We have been serving financial institutions for over 25 years. Our client base includes over half of commercial banks and dozens of other financial institutions. Our lawyers have completed many groundbreaking projects in the financial sector, including: the largest IT implementation (ZSI in PKO BP), first cloud implementations compliant with the Polish Financial Services Commission (KNF) requirements, implementation of anti-money laundering laws, GDPR, and national cybersecurity system legislation, standard credit agreements and car dealer financing systems, structuring outsourcing agreements, transfers of credit and insurance portfolios, representation in consumer cases.
Our lawyers have experience gained both in external consulting and internal positions within bank legal departments.
What we offer
- Technology - agreements and regulations: AI (artificial intelligence), IT, cloud computing, cybersecurity, data protection, outsourcing, RTSs
- AML - implementation, audits, and consulting for AML and KYC systems, AML outsourcing for non-banking entities, assistance with the Polish AML Regulator GIIF inspections and representation in GIIF and Ministry of Finance proceedings, support with AML supervisory assessment (BION)
- Documentation for credit and deposit products
- Data protection - GDPR implementation and audits, retention assessment, support for data breaches, opinions on data protection and sector-specific regulations, risk analysis, representation before the Polish Data Protection Authority PUODO
- Banking and sector-specific confidentiality
- Proceedings before the Polish Financial Supervisory Commission KNF, establishment of payment institutions, changes to banking licenses, restructuring, mergers
- Board of directors' liability - assessments and memorandums
- Distribution networks - structures, agreements, operational advice
Selected experience
- Numerous IT implementations in the banking and financial sector (including PKO BP ZSI - a 9-digit IT implementation programme), amicable resolution of project disputes, banking IT disputes
- Numerous regulatory implementations of cloud computing services in line with KNF Cloud Communication requirements, the Polish Cybersecurity Act compliance audits in a leading bank, compliance assessment of payment services integration interface standard specifications
- Structuring cooperation between banks and providers of cloud-based cybersecurity and other digital services, addressing banking outsourcing regulations, banking secrecy, and personal data processing
- GDPR implementation and data protection consulting in banks and other financial institutions, including data breach response
- Licensing procedures for domestic payment institutions, changes to bank statutes and the scope of banking activity permits
- Implementation of legal provisions and regulations covering compliance systems, internal control systems, and corporate governance for domestic banks - KNF Recommendation H (internal control system), Ministry of Finance regulation on risk management system, KNF Corporate Governance Principles for supervised institutions, and Best Practices for GPW Listed Companies
- Advising one of the largest Polish banks on adapting organizational structure and project management model to agile methodology, in compliance with requirements of Recommendation H and KNF Corporate Governance Principles
- Dozens of completed audit, implementation, and compliance assurance projects for complex regulations such as AML, GDPR, PSD2, UKSC (NIS), DORA, KNF Recommendations, and EBA Guidelines
Reputation
- "Cloud Computing in the Financial Sector. Regulations and Standards", ed. M. Gawroński, 2011, Banking Technology Forum at the Polish Bank Association
- "Cloud Computing in the Financial Sector", 2013, Banking Technology Forum at the Polish Bank Association
- "Combating Money Laundering and Terrorist Financing. A Practical Guide" - the first book on the Polish AML Act, Wolters Kluwer Poland, 2018
- "Personal Data Protection in the Financial and Banking Sector" M. Gawroński and M. Ćwiakowski in "Meritum. Personal Data Protection", ed. D. Lubasz, 2020, 2022, Wolters Kluwer Poland
- "GDPR and Biometric Methods of Customer Identification by Financial Institutions" M. Gawroński in Banking Law Monitor 2019/07-8
- PKO BP ZSI - the largest IT implementation in Polish banking, which influenced the KNF Recommendation D 2013, 2002-2013
