GDPR (Polish implementation via Law on Personal Data Protection)
GDPR applies directly; UODO is the supervisory authority
Urząd Ochrony Danych Osobowych (UODO)
Europe & Central Asia · GDP rank #21
Poland
PL · PLN @ 0.2734/USD
Tab 06
Fraud & security
Headline fraud totals and typology splits, the rollout of EMV chip, tokenisation, 3DS and biometrics, and the controlling data-protection and payments statutes.
APP fraud on BLIK and Express Elixir rising; ZBP (Polish Bank Association) BLIK-fraud signalling system active since 2023.
Reported payment fraud · 2024
284M PLN▲ +14% vs prior year
Card-not-present share
78%
3DS adoption on CNP
93%
Trend lines
What's growing fastest
Where a full typology breakdown is not published, the authorities typically disclose year-on-year growth in specific scam categories. Authorised push-payment (APP) scams and account-takeover fraud are the canonical “wallet era” concerns in most markets.
- Card-not-present share78%
- APP scam growth YoY+38%
- Account takeover growth YoY+22%
Controlling regulation
Instant Payments Regulation (IPR) 2024/886
Applies to Poland from euro-zone-equivalent entry date for PLN instant transfers under PSD3 transposition; VoP mandatory from Oct 2025
European Commission
DORA (Digital Operational Resilience Act)
Effective 17 January 2025; applies to all Polish financial entities
European Commission