Month: April 2025

The CASP (Crypto-Asset Service Provider) licence is a mandatory licence under the MiCA (Markets in Crypto-Assets) regulation that companies providing services related to crypto-assets in the European Union must obtain. This includes cryptocurrency exchanges and cryptocurrency exchange offices.

How to obtain a CASP licence?

In order to operate in the field of crypto assets in accordance with MiCA regulations, entrepreneurs must meet certain requirements and submit an application to the relevant supervisory authority in their country.

Requirements for physical presence in the EU

In accordance with Article 59(2) of MiCA, crypto asset service providers must:

• Have their head office in a member state where they actually carry out at least part of their cryptoasset service business.
• Have their place of effective management in the EU.
• Have at least one director who is resident in the EU.

Therefore, purely virtual operations without a physical presence in the EU do not meet the regulatory requirements.Where do I apply for a CASP authorisation?

Entities applying for a CASP authorisation shall submit an application to the competent supervisory authority of their home Member State.

The home member state for a crypto-asset service provider will be the member state in which the crypto-asset service provider has its registered office.

Does the CASP authorisation allow for the provision of services throughout the EU?

Yes, once they have obtained a CASP licence, companies can provide crypto-asset services throughout the European Union under the freedom of establishment or the freedom to provide services. Importantly, cross-border activity does not require a physical presence in the host Member State.

Requirements for board members of entities applying for a CASP

Board members must:

• They must be of good repute, have a clean criminal record and have appropriate knowledge and experience.
• They must not have been convicted of offences relating to money laundering or terrorist financing or of other offences that could affect their good repute.
• At least one board member must be resident in the Union.
• They must also demonstrate that they are able to dedicate sufficient time to effectively fulfil their duties.
• They must not be subject to any penalty under commercial law, insolvency law, financial services regulations, anti-money laundering and anti-terrorist financing regulations, anti-fraud regulations or professional liability regulations.

The fulfilment of these conditions must be documented with appropriate evidence and attached to the authorisation application. The supervisory authority will verify whether these conditions are actually met.

Documents required for the CASP authorisation application

The exact list of documents and information that must be included in the CASP application depends on the type of services that the applicant intends to provide according to Art. 3, Paragraph 1, No. 16 of the MiCA. Therefore, the first step in preparing an application should always be to identify the services you plan to provide and verify the requirements that the MiCA has set for the authorisation of these specific services.

However, based on the requirements set out in the MiCA regulation and the accompanying technical standards, it is possible to define a basic catalogue of documents and information that will need to be completed by an entity preparing to apply for a CASP licence. These will include:

• Identification data of the applicant.
• Articles of association or partnership agreement.
• Programme of activities and type of services planned, as well as the place and manner in which they will be provided.
• Proof of compliance with the prudential requirements set out in Article 67 of the MiCA (documents confirming the required funds or guarantees, insurance policies if applicable).
• Description of management principles – organisational structure of the applicant and internal supervision system and decision-making procedures.
• Proof of good repute and competence of the members of the management body – (Criminal records and CVs as well as information on experience).
• Description of internal control and risk management procedures (Policies and procedures for identifying, assessing and managing risks, procedures for combating money laundering and terrorist financing, and a business continuity plan).
• Technical documentation of ICT systems and security solutions with a non-technical description (Consistent non-technical description and business continuity policy, which includes ICT business continuity plans as well as ICT response and recovery plans).
• Procedures for segregating crypto assets and customer funds.
• Complaint handling procedures.
• Cryptoasset custody policy (Required for custody service plans).
• Description of trading platform operating rules (if applicable) – Platform rules and procedures and market abuse prevention system.
• Confirmation of the knowledge and experience of persons providing advice or portfolio management (if we intend to provide crypto-asset advice or crypto-asset portfolio management services) – Documents confirming the competence and experience of advisors necessary to fulfil their duties.
• Indication of the type of crypto assets to which the crypto asset service relates.
• Systems and procedures to ensure the availability, authenticity, integrity and confidentiality of data.
• Outsourcing policy, including policies on contingency plans and exit strategies, taking into account the scale, nature and scope of the crypto asset services provided.

Summary

Considering the detail and extent of the information and documents that must be attached to the CASP licence application, there is no doubt that this is a process that requires thorough preparation. Therefore, if you are planning to apply for a MICA licence, please contact us to make sure that your application meets all regulatory requirements! We will gladly help you prepare the relevant documentation and ensure compliance with MiCA regulations, as well as other regulations relevant to, among others, financial entities or those in the crypto-asset industry – in particular, GDPR or DORA.

Changing the time, both from winter to summer time and from summer to winter time, is of significant importance in the context of labour law. In Poland, the time change is regulated by the Act on Official Time in the Territory of the Republic of Poland and relevant regulations of the Prime Minister. The practical consequences of these changes affect employees, especially those working at night.

