A family foundation is a relatively new institution in Polish law, introduced two years ago by the Act of January 26, 2023, on Family Foundations. The ability to establish such an entity was introduced primarily to enable entrepreneurs to secure the succession of their businesses in an undivided form, as well as to ensure the implementation of their own vision for managing them even longer after the founder’s death. Only a natural person with full legal capacity can be the founder of a family foundation. They can establish the foundation and designate its beneficiaries—themselves, relatives, or public benefit organizations—in their will or deed of incorporation. Both deeds should be executed by a notary. Unlike an Anglo-Saxon trust, a family foundation is not a legal relationship but a separate legal entity. Upon establishment, it acquires legal capacity and becomes a so-called “imperfect legal person.”

Tax benefits

Some use foundations to reduce, or rather optimize, their tax liabilities. According to the Corporate Income Tax Act, a foundation is exempt from, among other things, corporate income tax (CIT) if it conducts business activities. However, permissible business activities are defined by the framework set forth in Article 5 of the Family Foundation Act. Permitted forms of activity include:

– disposal of property, unless the property was acquired solely for the purpose of further disposal;

– renting, leasing or making property available for use on another basis;

– joining commercial companies, investment funds, cooperatives and entities of a similar nature, having their registered office in the country or abroad, as well as participating in these companies, funds, cooperatives and entities;

– acquisition and sale of securities, derivative instruments and rights of a similar nature (and others).

Establishment of the Family Foundation

According to the law, the establishment of a family foundation requires:

1) submitting a declaration of establishment of a family foundation in the founding act or in the will;

The documents should be in the form of a notarial deed.

2) establishing a statute that

*mandatory includes:

-name of the family foundation;

-seat of the family foundation;

-detailed purpose of the family foundation;

– the beneficiary or the method of defining it and the scope of the beneficiary’s rights;

– rules for maintaining the list of beneficiaries;

– rules, including detailed procedures, for waiving rights by the beneficiary;

-duration of the family foundation, if specified;

-value of the founding fund;

– the principles of appointment and dismissal, as well as the rights and obligations of members of the bodies of a family foundation, as well as the principles of representation of the family foundation by the management board or by other bodies of the family foundation in cases specified in the Act;

– entity authorized to approve the activities of the management board of a family foundation in the organization;

-principles of amending the statute;

– the allocation of the property of a family foundation after its dissolution, including the designation of the beneficiary entitled to the property in connection with the dissolution of the family foundation.

*may additionally contain:

– principles of cooperation or collaboration between the bodies of a family foundation;

– detailed circumstances of the dissolution of the family foundation;

– guidelines for investing the assets of a family foundation;

-provide for the establishment of a field unit or field units.

3) preparing an inventory of property which includes:

– Property rights contributed by the founder or persons other than the founder to the family foundation, with the indication of the person contributing the property and the specification of the type and value of each of the contributed property components, in the amount determined according to the condition and prices at the time of their contribution and their tax value,

-determination of the proportions used to determine the PIT exemption

– a list of property contributed to the family foundation to cover the founding fund.

4) establishing the bodies of the family foundation required by law or the statute;

– the Act enumerates: the management board, the supervisory board and the meeting of beneficiaries.

– The management board is appointed, unless the statute provides otherwise, by the founder and, after his death, by the supervisory board. In the absence of a supervisory board, the election is made by the meeting of beneficiaries. The management board’s duties include:

• managing the affairs of the family foundation and representing it;
• realization of the goals of the family foundation specified in the statute;
• taking actions related to ensuring the financial liquidity and solvency of the family foundation;
• creating, maintaining and updating the list of beneficiaries in accordance with the provisions of the Act and the principles contained in the statute;
• informing the beneficiary about the benefit he or she is entitled to;
• fulfillment of the benefit to which the beneficiary is entitled.

– A supervisory board is not mandatory if there are 25 or fewer beneficiaries. Unless the statute provides otherwise, the appointment and dismissal of supervisory board members is made by the founder, and after the founder’s death, by the meeting of beneficiaries.

5) contribution of the founding fund

 before entering the family foundation register in the case of establishing a family foundation in the founding act, or contributing the founding fund within two years from the date of entering the family foundation in the family foundation register in the case of establishing a family foundation in a will;

– the founding capital is specified in the statute, but cannot be lower than PLN 100,000

– the sole person obliged to contribute assets to cover the founding fund is the founder.

– property contributed to the founding fund cannot be returned.

– A foundation account may be established outside the territory of the Republic of Poland . This is not subject to restrictions in the European Union. Outside the EU, using such an account will constitute foreign exchange transactions and therefore require a foreign exchange permit from the President of the National Bank of Poland or a director authorized by him.

6) entry into the register of family foundations.

-The register of family foundations is maintained by the District Court in Piotrków Trybunalski, hereinafter referred to as the “registry court”.

-the proceedings are generally conducted in accordance with the provisions on non-contentious proceedings,

– the application for entry is submitted by submitting the foundation to the register by the founder or the board in the case of a foundation established in a will

-The application should include

• name of the family foundation, its registered office and address;
• the amount of the founding fund of the family foundation;
• names and surnames, PESEL numbers of the management board members, and in the absence of an obligation to have such a number – date of birth, and their addresses for correspondence, as well as the manner of representing the family foundation;
• names and surnames, PESEL numbers of the members of the supervisory board, and in the absence of an obligation to have such a number – date of birth, and their addresses for correspondence, if a supervisory board is established in the family foundation, if a board has been established at all;
• names and surnames, PESEL numbers of beneficiaries who are natural persons who are members of the group of beneficiaries, and in the absence of an obligation to have such a number – date of birth, and their addresses for service, and in the case of the beneficiary being an entity other than a natural person – name or company name and REGON identification number, and if the entity is registered in the National Court Register – also its number in that register;
• name, surname and correspondence address of the founder, if the founder is entitled to appoint the management board;
• duration of the family foundation, if specified.

-The following must be attached to the registration of a family foundation in the register of family foundations:

– the foundation’s founding act or the protocol of opening and announcing the will in which the foundation was established;

-statute

– a declaration by the founder about contributing property to cover the founding fund, and in the case of establishing a family foundation in a will – a declaration by the members of the management board that the founding fund will be contributed within two years from the date of entering the foundation in the register;

– proof of establishment of the foundation’s bodies, specifying their composition, if the composition of the family foundation’s bodies does not result from its statute

– consent to serve as a member of a family foundation body.

The notification is subject to the payment of a fee of PLN 500 in accordance with Article 64 a of the Act of 28 July 2005 on court costs in civil cases ( i.e. Journal of Laws of 2025, item 1228, as amended ).

*Before entry in the register, a company does not have legal personality, so its obligations are the responsibility of the founder or his or her representative. This responsibility ceases upon approval of their actions by a resolution of the management board.

Artykuł What is a family foundation under Polish law? pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

What essentially is GLP?

The problem of regulating diligence clauses in employment contracts in the laboratory industry is essential on the basis of Polish and EU law. These issues shall also consider the general consequences of breaching employee obligations in the form of the so-called Good Laboratory Practice (GLP) principles.

For some time in the business turnover we can observe the practice of including in employment contracts clauses concerning professionalism and professional diligence in the actions of future employees. As a rule, the clause at issue imposes an obligation on the employee to perform their tasks in a professional manner, adequate to their position and in accordance with standard operating procedures. In addition, all actions of the prospective employee must conform to the recommendations and directives of the supervisor and comply with the applicable law.

