Poland -- Sanctions Compliance Regulatory Overview

Poland, as a member of the European Union, is subject to a comprehensive sanctions regime that applies directly within its jurisdiction. This framework encompasses EU-level sanctions, which in turn implement UN Security Council resolutions, and the principles of compliance often extend to considering US OFAC sanctions due to the global nature of cryptocurrency and financial systems.

For Virtual Asset Service Providers (VASPs) operating in Poland, compliance with these sanctions is a critical component of their Anti-Money Laundering and Counter-Financing of Terrorism (AML/CFT) obligations.

Here's a breakdown of cryptocurrency sanctions and restrictions in Poland:

1. EU Sanctions Framework (Primary for Poland)

As an EU member state, Poland directly applies all EU restrictive measures (sanctions) imposed by the Council of the European Union. These sanctions are binding and directly applicable through EU Regulations, without needing further national legislation for their core provisions.

• Legal Basis: Article 29 of the Treaty on European Union (TEU) and Article 215 of the Treaty on the Functioning of the European Union (TFEU).

• Key Principles: EU sanctions typically involve:

  • Asset freezes: Prohibiting the making available of funds and economic resources (including virtual assets) to designated persons, entities, or bodies.
  • Travel bans: For designated individuals.
  • Trade restrictions: On certain goods and technologies (e.g., dual-use items, arms embargoes), and increasingly, services.
  • Financial restrictions: Prohibitions on investment, lending, or providing financial services to specific entities or sectors.

• Virtual Assets: EU sanctions explicitly cover virtual assets within the definition of "funds" or "economic resources." For example, the EU's restrictive measures against Russia, Belarus, and other regimes have been updated to explicitly include crypto-assets within the scope of asset freezes and other financial restrictions.

  • Example: Council Regulation (EU) 2022/328 (and subsequent amendments) concerning restrictive measures in view of Russia's actions destabilising the situation in Ukraine explicitly includes "crypto-assets" in the definition of "transferable securities" and "funds," thereby subjecting them to the asset freeze and other financial restrictions.

• Sanctioned Entity Screening Obligations:

  • VASPs in Poland are legally obligated to screen all their customers, beneficial owners, and, in certain circumstances, counterparties and transactions, against the EU Consolidated List of persons, groups, and entities subject to EU financial sanctions.
  • This screening must be conducted proactively during customer onboarding (Customer Due Diligence - CDD), periodically throughout the customer relationship, and dynamically for transactions.
  • Any match or potential match requires immediate freezing of assets (including crypto) and reporting to the General Inspector of Financial Information (GIIF - Generalny Inspektor Informacji Finansowej).

• Geographic Restrictions:

  • EU sanctions impose restrictions on conducting business with entities or individuals in, or acting on behalf of, sanctioned countries or regions (e.g., Russia, Belarus, Iran, North Korea, Syria, certain regions of Ukraine).
  • VASPs must implement controls to prevent services from being used to circumvent these geographic restrictions, including IP blocking, address analysis, and source of funds checks.

• Penalties for Violations:

  • Non-compliance with EU sanctions in Poland is subject to penalties outlined in Polish national law. The primary legal act is the Ustawa z dnia 1 marca 2018 r. o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu (AML Act).
  • Administrative penalties can include significant fines (up to PLN 5 million for legal entities, or up to 10% of annual turnover, or twice the amount of benefit derived from the violation).
  • Criminal penalties (imprisonment) can apply to individuals who intentionally violate sanctions or facilitate money laundering/terrorism financing.

Legal References:

• Treaty on European Union (TEU): https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A12012M%2FTXT
• Treaty on the Functioning of the European Union (TFEU): https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A12012E%2FTXT
• EU Sanctions Map (Consolidated List Search): https://www.sanctionsmap.eu/#/main
• Council Regulation (EU) 2022/328 (Russia Sanctions example): https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R0328 (and subsequent amendments)

2. UN Sanctions Compliance Requirements

UN Security Council resolutions imposing sanctions are implemented in the EU through Council Decisions and Regulations. Therefore, compliance with UN sanctions is effectively achieved by complying with the directly applicable EU sanctions regulations in Poland.

• Legal Basis: UN Security Council Resolutions, implemented via EU Regulations.
• Sanctioned Entity Screening Obligations: VASPs must screen against the UN Security Council Consolidated List, which is typically incorporated into the EU Consolidated List.
• Geographic Restrictions: UN sanctions often target specific countries (e.g., North Korea, Iran, Sudan) and are reflected in EU regulations.
• Penalties for Violations: As above, governed by Polish AML Act.

Legal References:

• UN Security Council Consolidated List: https://www.un.org/securitycouncil/sanctions/information

3. OFAC Sanctions (US Office of Foreign Assets Control)

While OFAC sanctions are primarily extraterritorial and directly apply to "US persons" (US citizens, residents, entities, and anyone within US jurisdiction), they have significant implications for non-US entities, including VASPs in Poland, due to several factors:

• Secondary Sanctions: Certain OFAC sanctions programs include secondary sanctions that can target non-US persons for engaging in specific activities with sanctioned entities, even if those non-US persons are not directly subject to US jurisdiction.
• US Dollar Transactions: Any transaction involving the US financial system or US dollar clearing can fall under OFAC's jurisdiction, regardless of where the entities are located. Given the prevalence of USD in crypto markets, this is a major risk.
• Global Best Practice: Due to the global interconnectedness of financial systems and the potential for reputational damage and correspondent banking de-risking, many non-US financial institutions and VASPs screen against OFAC lists (especially the SDN List) as a best practice, even without a direct US nexus.
• Sanctioned Entity Screening Obligations: While not directly mandated by Polish law for non-US persons without a US nexus, best practice for VASPs in Poland includes screening against the OFAC Specially Designated Nationals (SDN) and Blocked Persons List, as well as other relevant OFAC lists.
• Geographic Restrictions: OFAC maintains extensive sanctions programs against countries like Iran, North Korea, Cuba, Syria, and others. VASPs that conduct business with these jurisdictions or individuals associated with them risk secondary sanctions.