Legal basis for time change

Time change in Poland is based on:

• Act of 10 December 2003 on official time in the territory of the Republic of Poland (Journal of Laws 2004 No. 16 item 144),
• Regulation of the Prime Minister of 4 March 2022 on the introduction and cancellation of Central European Summer Time in 2022–2026 (Journal of Laws 2022 item 539).

In practice, this means that the clocks are adjusted twice a year:

• Change from winter to summer time – the hands of the clock are moved forward one hour (from 2:00 to 3:00), so that on that particular day we sleep one hour less.
• Changing from summer to winter time – the hands are moved back an hour (from 3:00 to 2:00), which results in an hour more sleep 😉

Changing time and working time

Changing time has a direct impact on the working time of people working at night.

Changing from winter to summer time – shorter night shift

During the transition to daylight saving time, employees who work at night theoretically work an hour less. For example, if an employee has a shift from 10 p.m. to 6 a.m., they will actually only work 7 hours because at 2 a.m. the clock will immediately jump to 3 a.m.

Will the employee get paid for this missing hour?

Yes! The Labour Code stipulates that the employee must be paid for this hour in full, even though he or she did not actually work it. This is based on the principle that the employee should not suffer financial loss due to regulations beyond his or her control.

Article 151⁷ of the Labour Code defines night time as the period between 21:00 and 7:00 and states that night work should not exceed 8 hours per day for particularly strenuous or dangerous work. In the context of the change from winter to summer time, the employee is also entitled to remuneration for the unworked hour resulting from the shortening of the night shift, but is not entitled to a night work allowance (for this one unworked hour).

This means that in the case of readiness to work and obstacles beyond the employee’s control, he is entitled to full pay, even though he actually worked 7 and not 8 hours on that day.

This rule is intended to protect the rights of employees and ensure that their working time and remuneration are fairly accounted for in accordance with applicable legal standards.

Daylight saving time change – additional hour of work

When the clocks go forward, the working time of the aforementioned employee on that particular day will increase by one hour, i.e. to 9 hours instead of the standard 8. In this situation, the additional hour

• Is treated as overtime,
• Is subject to settlement in accordance with the provisions of the Labour Code – the employee is, in principle, entitled to remuneration with an overtime allowance,
• However, it can be compensated with time off at a ratio of 1:1 (at the employee’s request) or 1:1.5 (at the employer’s initiative).

In addition, if the extra hour falls during the night, the employee is entitled to a night-time bonus of 20% of the minimum hourly wage.

Employer obligations when changing the time

Changing the time means that employers must observe several key rules:

1. Adjustment of work schedules – the employer should take into account the time change in work schedules to avoid overtime or staff shortages and ensure minimum rest time required by the Labour Code.
2. Settling overtime – an extra hour of work when changing to winter time must be adequately paid or compensated with time off.
3. Informing employees – employees should be aware of the rules regarding remuneration and settlement of working hours during the time change.

Time change and labour law – practical examples

Example 1 – shift worker (summer time to winter time change)

A security guard works the night shift from 10 p.m. to 6 a.m. These hours correspond to the night shift defined by his employer in the internal regulations. At night, the clocks go back from 3:00 to 2:00. The effect? The employee works 9 hours instead of 8. The employer must pay the salary and overtime allowance or grant time off.

Example 2 – monthly-paid employee (change from winter to summer time)

A security guard who is paid a monthly salary should not be affected by the change from winter to summer time in terms of his salary – he will receive the full amount due to him.

Example 3 – hourly-paid employee (change from winter to summer time)

Similarly, a security guard paid by the hour will be paid for the number of hours he was supposed to work in a given month, even if he worked one hour less on a given day due to the summer time change.

Przykład 3 – pracownik wynagradzany stawką godzinową (zmiana czasu zimowego na letni) 

Podobnie pracownik ochrony wynagradzany stawką godzinową – , otrzyma on wynagrodzenie za taką liczbę godzin, jaka przypadała mu do przepracowania w danym miesiącu, nawet jeżeli w danym dniu pracował o jedną godzinę krócej z uwagi na zmianę czasu na letni.  

Which employees require special attention?