The laboratory industry is no exception in this area. It imposes an obligation on employees and contractors to act not only diligently but also based on the principles of Good Laboratory Practice. These principles have been in place since 1978 and regulate issues such as quality assurance in drug testing and development, the prevention of pharmaceutical scandals, and ensuring performance standards for laboratory areas. In addition, the principles regulate such key issues as staffing, space requirements and the quality of equipment and inspection processes for laboratory areas.

Polish GLP regulation and the consequences of violating it

On the grounds of domestic legislation, the issue of GLP is regulated in the Regulation of the Minister of Health of 3 August 2021 on Good Laboratory Practice and the performance of research in accordance with its scope. Annex I to the Regulation defines the standards of work required of the manager of a research center, the study director or members of the research staff. Attention should be paid to the last two categories, since the work standards specified for them determine the scope of diligence to which the employee may be obligated in a contractual clause. According to section 2(6) of the Annex to the said Regulation, the members of staff should be knowledgeable about the GLP of the specific research being conducted. They are required to act on the basis of the study plan and instructions contained in the documents, and to accurately record data obtained from the studies. Each employee should take care of his/her own safety and that of the environment, and report any deterioration of his/her health to his/her supervisor for the purpose of the possible removal from the study. Additional responsibilities are placed on the study supervisor as the person responsible for coordinating the team. These include, but are not limited to: overseeing the study and ensuring that it is conducted with care and accuracy; including cooperation with quality assurance programme officer, accepting the plan and standard operational procedures, and ensuring that adequate copies of the plan are available for the team to rely on when conducting the study. 

Employee actions are subject to constant scrutiny – any deviation from work standards and failure to follow GLP principles is documented and reported to the study director, according to the Regulation. This may result in various employment law consequences for the employee, such as reprimand, disciplinary responsibility, or even termination of employment contract. The detailed rules of an employee’s liability for a breach of due diligence are always defined in an individual contract constructed for them. It is worth mentioning, however, that omissions of individual employees may negatively influence the outcome of an inspection of the entire testing unit by the Inspector of Chemical Substances – the body appointed to inspect testing units at the national level.

European solutions

The basis of the Regulation of the Polish Minister of Health is to be found in the EU legal acts, which have been implemented into Polish law. Therefore, it should not be surprising that the regulations contained in the acts (created before the regulation) do not differ significantly from those adopted in the Regulation. The first of them, Directive 2004/10/EC of the European Parliament and the UE Council from 11February 2004 in Article 1 imposes on Member States the obligation to ensure that laboratories conducting tests on chemical products act in accordance with the principles of the GLP act and the Directive of 1967 on the classification, labelling and packaging of dangerous substances (67/548/EEC). Annex I of the 2004 Directive defines GLP as a quality system that relates to the organizational process and conditions under which non-clinical health and environmental safety studies are planned, conducted, monitored, recorded, archived and reported. It has been determined that the purpose of the establishment of the GLP is to take care of the quality and conditions under which non-clinical safety studies for health and the environment are carried out for the registration or authorisation of products such as pharmaceuticals, pesticides, veterinary products, industrial chemicals or food additives.

Key issue is the regulation set out in Section II, para. 1.4. of the abovementioned act, which constitutes the duties of research personnel. It imposes on personnel the obligation to know the GLP principles applicable to their participation in study being conducted. It orders the personnel to act on the basis of instructions included in study documents, as well as to maintain health protection measures in order to care for the environment and their own safety. They should also record the raw data swiftly and thoroughly. The duties of the study director set forth in this act are similar to those of the Regulation of the Polish Ministry of Health, namely such a director is responsible for supervising the diligent performance of personnel, approves study programs and instructions, and certifies that qualified personnel, familiar with GLP principles and the study plan undertake their duties.

The issue of control of research units, and consequently – their employees and their compliance with GLP principles, was regulated in Directive 2004/9/EC of the European Parliament and the EU Council of 11February 2004. It stipulates that Member States shall appoint national inspection authorities to supervise the operation of entities in accordance with the principles of professional diligence. If irregularities are detected in the implementation of GLP principles in a given unit, and employees show ignorance in the application of its principles, there will entail negative consequences (ranging from questioning the validity of the tests carried out by the unit to its removal or undertaking legal action). These consequences do not preclude additional action by the national authority, based on the specific rules of a given Member State.

It should not come as a surprise that employers in the laboratory sector are striving to enforce the highest possible degree of professionalism, accuracy and attention to professional duties from their employees – the specificity of the described branch requires the highest possible diligence in performing tasks and marginalization of mistakes, which may have serious consequences in the environmental and health dimension. EU and Polish regulations enable employers to effectively implement these obligations in the contract, with individual sanctions for failure to do so.

Artykuł DUE DILIGENCE CLAUSES IN LABORATORY EMPLOYMENT AGREEMENTS AND THE LEGAL CONSEQUENCES OF VIOLATING THEM VS. GOOD LABORATORY PRACTICE pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

The development of artificial intelligence

Artificial intelligence is an interdisciplinary field of knowledge combining elements of computer science, mathematics, statistics, neuroscience, and cognitive science. Its goal is to create systems capable of performing tasks that previously required human intelligence. This includes the ability to learn from data, reason, make decisions, recognize patterns, and process and generate natural language. Unlike traditional programming, in which a computer executes strictly defined instructions, artificial intelligence aims to grant machines a degree of autonomy, allowing them to independently adapt their strategies to changing conditions. Today, AI is no longer an abstract theoretical concept, but a practical tool.

The development of artificial intelligence is one of the most dynamic phenomena in the history of science and technology. Its origins lie in simple deterministic algorithms, based on clearly defined logical and mathematical rules, used to automate repetitive calculations. However, the real breakthrough came in the second half of the 1990s, when, with the increasing availability of data and the development of computing power, machine learning began to be increasingly used. These methods allowed machines not only to perform pre-programmed tasks but, more importantly, to learn from input data and independently improve their results. The application of machine learning meant a shift from rule-based systems to statistical models capable of recognizing patterns and predicting future events. The next stage was the widespread adoption of deep learning, which gained practical significance in the second decade of the 21st century. These techniques utilize multi-layered neural networks capable of analyzing massive datasets in a manner similar to the perceptual processes occurring in the human brain. This enabled the recognition of images, speech, and natural language with unprecedented effectiveness. Deep learning is the basis of many modern solutions, such as recommendation systems.

The most recent phase of development is generative artificial intelligence, which became widely available around 2021. Unlike previous solutions, which focused on classifying and analyzing data, generative systems can create new content—text, images, sounds, and even complex economic strategies. The introduction of this type of technology has radically expanded the potential applications of AI, but it has also revealed new risks related to its impact on society and the economy. Generative models, capable of dynamically shaping information and influencing decision-making processes, can, for example, participate in market price manipulation.

Price manipulation with the help of new technologies

Price manipulation by sellers is unfair or illegal market practices that involve setting prices in a way that misleads consumers or restricts competition. One of the most commonly used strategies is price fixing. It involves agreements between independent businesses aimed at fixing or controlling prices. This can involve jointly setting minimum or maximum selling prices, coordinating price increases, or even fixing discounts. Such actions are automatically considered illegal – the mere fact of agreeing on prices is sufficient, even if the agreement is not fully implemented. The consequence of price fixing is the elimination of natural price competition. Consumers lose the opportunity to choose cheaper offers, and businesses lose the incentive to innovate.