Legal References:

• OFAC SDN List: https://home.treasury.gov/policy-issues/financial-sanctions/specially-designated-nationals-and-blocked-persons-list-sdn-human-readable-lists
• OFAC Sanctions Programs and Country Information: https://home.treasury.gov/policy-issues/financial-sanctions/sanctions-programs-and-country-information

4. VASP-Specific Sanctions Compliance Requirements in Poland

VASPs (including cryptocurrency exchange services, custodian wallet services, etc.) are "obliged institutions" (instytucje obowiązane) under Polish AML law. This means they are subject to robust AML/CFT obligations, which inherently include sanctions compliance.

• Polish AML Act (Ustawa z dnia 1 marca 2018 r. o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu): This Act implements the EU's 4th and 5th Anti-Money Laundering Directives (AMLD4 and AMLD5) and will adapt to AMLD6/7. It defines VASPs as obliged institutions.
• Key Obligations for VASPs:
  • Customer Due Diligence (CDD): Implementing robust KYC procedures, including identification and verification of customers and beneficial owners, and understanding the purpose and intended nature of the business relationship. This must include sanctions screening.
  • Ongoing Monitoring: Continuously monitoring transactions and relationships to detect suspicious activities and ensure compliance with sanctions.
  • Risk Assessment: Developing and implementing a comprehensive risk assessment framework that considers geographic risks, customer risks, product/service risks, and delivery channel risks, including sanctions exposure.
  • Internal Procedures: Establishing internal policies, controls, and procedures for AML/CFT and sanctions compliance, including employee training.
  • Reporting Obligations: Immediately reporting suspicious transactions (STRs) and any identified sanctioned assets to the GIIF.
  • Freezing Assets: Immediately freezing any funds or economic resources (including crypto-assets) belonging to designated individuals or entities subject to an asset freeze.
  • "Travel Rule": The Financial Action Task Force (FATF) Recommendation 16 (the "Travel Rule") requires VASPs to obtain and transmit certain originator and beneficiary information for virtual asset transfers above a de minimis threshold. While the EU's full implementation is evolving (Regulation (EU) 2023/1113 on crypto-asset transfers, MiCA), VASPs are expected to prepare for and adhere to these standards, which aid in sanctions screening.

5. Country-Specific Sanctions Lists for Crypto in Poland

Poland does not maintain its own independent, separate sanctions list specifically for cryptocurrency that goes beyond the EU/UN framework.

Poland's approach to sanctions for crypto (and all other asset classes) is to:

1. Directly apply EU sanctions regulations.
2. Enforce UN sanctions as implemented by the EU.
3. Expect compliance with global best practices, which often include screening against OFAC lists, due to the nature of international finance and cryptocurrency.

The relevant Polish authorities (GIIF, KNF) enforce compliance with these overarching frameworks.

6. Regulatory Bodies in Poland

• General Inspector of Financial Information (GIIF - Generalny Inspektor Informacji Finansowej): This is Poland's Financial Intelligence Unit (FIU). GIIF receives suspicious activity reports (STRs) from obliged institutions, including VASPs, and is responsible for implementing asset freezes based on sanctions lists.
  • GIIF Website: https://www.gov.pl/web/giff
• Polish Financial Supervision Authority (KNF - Komisja Nadzoru Finansowego): KNF is responsible for licensing and supervising VASPs in Poland and ensuring their compliance with AML/CFT and sanctions regulations. KNF can impose administrative penalties for non-compliance.
  • KNF Website: https://www.knf.gov.pl/

Summary:

VASPs in Poland must adhere to a robust sanctions compliance program that primarily follows the EU sanctions framework, which incorporates UN sanctions. Best practices also dictate screening against OFAC lists. This includes comprehensive customer and transaction screening, geographic restrictions, freezing of sanctioned assets, and reporting to the GIIF, all under the regulatory oversight of the KNF and GIIF. Penalties for non-compliance are severe, encompassing substantial fines and potential imprisonment.

Polish AML Act Reference:

• Ustawa z dnia 1 marca 2018 r. o przeciwdziałaniu praniu pieniędzy oraz finansowaniu terroryzmu: Dziennik Ustaw (Journal of Laws) 2022 item 1801, with subsequent amendments. (This is the most current consolidated text available at the time of writing). You can typically find the official, up-to-date text on Polish government legal databases such as isap.sejm.gov.pl by searching for the "Ustawa o przeciwdziałaniu praniu pieniędzy".
  • Example search result (may vary by specific amendment date): https://isap.sejm.gov.pl/isap.nsf/DocDetails.xsp?id=WDU20180000072 (Original Act) and subsequent amendments like 2022 item 1801.

Disclaimer: This information is for general informational purposes only and does not constitute legal advice. Compliance requirements are complex and subject to change. VASPs operating in Poland should consult with legal professionals specializing in AML/CFT and sanctions compliance to ensure full adherence to all applicable laws and regulations.