Investigations into illegal alcohol advertising and financial services compliance were prevalent, with many firms added to the Polish Financial Supervision Authority’s (KNF) Public Warnings List. In-house legal teams continued to have to deal with cybersecurity incidents and data leaks. The implementation of the EU Whistleblowing Directive imposed new protections for whistleblowers.
Looking ahead to 2025, continued scrutiny of state-owned entities, financial services, and tax-related matters will pose significant challenges.
Post-regime change shift in enforcement approach to state-owned companies and those that have done business with them
In the private sector, law enforcement agencies focused on business fraud, sanctions compliance, money laundering, and bribery-related inquiries. These are the main areas where in-house counsel had to assist management and employees in providing explanations or depositions to the authorities.
There are around 500 state-owned companies in Poland in which the state has a stake or sole ownership. Some of these entities are the biggest players in their sectors. They were subject to investigations concerning various types of fraud, embezzlement, and allegations against former management and directors for mismanagement. Every investigation relates to the involvement of the previous government in power between 2016 and 2023. Private sector companies are becoming embroiled in these investigations, by virtue of being a counterparty or business partner of a state enterprise. Many state-owned companies were raided at the outset of these investigations.
Other enforcement themes include increased bank account freezes due to tax evasion, tax fraud, and suspicions of money laundering increased across the board. The Polish anti-money laundering watchdog (GIIF) has been cooperating closely with its EU counterparts on suspicious banking transactions. Each freeze was followed by the opening of a criminal investigation concerning suspicions of money laundering.
In-house legal teams were also frequently involved in responding to cybersecurity incidents, data leaks, and fraud. These required reporting and liaising with law enforcement agencies, often after conducting internal investigations.
Common challenges for internal investigations in Poland
The implementation of the EU Whistleblowing Directive in Poland has completely changed the approach to whistleblowing. There is now much more protection for whistleblowers, both on identity and retaliation. This is likely to lead to increased whistleblowing. Many multinationals will already have sophisticated whistleblowing programs in place, but the new local Polish rules will require local staff to be properly trained on how to take advantage of new whistleblowing policies and how to respond to reports.
Common challenges that arise in an internal investigation in Poland also include:
- Many organizations do not have transparent and unambiguous IT policies concerning an employee’s personal use of mobile devices and other IT equipment (including company email accounts). Where there has been dual use (personal and professional) it is always a challenge to separate personal data from business-related communications.
- Whistleblowers frequently present recordings (concerning their superiors or coworkers) which must always be assessed as to their validity.
- Increasingly more staff and employees use instant messaging apps, like WhatsApp, Signal, Telegram or Messenger, for investigation-relevant communication. These present significant challenges for data preservation and review.
- Governance can be an issue if senior leadership is implicated—and this may not always be evident at the point when the investigation is being structured. Insulating the integrity of an investigation at the outset is crucial. Often the solution lies in ad hoc corporate arrangements or proper setting of proxies.
- How to communicate the outcome of an investigation. Relevant considerations include privilege, the impact on employee/HR-related processes, and self-reporting obligations.
- Protecting and evaluating the credibility of information sources is an issue that concerns not only the protection of whistleblowers (now strictly required by law) but also making arrangements with individuals willing to provide information on an anonymous basis.
Sectors targeted by criminal enforcement
Aside from state-owned entities and their counterparties, many investigations were opened in Poland due to allegations of illegal advertising of alcoholic beverages, which affected producers, advertising agencies, and retained influencers.
Financial and FX brokers, alternative investment vehicles, and online betting and gambling services were also frequently targeted for, inter alia, money laundering compliance, license breaches, and reporting failures. Those affected were frequently added to the KNF List of Public Warnings. Such inclusion is tantamount to a criminal investigation being opened against the management of the entity.
Predictions for 2025 and beyond
Now that the EU Whistleblowing Directive has finally been implemented in Poland, in-house legal teams can expect more reports being made internally or externally by employees or competitors. Protecting the identity of whistleblowers and dealing properly with reports (including those that are fake or unfounded) will be key challenges for internal compliance and legal departments.
Investigations of state-owned entities will continue into 2025, with more private businesses being caught in the crosshairs.
Beyond 2025, a new proposed EU directive on anti-corruption will make significant changes if and when implemented. Progress has currently stalled but is expected to start up again under the new Polish presidency of the EU Council. The Directive introduces new offenses including trading in influence and abuse of functions, and proposes corporate liability. Currently, criminal liability of corporates is virtually non-existent in Poland. Under the proposed Directive, businesses in scope will have to implement new ABAC policies and procedures, and face dilemmas concerning self-reporting. Again, many of these issues will be familiar to multinationals who have pegged their ABAC compliance programs to jurisdictions with more developed ABAC corporate criminal liability regimes such as the U.S., U.K., and France.
Directory quotes
- “The team is regularly instructed on high-value matters related to fraud schemes, international investigations, illegal marketing and irregularities within public tenders. Adam Kowalczyk leads and is well versed in corporate fraud-related matters.” — The Legal 500/2024/White-collar crime
- “Great firm. Fast responses.” — The Legal 500/2024/White-collar crime
- “We particularly value [Adam’s] sound judgment, clear communication and relentless execution of the agreed strategies. His proven track record of successful cases gives us comfort and confidence when dealing with the most challenging matters and issues.” — Global Investigation Review, The 40 under 40, 2024
This article is part of the A&O Shearman Cross-Border White-Collar Crime and Investigations Review. Please click here for our overviews and insights in other jurisdictions.