Another form of manipulation is the abuse of a dominant position. A dominant position means that a business entity has an advantage in the relevant market, allowing it to operate largely independently of competitors, contractors, and consumers. Abuse occurs when a business entity uses its power to impose unfair pricing conditions. This can take various forms, such as setting prices that are excessively high relative to the value of the goods or using predatory pricing, i.e., underselling prices to eliminate competition. Each of these practices leads to market distortion, restricting access for new entrants, and worsening consumer conditions.

Pricing algorithms are computer programs that provide pricing recommendations or, in some cases, automatically adjust prices based on current and historical data on market conditions. These algorithms consider much of the same data that companies have always considered when making pricing decisions, including historical data as well as current supply and demand indicators. Compared to human price managers, algorithms can process significantly more data in a much shorter time. This efficiency allows companies using algorithmic pricing strategies to respond more quickly to changes in supply and demand and make pricing decisions based on a more accurate, real-time understanding of market conditions.

Ways to use algorithms

Algorithms can be used in various ways. One is to use the algorithm as a tool to achieve a goal set by the companies. In such a situation, the parties to the agreement make certain arrangements between themselves, and only their implementation is left to the algorithms. For example, two companies could agree to eliminate price competition between them. Simply using a software function that allows them to retrieve data on the prices of other market participants would be sufficient. A strategy would therefore be to automatically set prices slightly lower than other companies while simultaneously ignoring the prices of the colluding company. However, in this case, the mere fact of detecting the existence of such collusion does not raise any doubts under current competition law, as it is possible to attribute the concept of an agreement to this situation.

Another technique involves the joint use of a single price-response algorithm by several traders. This shared use of the same algorithm can lead to price alignment and less competition. One element of this type of agreement is the awareness of the participants that the information being shared will reach their competitors. Consequently, transparency regarding the future behavior of competitors is established between the recipients. Recipients are aware of the participation of their competitors at the same level of trade in the agreement and that their prices are disclosed to their competitors. However, in such cases, the use of algorithms remains a technical activity and can be assessed through the lens of the underlying conduct, to which existing provisions on anticompetitive agreements can be applied.

However, there does not always have to be any agreement between market players regarding the use of artificial intelligence in sales to raise legal concerns. An example would be the configuration of these modern tools to automatically respond to changes in competitors’ prices. This can take the form of faster price reductions, mimicking price increases, or simply adapting to current market price levels. The increasing use of specialized software by businesses that monitors websites and collects price data is making the online sales market increasingly transparent. This transparency allows for easy tracking of competitors’ pricing policies, quick detection of deviations from established price levels, and immediate response to such situations. This allows companies using algorithms to adjust their prices to rivals’ actions almost in real time. Consequently, traditional price reductions aimed at attracting customers often lose their purpose – competitors can offer the same reduction in a fraction of a second. The situation is different with price increases – if one seller decides to increase prices, others are likely to follow suit, leading to an overall price increase. As a result, prices naturally drift towards a level higher than fully competitive.

The most theoretical scenario is a situation in which self-learning algorithms, used independently by different companies, independently conclude that joint coordination is the most profitable strategy. This does not imply a formal agreement or explicit exchange of information, but rather the spontaneous development of behaviors akin to collusion. This could be facilitated by a combination of two factors: on the one hand, the vast amount of available data on competitors and consumers (e.g., thanks to the Internet of Things, transaction analysis, or online behavior tracking), and on the other, the growing capabilities of artificial intelligence algorithms that learn market strategies through experience.

Experimental environments have already demonstrated that algorithms using reinforcement learning are capable of developing stable pricing strategies that reduce competition, even when they are not explicitly programmed to do so. Research shows that such systems can gradually coordinate their behavior, balancing between exploration and exploitation of the environment in a manner resembling tacit collusion. Importantly, this phenomenon can occur even under conditions that hinder cooperation – for example, when new players enter the market or when demand fluctuates.

What is an AI algorithm?

An AI algorithm is a set of advanced mathematical rules and processes designed to solve tasks, make decisions, or imitate human behavior and thinking using a computer. An AI algorithm often leverages machine learning capabilities to analyze, process, and learn from data. This allows AI tools to more efficiently perform various tasks (predicting patterns, assessing trends, optimizing processes, etc.) that would otherwise require human intervention. AI algorithms form the foundation of artificial intelligence systems, enabling them to learn, reason, recognize patterns, process natural language, and make decisions.

AI algorithms can self-improve by adapting their actions based on the analysis of vast amounts of data. There are three major categories of AI algorithms: supervised learning, unsupervised learning, and reinforcement learning. The key differences between these algorithms lie in how they are trained and how they function.

Competition concerns – communication of algoritms

A problem that raises particular concerns among competition authorities is the potential ability of algorithms to communicate. Although there is currently no evidence that systems learn this type of interaction without human intervention, it theoretically cannot be ruled out that in the future, algorithms will develop their own mechanisms for exchanging information. The European Commission points to the risk of “novel forms of coordination” between computer systems. If such a situation were to occur, it would be easier to classify the companies’ actions as prohibited cooperation – similar to traditional information exchange between competitors.

The issue of legal liability, however, remains controversial. If algorithms merely anticipate competitors’ reactions and adapt their own strategies accordingly, companies can be said to have permitted market autonomy (pursuant to Article 101 of the TFEU). However, it is more difficult to assess cases in which the systems themselves create a “communication channel” leading to actual price coordination. Some legal doctrine proposes adopting an approach similar to that used in the case of unauthorized employee actions – the company would be liable for the tools used. This was aptly put by EU Competition Commissioner, emphasizing that “companies cannot hide behind computer code[1]“.

The current state of technology indicates that algorithms are not yet capable of concluding lasting cartel agreements in dynamic market conditions. However, the rapid development of artificial intelligence and the increasing complexity of predictive systems may enable the emergence of such practices in the future. Therefore, regulators are increasingly emphasizing the need to modernize competition law tools to effectively counter not only classic cartels but also “algorithmic collusion”. Failure to address this could lead to significant losses for consumers, a reduction in innovation, and the concentration of economic power in the hands of a few technological entities – creating a kind of “digital plutocracy.”

The effects of AI algorithmic pricing

One of the key problems with algorithmic pricing is the asymmetry in the speed of response to market changes. Companies with more advanced algorithms can update prices much more frequently—even continuously—while those with less advanced technological tools only make price adjustments at longer intervals, such as weekly. This leads to a structural competitive advantage for the former, as they can flexibly adapt to supply and demand and react almost immediately to competitive price movements. In practice, this means that companies with more advanced systems can aggressively lower prices before competitors have time to adapt their offerings, effectively driving them out of the market. This imbalance not only distorts the principles of fair competition but also leads to deeper market concentration, as smaller or technologically weaker companies gradually lose the ability to maintain their position against dominant players investing in advanced algorithmic solutions.

Predatory pricing, in which a dominant firm incurs short-term losses by deliberately pricing goods and services below cost to eliminate competitors or new entrants, is another practice that modern technology is currently employing. This strategy typically involves two stages: first, the dominant firm aggressively undercuts competitors’ prices to drive them out of the market (the predation phase), and then uses its market power to raise prices to recoup losses and generate profits after the competitors disappear (the loss recovery phase). For predatory pricing strategies to be effective, a firm must maintain low prices long enough to eliminate competitors. Pricing algorithms can help firms target specific customers of competitors by offering them prices even below cost. For example, an established firm might do this to avoid losing customers to a new competitor. An established firm might use an algorithm to target customers most likely to switch suppliers, seeking to retain them rather than offering lower prices to all its customers. This could help an established company minimize losses. These algorithms can also help companies pursue predatory pricing strategies and build a reputation for lowering prices in the future if new entrants struggle. Pricing algorithms can also help companies raise prices for consumers who are more willing to pay or less sensitive to price changes. They enable companies to simultaneously engage in predatory pricing and recover losses without the need for a human intervention, using automated means.

