 December 2024.
• Scope: MiCA will cover a broader range of crypto-assets and services than the current AML Act.
• Licensing Authority: In Poland, the Polish Financial Supervision Authority (KNF) is expected to be the competent authority for MiCA licenses.
• Requirements: MiCA will introduce:
  • Minimum capital requirements.
  • Detailed organizational and governance requirements.
  • Prudential requirements.
  • Rules on investor protection, market abuse, and transparency.
  • Robust operational resilience requirements.
• Transition Period: MiCA includes transition periods. Entities already providing crypto-asset services in accordance with national law (like those registered under the Polish AML Act) may be able to continue their activities until 1 July 2026, or until they are granted or refused a MiCA license, provided they notify the KNF of their intention to apply.

In summary, for now, virtual asset service providers in Poland must register with GIIF and comply with AML/CTF obligations. However, firms planning to operate beyond late 2024 should already be preparing for the much more extensive licensing requirements under MiCA.

Disclaimer: This information is for general guidance only and does not constitute legal advice. Given the evolving nature of cryptocurrency regulation, it is essential to consult with qualified legal professionals in Poland for specific advice pertaining to your business activities.