Mateusz Gołacki for prawo.pl: “Professional secrecy in the crypto-asset market: different in MiCA, different in the Act”
The draft Polish Act on the crypto-asset market introduces far more detailed rules on the protection of professional secrecy than the MiCA Regulation itself. The proposed provisions place obligations not only on businesses operating in the crypto sector, but—above all—on specific natural persons representing those entities: from board members to employees and collaborators. Associate Mateusz Gołacki writes about this for prawo.pl. Read the article in Polish here!

Polish Act vs. MiCA – key differences
While the MiCA Regulation focuses mainly on supervisory authorities’ duties regarding confidentiality, the Polish draft goes much further. The proposed provisions impose direct obligations on members of management boards, supervisory boards, employees and all persons cooperating with crypto-asset service providers.
Harsh penalties for breaching professional secrecy
A breach of professional secrecy would be treated as a criminal offence punishable by up to three years’ imprisonment and a fine of up to PLN 1 million, and the person who breaches the rules would also face civil liability for damages.
Definition of professional secrecy in the Polish provisions
The draft Polish Act introduces a detailed definition of professional secrecy that is missing in MiCA. Confidential information would include matters related to investors’ interests, including information on their financial situation, data from the investor position registry, personal data and the content of concluded contracts. The list is open-ended, meaning other information may also be considered professional secrecy.
When may professional secrecy be disclosed?
The draft provisions specify narrowly defined cases in which disclosure of confidential information will be permitted. Service providers will be able to exchange information on investors’ claims and to disclose data where there is a justified suspicion of a crime or when required by AML/CFT provisions. However, an important practical problem remains: the new rules would effectively make the use of public blockchains impossible, which could negatively affect the sector’s development in Poland.
How to prepare for the new rules
Crypto-asset service providers should begin preparing now. They will need to implement appropriate technical measures—such as access controls and data encryption—review and update internal procedures, develop a professional secrecy protection policy, and run training for employees and collaborators. Breaching the new rules will bring not only severe financial consequences but also significant reputational damage.
Do the proposed Polish rules on professional secrecy in the crypto-asset market differ from the MiCA Regulation? What sanctions will apply to persons acting on behalf of crypto-asset service providers who breach secrecy? How should businesses prepare to implement the new regulations? Mateusz Gołacki answers these and many other questions in his article published on prawo.pl.