Finally, algorithmic pricing introduces a significant element of uncertainty for consumers, who are unable to predict how much they will ultimately pay for a product or service. These mechanisms, based on automated supply and demand analyses, lead to constant and opaque price fluctuations, undermining market trust and limiting the ability to make rational purchasing decisions. Price instability often causes consumers to feel compelled to buy quickly for fear of further cost increases, which encourages impulsive and economically unfavorable choices. In the long term, such practices destabilize the market, hinder healthy competition, and strengthen the position of dominant players who exploit technological advantages at the expense of weaker market participants.

The question of legality

However, a fundamental question arises regarding the legality of such practices under Polish law. The Act of 9 May 2014 on Information on the Prices of Goods and Services[2] imposes on businesses the obligation to clearly and unambiguously disclose the prices of their products. According to the Act, the price should be clearly displayed and allow for comparison with other market offers. However, dynamic price changes, even occurring several times a day, can raise interpretational questions regarding compliance with the requirement of unambiguous price presentation. A consumer who sees significantly different prices for the same product or service within a short period of time may be deprived of the ability to make a rational economic choice. It should be emphasized that the legislator also introduced the obligation to disclose the lowest price applicable within thirty days prior to the discount. In the context of algorithmic pricing, the question arises as to whether every short-term price change resulting from the operation of an algorithm should be treated as a discount within the meaning of the Act, or whether it should be classified as a normal market fluctuation. The lack of clear regulations in this area leads to legal uncertainty for both entrepreneurs and consumers.

The Act of 16 February 2007 on Competition and Consumer Protection[3] opens up an even wider field of interpretation. This Act provides both instruments for counteracting practices that violate the collective interests of consumers and protection against anti-competitive practices. In this context, the problem of so-called tacit algorithmic collusion is particularly significant. In this context, independently operating algorithmic systems of various businesses, monitoring and reacting to competitors’ prices, can stabilize them at an inflated level without the need for a formal agreement. This type of phenomenon, although difficult to detect and prove, can be classified as a violation of fair competition principles, potentially subject to intervention by market protection authorities. The literature indicates that the increasing automation of decision-making processes in price setting raises the risk of developing anti-competitive coordination mechanisms that fall outside the traditional categories of antitrust law.

At the same time, the Competition and Consumer Protection Act imposes an obligation on businesses to avoid misleading practices. In the case of dynamic pricing, the lack of full transparency becomes a problem. If consumers are not informed upfront that prices may fluctuate significantly depending on demand or transaction time, they may be deemed misleading, and the practice itself may be deemed to violate collective consumer interests. In this sense, the obligation of transparency takes on particular significance and should also include information about the pricing mechanism, not just the current price level.

An analysis of the applicable regulations leads to the conclusion that algorithmic pricing per se is not a prohibited practice in Poland. However, its legality depends on whether the entrepreneur complies with the obligations arising from specific laws, as well as on whether the use of algorithms does not lead to practices that restrict competition or violate consumer rights. Entrepreneurs are obligated to provide consumers with reliable and complete information and to avoid practices that may destabilize the market. In the event of a violation of these obligations, sanctions may be imposed by both the Trade Inspection Authority (in the case of incorrect pricing information) and the President of the Office of Competition and Consumer Protection (in the case of practices that violate competition rules or are misleading).

Case law review

It is also worth taking a closer look at decisions issued on algorithmic pricing by state and EU authorities.

In the Eturas case, the contested agreement was supported by a digital platform (software for selling travel online), where the system’s administrator proposed to competing travel agencies the use of a technical instrument imposing a ceiling on discounts on packages offered. The EU Court found it reasonable to assume that travel agencies that were aware of the content of messages sent via the system were participants in an anticompetitive agreement, unless they rebutted that presumption. The Commission also states that the prohibition under Article 101(1) TFEU is likely to cover cases in which “pricing rules” were defined by undertakings “in a common algorithmic tool (e.g., rules for adjusting the price to the lowest price on a specific online platform or in a specific online store), and this qualification would be accepted “even in the absence of an express agreement to adjust future prices”[4].

In commercial transactions, there are also cases in which entrepreneurs use the same algorithm to set prices for their services, yet there are no grounds to conclude that they have entered into an anticompetitive agreement. An example of a case assessed by the President of the Office of Competition and Consumer Protection (UOKiK) is the UBER app. Its use does result in the restriction or even elimination of price competition between UBER drivers, which is, after all, centrally determined by the app. This also constitutes an agreement between UBER and individual drivers. In this case, however, such algorithmic pricing is necessary for the proper functioning of the UBER system, and at the same time, it does not lead to the elimination of competition, being a proportionate measure. This justifies treating such an agreement as not violating the prohibition of Article 6, Section 1 of the UOKiK based on the construction of ancillary restrictions.

A problematic scenario can arise when a large number of businesses utilize the same or similarly functioning algorithm without any collusion between them regarding the selection of one algorithm over another. In this situation, each of these businesses uses a specific program as a tool to inform them about the market situation and enable a rapid response. In this scenario, there is a significant increase in market transparency, which can have anti-competitive effects, as the use of an algorithm allows businesses to react much more quickly to any market changes, including price reductions by competitors, which can reduce their incentive to make such reductions. In such a case, businesses merely adjust their prices to those of their competitors. Such conduct – so-called parallel conduct – has for years been viewed by EU and Polish jurisprudence as not violating antitrust rules. In fact, in this case, it cannot be said that an agreement was concluded. Moreover, under the soft law provisions issued regarding vertical relationships, the Commission itself has indicated that price monitoring using computer programs is not prohibited, or more precisely, it may benefit from an exemption from the prohibition of anticompetitive agreements. Therefore, from the Commission’s position, it can be deduced that the antitrust permissibility of such algorithmic price monitoring is determined by the lack of grounds for attributing such conduct the status of an agreement, and that it constitutes a manifestation of the parallel conduct mentioned above.

According to the authorities, it would also be possible to attribute antitrust liability to the creator of the algorithm. The VM- Remonts formula, developed in EU case law, could be particularly applicable to this. In this case, while the Court recognized as a rule that an undertaking cannot “be held liable for participating in a concerted practice on the basis of the actions of an independent service provider”[5], it also identified exceptions to this rule. Fulfilling one of these exceptions justifies the application of Article 101(1) TFEU also to the service provider, for example, the software developer. Polish legal literature also argues that the constructions of extended liability for competition law infringements developed in EU case law (especially the concept of cartel accessory liability) could also be used to attribute antitrust liability to an undertaking that provides participants in an agreement with tools (including digital tools) enabling the conclusion or implementation of a prohibited agreement.

Summary

Dynamic, algorithmic pricing lies at the intersection of two key areas of law: consumer law and competition law. This practice, while permissible, requires particular caution on the part of businesses and the development of consistent interpretative guidelines by the legislature. The lack of clear regulations creates a risk not only for consumers, who may be exposed to non-transparent and unfair practices, but also for businesses themselves, who may suffer severe financial consequences if they violate fair competition regulations. Given the growing importance of algorithmic technologies, it seems necessary to further develop and clarify the legal framework to enable businesses to use innovative price management tools, while also ensuring an adequate level of consumer protection and the integrity of market mechanisms.