• Art. 178 § 2 of the Labour Code – Employees taking care of a child until the age of 8. It is not possible to employ such an employee without their consent to work overtime, at night, in the working time system referred to in Art. 139, the intermittent working time system, or to delegate them outside their permanent workplace.
• Art. 1517 § 3 of the Labour Code – persons performing particularly dangerous work at night or work associated with great physical or mental effort – in this case, the working time of such a person may not exceed 8 hours per day. This restriction does not apply to employees managing the workplace on behalf of the employer or to situations requiring rescue operations to be carried out in order to protect life or health, safeguard property, protect the environment or rectify a breakdown.
• Art. 203 § 1 of the Labour Code – young employee – these persons may not be employed to work overtime or at night. This prohibition is absolute and is not waived by the employee’s consent.
• Art. 15 of the Act of 27 August 1997 on Vocational and Social Rehabilitation and Employment of Disabled Persons. According to its content, the working time of a disabled person may not exceed 8 hours a day and 40 hours a week. The working hours of a disabled person with a severe or moderate degree of disability may not exceed 7 hours a day and 35 hours a week. A disabled person may not be employed at night or during overtime. However, according to Article 16 of the Act, a disabled person may work at night if they are employed as a security guard and if, at their request, the doctor carrying out preventive examinations or, failing that, the doctor caring for that person gives their consent.

Summary

The change of time has significant consequences in the context of labour law, and its impact varies depending on whether it is a question of switching to summer or winter time. Key conclusions:

• An employee working the night shift during the change of time from winter to summer receives remuneration for the hour not worked, but does not receive a night shift allowance for it.
• An employee whose shift falls during the change from summer to winter time will work an extra hour, which constitutes overtime.
• The employer is obliged to settle working time accordingly and to inform employees about the settlement rules.
• It is worth keeping an eye on legislative changes, as there are increasing calls for the abolition of the time change in the European Union.

One of the important responsibilities that the DORA regulation imposes on financial entities is to maintain and submit to the Polish Financial Supervision Authority a register of information on ICT contracts (ROI).

This register is more than a list of contracts with ICT suppliers. Its purpose is to create a database of key information for ICT risk management. The ROI is intended to map the relationships between the financial entity and its suppliers, providing supervisory bodies with full insight and control over these relationships.

The deadline for preparing and submitting the first ROI to the KNF is approaching. According to the KNF, the first ROI reports will be submitted in April 2025 (the exact date will be announced at the beginning of April).

Scope of responsibilities and key challenges

In order to prepare the ROI, financial entities will have to collect a range of information, including:

• Information on specific ICT contracts, including basic information such as the parties, the type of services, the dates of conclusion and validity, as well as more detailed information on the contract value, notice periods, place of service provision or data storage.
• LEI numbers of ICT suppliers and subcontractors.
• For contracts that support critical or important functions, comprehensive information about the supply chain is necessary.

For many financial institutions, the key challenge is obtaining data for the ROI register. This information is often not centrally collected, which requires the involvement of various organisational units and external ICT providers, which can delay the process.

Formal requirements, validation and changing guidelines

Collecting data is only the first step. The next challenge is to correctly fill in the ROI register in accordance with the requirements of the Polish Financial Supervision Authority (KNF).

The reporting obligation will be fulfilled via the KNF reporting system, using dedicated ROI forms. The register must meet certain standards – incorrect data format, missing required fields or incorrect file name can result in rejection, which means urgent correction and resubmission.

The changing regulatory environment is an additional challenge. Taxonomies, forms and instructions are constantly updated, so financial institutions must follow KNF and EBA guidelines to comply with the latest requirements and avoid problems when submitting the register.

Consolidation of data in capital groups

For capital groups, the consolidation of the ROI register is an additional challenge. A financial entity required to maintain a consolidated ROI must include not only its own contracts with ICT suppliers, but also similar information from its subsidiaries (if they are subject to DORA).

For financial entities, this means the need to:

✔ Verify whether and to what extent their ROI is subject to consolidation,

✔ If they are required to consolidate, obtain data from subsidiaries in time to verify it and enter it in the register.

Standardising the way data is reported by individual entities is key to avoiding inconsistencies in the consolidated ROI register.

How to prepare?

Due to the complexity of the process of preparing a correct ROI, in my opinion, the key to the success of the entire undertaking is the implementation of an internal process for preparing the register, which should include:

1. careful familiarisation with the definitions in DORA and implementing acts, as well as the interpretation of KNF guidelines;
2. for capital groups: identify the entities covered by the register – determine which entities within the financial group are subject to the reporting obligation;
3. collect and complete data in the appropriate forms – identify missing information and contact suppliers to obtain it.
4. comply with formats and taxonomy
5. Regularly monitoring regulatory changes – keeping track of updates from the KNF and EBA to ensure that the organisation is working on the correct forms and in accordance with current guidelines.

o summarise…

The ICT Contract Information Register is a key obligation for financial entities covered by DORA, and its preparation requires time, special care and precision. Failure to comply with the PFSA’s requirements may result in the report being rejected and, in extreme cases, severe sanctions.

Financial institutions should work intensively on their records and also monitor updates provided by the PFSA and EBA, as changing guidelines may force additional adjustments in reporting.

Useful materials

• EBA:Guidelines and materials regarding DORA
• KNF: DORA reporting portal (reporting forms, detailed instructions and KNF guidelines, requires login)