The most serious challenge for competition authorities is when algorithms maintain elevated prices without formal information exchange between companies. In such cases, the classic dogmatics of antitrust law may prove insufficient, and consumers will bear the cost in the form of a loss of some of their well-being. Therefore, developing technical competencies of supervisory authorities, enabling them to understand and analyze the mechanisms of algorithms used in business practice, is particularly important.

At this stage, it seems premature to introduce new regulations on algorithmic pricing, as this could hinder the development of innovative technologies and limit their beneficial applications. Further interdisciplinary research combining law, economics, and computer science, as well as careful observation of market practice and case law, is essential.

[1] Speech of the European Commissioner for Competition M. Vestager, Berlin, 16/03/2017.

[2] Act of 9 May 2014 on providing information on prices of goods and services (consolidated text: Journal of Laws of 2023, item 168).

[3] Act of 16 February 2007 on competition and consumer protection (consolidated text: Journal of Laws of 2024, item 1616, as amended).

[4] Point 397 of Guidelines 2023/C 259/01.

[5] Point 33 of the judgment of the Court of Justice of July 21, 2016, C-542/14, SIA “VM Remonts” (formerly SIA “DIV un KO”) and others. v. Konkurences padom, ECLI:EU:C:2016:578.

Artykuł AI algorithmic pricing and its assessment under Polish and EU competition law pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

The lawyers of KIELTYKA GLADKOWSKI KG LEGAL participate in the EU Info Day – EU Business Hub @ KIMES 2026 on 23 September 2025.

Topic: EU Info Day – EU Business Hub @ KIMES 2026

The EU Business Hub – Japan and the Republic of Korea is an EU-funded programme that supports EU Small and Medium-Sized Enterprises (SMEs) in the green, digital, and healthcare sectors to enter the markets of Japan and the Republic of Korea. The programme aims to strengthen EU businesses’ export and investment activities and to foster more resilient, sustainable, and technologically advanced value chains with both markets.

https://eubusinesshub.eu/en

The programme is organising 10 business missions in Japan and 10 in the Republic of Korea between 2024 and 2027, each business mission allowing a group of 50 innovative EU companies to benefit from extensive business coaching.

The Asia-Pacific region is the largest destination of Foreign Direct Investments (FDIs) globally and it is a powerhouse for global trade. The EU Business Hub – Japan and the Republic of Korea aims to boost the presence and visibility of EU companies operating in the green, digital, and healthcare sectors where potential for increased cooperation between European and Japanese and European and Korean companies exists.

The programme aims to strengthen EU businesses’ internationalisation, export and investment activities, as well as foster more resilient, sustainable, and technologically advanced value chains with the two Asian markets. Thus, significantly supporting the implementation of EU-RoK Free Trade Agreement (FTA) and the EU-Japan Economic Partnership Agreement (EPA).

Artykuł KIELTYKA GLADKOWSKI KG LEGAL – KIMES 2026. EU TRADE MISSION TO JAPAN AND KOREA pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

On September 12-14, 2025, lawyers from KIELTYKA GLADKOWSKI KG LEGAL participated in the annual Futurology Congress in Krakow.

The participants, among which there was AGH University of Science and Technology’s Artificial Intelligence Center of Excellence discussed aspects of new technologies, including:

• Optical Illusions in AI Systems: The Danger of Adversarial Attacks. Adversarial attacks on vision systems are a topic of growing interest in both science and the technology industry – not only due to autonomous vehicles but also medical systems. The panelists demonstrated how subtle, almost invisible image modifications can completely confuse AI algorithms, leading to situations where the algorithm fails to recognize a STOP road sign or makes an error when analyzing medical images. Examples of such attacks from both transportation and medicine were presented, highlighting their impact on everyday life and safety. There were explained the mechanisms behind these phenomena and their consequences for machine learning-based systems. In this area, there is a constant race between the creators of such attacks and the engineers developing protection methods, and ensuring complete security remains a major challenge for the AI industry.

• The development of the Polish space sector, combining engineering, science, and modern technologies. Domestic entities are among the leaders building Poland’s position in the global space industry supply chain. During the panel, there were discussed the most important achievements and participation of Polish teams in prestigious international missions. Representatives of key companies discussed their projects, challenges, and role in the global space ecosystem. There were also considered barriers to sector development and legislative and financial needs. The panel was an opportunity to look to the future and attempt to answer the question of Poland’s potential role in the exploration and use of space. Participants shared their experiences collaborating with the European Space Agency and other international partners.

• Modern biotechnology. Biotechnology is becoming one of the pillars of modern civilization, offering breakthrough solutions in medicine, diagnostics, agriculture, and environmental protection. Faced with global challenges such as aging societies, the growing number of lifestyle diseases, and the need for sustainable development, the dynamic development of biotechnology is opening up new opportunities to improve the quality of life. The panel discussed the potential of gene and cell therapies, the importance of innovative drugs in the fight against cancer, and the role of collaboration between science, the investment sector, and industry. Guests addressed ethical, regulatory, and social issues related to the implementation of new biological technologies. The discussion explored how biotechnology can truly benefit humanity in the coming decades.

The Congress lectures are related to specific examples and problems that scientists are struggling with in daily lives – for example, how to easily delude artificial intelligence in software in an unmanned vehicle resulting in a failure to recognize a STOP sign

source: https://www.drmalinowski.edu.pl/posts/2824-adwersarialne-ataki-na-sztuczna-inteligencje

Artykuł Optical Illusions in AI Systems, the Danger of Adversarial Attacks, Biological Technologies, Explainable AI – topics discussed during Futurology Congress 2025 pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

What is CSIRT GOV and what is its legislative environment

The Polish Computer Security Incident Response Team (CSIRT GOV), led by the Head of the Internal Security Agency, serves as the national CSIRT. The CSIRT GOV is responsible for coordinating the response process to computer incidents occurring in the area specified in Article 26, Section 7 of the Act of 5 July 2018 on the National Cybersecurity System.

The first European cybersecurity regulation is Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the European Union, known as the Network and Information System Directive (NIS). The directive imposes numerous obligations on Member States, primarily involving the establishment of appropriate institutions, the adoption of a national strategy for the security of network and information systems, and the introduction of cooperation mechanisms. This directive established a network of computer security incident response teams (CSIRTs).

The Act on the National Cybersecurity System, adopted by the Polish legislator on 28 August 2018, serves to achieve the objectives set out in the NIS Directive. Pursuant to Article 1 of the Act on the National Cybersecurity System, the act specifies: the organization of the national cybersecurity system and the tasks and responsibilities of the entities comprising this system, the method of exercising supervision and control over the application of the provisions of the act, as well as the scope of the Cybersecurity Strategy of the Republic of Poland.

The legislator, in principle, decided to create three teams:

• CSIRT GOV – Computer Security Incident Response Team operating at the national level, led by the Head of the Internal Security Agency,

• CSIRT MON – Computer Security Incident Response Team operating at the national level, led by the Minister of National Defence and

• CSIRT NASK – Computer Security Incident Response Team operating at the national level, led by the Scientific and Academic Computer Network – National Research Institute (Article 2 of the Act on the National Cybersecurity System).

The competence of CSIRT GOV and CSIRT MON is defined in Article 27 of the Act on the national cybersecurity system as follows: “CSIRT GOV is competent in the scope of incidents related to events of a terrorist nature, referred to in Article 2 point 7 of the Act of June 10, 2016 on counter-terrorist activities (Journal of Laws of 2024, item 92); CSIRT MON is competent in the scope of incidents related to events of a terrorist nature, referred to in Article 5 paragraph 1 point 2a of the Act of June 9, 2006 on the Military Counterintelligence Service and the Military Intelligence Service (Journal of Laws of 2023, items 81, 1834 and 1860).

One of the basic tasks of CSIRT NASK is to recognize, prevent, and detect threats to the security of public administration bodies’ ICT systems or ICT systems and networks covered by the uniform list of facilities, installations, devices, and services constituting critical infrastructure, as well as ICT systems of owners and holders of critical infrastructure facilities, installations, or devices, referred to in Art. 5b paragraph 7 item 1 of the Act of 26 April 2007 on Crisis Management.

CSIRT GOV Annual Report

CSIRT GOV has just published a report on the state of cybersecurity in 2024. The document comprehensively presents statistics on the number and types of incidents and threats, comparing them with data from previous years. It presents the most significant threats and undesirable cyber activity targeting the IT infrastructure of public authorities, critical infrastructure operators, and entities providing essential services. The report is based on an analysis of IT security incidents reported and identified by CSIRT GOV, data obtained using systems enabling autonomous threat detection, and information obtained from the Team’s active activities. The study also includes analyses of the changing cybersecurity landscape, significant trends, and potential security weaknesses.

The Report highlights at least two interconnected circumstances that seem to force reflection on the significance of cybersecurity threats and the systems designed to eliminate or mitigate them. On the one hand, it highlights the technological trend that is increasingly permeating our lives with each passing moment. The result is rapid digitization, which is taking place through the transfer of increasing amounts of data relating to citizens, public services, communications, and finances to the digital sphere. The undeniable convenience of such applications also means that cyberspace can be increasingly effectively used to launch attacks on a scale that seriously threatens the security of the state and its citizens.

The second factor is the geopolitical environment and context. On March 1, 2024, the CRP alert level for cyber threats was lowered from the previously applicable CHARLIE-CRP, the third of four alert levels, to the currently applicable BRAVO-CRP, the second alert level. This, however, means that we are still dealing with a state of heightened threat in Polish cyberspace, despite a slight reduction in the intensity of this threat. The changing landscape of conflicts between states was also highlighted. Unlike in the past, conflicts take the form of not only kinetic clashes but also involve the use of a full spectrum of tools, including those extending into cyberspace. Ultimately, they most often take the form of “hybrid operations or wars,” which can complement military actions, serve as an alternative, or serve as a precursor to a kinetic strike. For this reason, it is important to consider the broader context of emerging incidents.

2024 was a year of dual elections: local government and the European Parliament, which each time requires vigilance on the part of bodies like CSIRT GOV due to the much more widespread threat of disinformation. It is also necessary to ensure the proper functioning of the IT systems used to conduct elections, with citizens’ trust in the democratic process ultimately at stake.

CSIRT GOV Coordinated Incident Statistics

In 2024, a decrease in reports registered by the CSIRT GOV Team regarding potential ICT incidents was observed. Of the 17,439 reports, 3,991 were classified as actual ICT security incidents. In 2022, 26,753 reports and 4,959 incidents were recorded, followed by 19,888 reports and 4,676 incidents in 2023. These statistics do not include reports from the ARAKIS GOV system. The lack of data from ARAKIS, a dedicated, distributed early warning system for ICT threats occurring at the interface between internal networks and the internet, may be due to the need to separate these statistics, which will be discussed later in this article.

There are no significant differences in registered reports and incidents between individual quarters in 2024. However, the highest number of incidents was recorded in the second quarter, which was related to an increase in resource unavailability and the publication of sensitive data in open sources, i.e., leaks.

The CSIRT GOV team indicates that the factors that led to the decrease in incidents include: 1) proactive activities conducted by CSIRT GOV to increase user awareness through training; 2) reporting on identified vulnerabilities within the area of competence; 3) ongoing issuance of CSIRT GOV recommendations – appropriate to the CRP threat level; 4) regular distribution of compromise indicators for monitored campaigns; 5) periodic security assessments of IT systems; 6) the institution’s implementation of security solutions that mitigate attacks in their early stages.

Division of incidents reported by entities of the national cybersecurity system into categories

The highest percentage of recorded incidents, and the most significant increase, occurred in the Vulnerability category. The numbers for incidents in this category are as follows: 1,105 incidents compared to 993 in the previous year. This category refers to security vulnerabilities identified by the CSIRT GOV Team resulting from the vulnerability of resources and services accessible via the Internet by entities under the CSIRT GOV’s jurisdiction.

Vulnerability refers to a weakness in an IT system, e.g., in procedures, design, implementation, or internal controls, that can be exploited for unauthorized access, data destruction or disclosure, data alteration, system weakening, etc.

The next category is Publication. In this regard, there was a decrease in such incidents from 1,052 in 2023 to 902 in 2024. Publication refers to the disclosure of sensitive data through leaks, including login credentials for electronic services, private PGP keys, or information about the specifications of an institution’s IT infrastructure.

Among the activities recorded in the Social Engineering category, the GOV CSIRT Team identified phishing emails aimed at obtaining login credentials for electronic services or other sensitive data, infecting them with malware, or extorting funds. There was a noticeable and significant decline in incidents in this category. In 2024, 815 such incidents were recorded, compared to 1,362 in the previous year. A decrease was also noted in the

Unavailability category, which includes DoS / DDoS attacks (773 incidents in 2023 and 478 in 2024). The remaining, smaller categories, to which a similar number of incidents were assigned as in 2023, are Attack (325 in 2023 to 261 in 2024) – events recorded in this category included attempts to break security by exploiting vulnerabilities, bruteforce attacks, compromise of accounts and systems, and exfiltration of data from adopted IT resources, Cascade (235 incidents in 2024, category not presented in previous years) – referring to reports and incidents related to terrorist events, based on Article 27 of the Act on the National Cybersecurity System. These include all activities aimed at minimizing terrorist threats undertaken by CSIRT GOV in coordinating incident management.

Scanning, or reconnaissance of IT infrastructure to identify vulnerable systems and services, is a category that has seen an increase compared to the previous year (108 incidents in 2024, compared to 101 in 2023). This category includes incidents indicating the possibility of preparing offensive actions aimed at breaching security or compromising the availability of services. The two smallest incidents in terms of number of incidents are Content (53 incidents in 2023, 56 in 2024) and Virus (37 incidents in 2023, 31 in 2024). The former concerns incidents violating broadly understood public goods, such as information damaging the image of state entities or publishing disinformation content. This primarily includes the mass use of the image of persons holding leadership positions in the state, for example, to extort funds from citizens. The Virus category classifies incidents involving malware identified on workstations, servers, and network devices.

The report also includes data on the number of incidents reported by entities within the national cybersecurity system in 2024, broken down by sector. According to this data, the largest number of incidents occurred in the Institutions and Critical Infrastructure Operators sectors. The next sectors in terms of the number of recorded incidents were: State Authority, Office, Ministry, Other, and Service.

Social engineering campaigns in 2024

Social engineering campaigns identified by CSIRT GOV in 2024 most often involve attempts to obtain confidential data, such as login credentials, by impersonating various institutions (phishing), while creating various fictitious scenarios to lend credibility to requests, such as a password reset via a hyperlink sent in an email that led to a fake website. Among the most interesting social engineering campaigns cited by CSIRT GOV in the Report was a phishing campaign involving the sending of messages from a compromised email address belonging to a district office, with a terse subject line and content intended to give the impression that it was part of prior arrangements or correspondence between the sender and recipient. The messages contained attachments named additional (02).docx.exe or additional (03).docx.exe, which contained the Agent Tesla Trojan malware.

Another social engineering campaign, based on a similar theme, also stands out. The goal was to infect recipients’ devices with malware. The sender impersonated PGNiG Obrót Detaliczny sp. z o. o. in the email. The email, titled “PGNiG – Request for Offer: Suwalki Project 2025/2026,” was intended to intrigue the recipient and persuade them to interact with the attachment. The attached archive, titled “PGNIG Request for Offer: Suwalki Project 20252026.gz,” contained a VBS file with the same name. Analysis conducted by the CSIRT GOV team revealed that the script was responsible for downloading malware classified as the GuLoader Trojan from the mobiera.ro domain.

Since the end of August 2024, the CSIRT GOV team has received information about a phishing campaign in which an adversary impersonates the Chancellery of the Prime Minister to obtain login credentials for banking portals (officially used as a login method for government e-services such as mObywatel and Trusted Profile). The website in question was located in the environment.odszkodowanie-gov.com domain. The website used the image of the Chancellery of the Prime Minister and the style of the official government website, which is used by the state administration within the gov.pl domain. The website displayed information about a supposed compensation that every household was entitled to in excess of PLN 400. To receive these funds, users had to authenticate using a bank of their choice. After selecting a financial institution from the list, the fake bank’s website loaded, displaying a login panel.

The most important trends in social engineering attacks in 2024 include: the use of compromised email accounts of local, provincial, national or international institutions, including the takeover of government email accounts (including those in the gov.pl domain), the use of QR codes instead of classic links, allowing the bypassing of automatic scanning of potentially malicious content by email security filters, signing documents using services such as DocuSign and encouraging the display of shared documents on real services such as Microsoft SharePoint or Google Drive, and the use of the image (e.g. logo) of Polish and European law enforcement agencies to intimidate the recipient into taking appropriate action.

The threat from sponsored and hacktivist groups

Threats stemming from sponsored groups are typically characterized by a high level of technical sophistication and sophistication. A key characteristic of these groups is remaining hidden while simultaneously ensuring access to compromised infrastructure. Due to its geopolitical location, Poland is particularly vulnerable to these threats, stemming primarily from the activity of adversaries supporting primarily Russian goals or narratives. Furthermore, in 2024, attacks attributed to hacktivist groups continued to be a constant feature of the cyberthreat landscape. Unlike sponsored groups, these groups intensively published information about their activities on social media to reach the widest possible audience and thus promote their ideological goals. These groups focused their activities on DDoS attacks aimed at disrupting the availability of services and websites, a continuation of the activities from 2022 and 2023. In 2024, a wide range of APT activity was recorded, with the dominant actor in the CRP being the APT group known as APT28, also known as Fancy Bear, which, according to some sources, was actually part of the Russian GRU. ATPs pose a serious threat to the Polish state. ATP28’s mission is primarily to conduct espionage operations, and its targets primarily include government and military institutions, international organizations, and strategic sectors of the economy. ATP activity was characterized by the use of advanced, multi-stage techniques aimed at obtaining credentials, installing malware, and providing persistent access to victim systems.

Example of an ATP28 attack using… Windows Calculator

Perhaps the most spectacular attack involved the distribution of the HEADLACE malware. According to the report, the attack began with an email containing a malicious link, simulating an offer to sell a car from the diplomatic fleet. The email was sent from an email address in the bigmir.net domain, which indicated a Ukrainian email provider. The message encouraged users to open a link under the guise of an Audi car for sale, when in reality the link referred to a webhook.site website. The website’s script verified the value of the browser’s UserAgent header. If the victim was using a non-Windows system, a benign image was displayed; otherwise, a ZIP archive containing three files was downloaded to the victim’s computer: EXE, DLL, and BAT. The executable file had a double.jpg.exe extension to imitate a graphic file, as in previous campaigns. The image in question was a so-called decoy file:

Most interestingly, the file with the .jpg.exe extension was a copy of the authentic Windows Calculator application. However, the Windows Calculator was vulnerable to the so-called DLL Side-Loading technique. (Malware readily exploits the characteristics of dynamic link libraries ( .dll ). The fundamental characteristic of dll libraries is that they require a process to execute the code contained within them. This is where all the abuses in the form of injecting malicious .dll libraries into trusted program processes occur. If Windows or an installed application only checks the name of the .dll library to be loaded, without verifying the checksum or digital signature, it is possible to replace such a .dll library with a malicious one). The purpose of the library in question was to execute the last of the three files, a BAT script. As a result of executing the BAT file, a file with the .jpg20 extension was downloaded from a resource in the webhook [.] site domain using Microsoft Edge. This file was then transferred to another location, changing the file extension to .cmd using the script for execution. Following the attack, some artifacts were deleted to minimize the risk of detection. The final payload returned information from the victim’s workstation, including a list of files from the Desktop and Downloads folders, as well as the IP address.

What else is the ATP28 group responsible for?

ATP28 activity also included another type of phishing activity, involving impersonating email administrators and persuading users to provide their login credentials in a fake Outlook Web Access panel. In 2024, several such campaigns targeted government administrations, including password change panels in both Polish and English, as well as those designed to increase the size of email inboxes. This type of phishing is a classic method of obtaining sensitive data, and the effectiveness of the attack is related to the maturity of individual entities in terms of their cybersecurity measures, which are also within the actor’s area of interest.

Among the activities that most likely fit into the APT28 cluster of activity were password bruteforce attacks, spraying and credential stuffing email accounts and VPN services27 to gain access to email and other resources processed by employees of entities targeted by Russian-sounding APT groups. To conceal the attempted breach, the actor used access through anonymizing networks and residential proxies, using compromised network devices belonging to private users or small businesses, usually geolocated in the same country. In 2024, the actor also reportedly used the DCSync technique to mass replicate user login data within a domain controller, the so-called credential dump. This may result in ensuring the actor’s long-term access to the infrastructure by creating the so-called Golden Ticket -ui to carry out the Pass the Ticket attack. These activities are consistent with the group’s modus operandi, which, after gaining access to infrastructure, employs so-called living- off-the-land techniques, involving the use of available system tools to escalate privileges or exfiltrate data.

Hacktivists and Cybercrime

Following the outbreak of the war in Ukraine, numerous groups and collectives emerged, conducting a kind of guerrilla activity in cyberspace. The term “hacktivism” itself comes from a combination of the words “hack” and “activism,” and is—as the name suggests—the transference to cyberspace of the activities of activists fighting for various political or ideological goals. In the case of pro-Russian ” hacktivists ,” the motivation they present on social media is primarily support for Russian military actions and “punishing” NATO alliance members for their military support of Ukraine. The most well-known groups include Killnet , Anonymous Sudan (despite its name, it aligns with Russia’s narrative), Cyber Army of Russia Reborn , XAKNET, Solntsepek , UserSec , NoName057(16), Zarya , Beregini, and Z- Pentest. Their primary method of operation is DDoS attacks, usually technically unsophisticated but heavily publicized for propaganda purposes. In 2024, the CSIRT GOV team also recorded malicious activity targeting domestic entities, including attempted hacks into IIoT ( Industrial Internet of Things ) systems with remote access over the internet, including through HMI (Human-Machine Interface) panels. This is a new manifestation of hacktivist threats, which have somehow become a focus of interest for these groups. Attacks on such devices were often due to the lack of adequate remote access protection. These weaknesses were also noticed by hacktivist groups. These groups, taking advantage of online login panels, engaged in activities aimed at gaining unauthorized access, primarily through the use of default login credentials. This threat particularly affected facilities such as sewage treatment plants, water treatment plants, waste incineration plants, and facility management facilities.

In 2024, CSIRT GOV also noted cybercriminal activity, including Chinese groups belonging to the Quad7 botnet using vulnerable TP-Link devices. The botnet was used to anonymize attacks, including attempts to take over Microsoft 365 accounts. The UAC-0050 ( DaVinci Group) group also operated, conducting widespread phishing campaigns, including in Poland. Unlike APT groups, which strive to remain hidden and attack precisely selected targets, the DaVinci Group’s modus operandi is different. The group prefers broad attacks and pays little attention to effectiveness. An example of this type of attacks was a campaign recorded in 2024, in which messages were sent to recipients in Poland in Kazakh, which did not fit into any Polish context. This group was also responsible for a disinformation campaign from the end of 2024, in which false threats were sent to plant explosives on government buildings in Poland and Ukraine (as Fire Cells Group). It was a psychological operation intended to cause panic, not an actual attack.

Malware

The CSIRT GOV team analyzed over 15,000 files reported by entities in the national cybersecurity system, 650 of which were deemed malicious. The dominant categories among the analyzed malware samples in 2024 were HTML Phisher, Snake Keylogger, Formbook, and Remcos. HTML Phisher is used in phishing attacks. This type of software is most often distributed by sending victims spoofed emails containing HTML/HTM attachments. After opening the attachment, the user sees a page imitating the service (e.g., online banking or an email login panel). The page is designed to closely resemble the original website. An HTML Phisher attack is also dangerous because it is often able to bypass spam filters and can operate partially offline, as it is opened locally on the victim’s device. Snake Keylogger is software that records all keyboard input by the user. Of course, this also includes login credentials. Snake Keylogger is often distributed via malicious email attachments or as part of a bundle with other software. Once installed, it runs in the background and is often able to evade detection by standard antivirus programs.

Formbook is a popular infostealer malware that focuses on stealing user data, such as login credentials, files, and information stored in web browsers (e.g., saved passwords and cookies). Formbook is sold, among other things, as malware -as-a-service, making it easily accessible to cybercriminals. It is primarily distributed via infected attachments (e.g., PDF files, Office documents) or links in phishing emails. Once a computer is infected, Formbook saves data in hidden files and uploads it to attacker-controlled servers. This type of malware supports functions such as keylogging, taking screenshots, and downloading and executing additional files sent by the attacker. Another malware family is Remcos. Remcos is a remote administration tool that can be used to gain complete control over an infected system. This software allows it to perform a range of actions, such as keylogging, screenshots, webcam and microphone monitoring, and even run arbitrary programs and commands on the victim’s computer. Remcos was initially promoted as a legitimate computer management tool, but quickly became a popular tool used by cybercriminal groups. It is most commonly distributed through phishing campaigns, where victims are tricked into opening infected attachments. Its features include the ability to run in stealth mode, making it difficult for standard security systems to detect.

ARAKIS GOV

The ARAKIS GOV system, mentioned earlier, is included separately in the statistics for a reason. The system’s primary purpose is to detect and automatically describe threats occurring in IT networks based on the aggregation, analysis, and correlation of data from various sources. In 2024, the system generated 5,446,734 alerts, including 3,322,068 with urgent priority, meaning they required an immediate response from administrators. A small percentage of alerts were high and medium priority, while nearly 40% were low priority, meaning they were purely informational alerts regarding the current situation at the interface between the internal network and the internet. Each recorded alert has precise technical data allowing for its verification and is classified in detail by the system. 56.60% of alerts were type 1 (communication to malicious addresses). These alerts resulted from attempts to establish communication with IP addresses or domains deemed malicious or potentially posing a threat.

Safety Assessment Summary

One of the tasks carried out by the CSIRT GOV Team is to assess the security of government administration institutions’ information and communication systems and critical infrastructure. In 2024, in accordance with the plan adopted for this year, assessments were conducted at 14 institutions, assessing a total of 64 network/IT system segments and 26 domains/subdomains and websites. As part of the security assessments, the CSIRT GOV Team conducted a series of tests to identify significant vulnerabilities affecting the security of the assessed entities’ information and communication infrastructure. These tests included passive and active data collection, identifying vulnerabilities in the architecture of network systems and services, web applications, exploiting vulnerabilities, and analyzing the impact of social engineering. As a result of the security assessments, the CSIRT GOV Team identified a range of vulnerabilities, ranging from low to critical. Critical and high threats were identified as the most important groups of vulnerabilities. These vulnerabilities included, for example: outdated software versions present in a number of systems and services used by entities, primarily concerning Apache HTTP Server, OpenSSL, VMware, use of unsupported software versions (Microsoft Windows 2008 R2 std . – end of support January 14, 2020, Microsoft SQL Server 2008 R2 – end of support July 9, 2019, VMware 6.7.x – end of support November 15, 2023), anonymous access, without required authentication or based on default passwords, etc.

Security Assessment – Examples of detected vulnerabilities:

1. Unsecured access to the Docker API – Access equivalent to accessing the server as a user with the highest privileges – root.

2. Discovery of the primary domain administrator’s credentials on the sysvol share.

3. High-privilege MSSQL user – As a result of a Password Spraying attack, access was gained to a network share containing the source code of a web application. A configuration file containing the credentials of the MSSQL service user was found within the code structure. During reconnaissance of the database engine using the compromised credentials, it was discovered that this user had high privileges, allowing them to reconfigure the database server. This was used to execute commands directly on the operating system.

4. Credential disclosure through fuzzing and directory listing: The HP Web Jetadmin service version 10.5.114213 (10.5 SR1) was detected on port 8085/tcp. As a result of the fuzzing tools (wfuzz), unsecure access to the log directory was detected. By enabling the Directory listing option, it was possible to quickly identify resources in a given path and proceed directly to further analysis and attacks on subsequent resources.

5. RCE – Java DebugWireProtocol (JDWP): Java DebugWireProtocol (JDWP) is a protocol used for communication between the debugger and the Java virtual machine. It does not use any authentication and can be exploited to execute remote commands (Remote Code Execution, RCE).

6. Cross-Site Scripting (XSS): By sending a POST request to https://[redacted]/4ses/servlet/

MainServlet?wbts:page=core.search.results.list, it was possible to inject JavaScript code into the search_text parameter. The lack of server-side validation caused the injected code returned in the HTTP response to be executed by the victim’s browser (Reflected XSS).

7. Sensitive data was included in the application logs.

8. DEBUG mode was enabled in the production application.

To properly protect an organization against incidents related to supply chain attacks (depending on the type of cooperation between entities), appropriate security measures may include:

● Risk assessment – a process aimed at identifying, assessing, and managing risks in the existing supply chain, as well as its new/potential connections;

● Regular audits and inspections – tasks confirming or denying the supplier’s ability to safely perform contractual activities;

● Controlling necessary authorizations – an activity involving regular verification of granted resource authorizations, solely on the basis of the so-called Least Privilege;

● Business continuity planning – developing business continuity plans and mitigating the effects of an incident should it occur;

● Data encryption – encrypting data during transmission and storage to ensure its proper security;

● Continuous monitoring – the use of threat and incident monitoring and reporting systems to ensure prompt action;

● Selection of suppliers who meet standards, such as those developed by the International Organization for Standardization (ISO).

Artykuł CSIRT GOV Poland – Computer Security Incident Response Team recently published a very interesting and insightful report on the state of cybersecurity in Poland in 2024. pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

Traditionally, Polish administrative procedures guaranteed the ability to communicate with the public authorities through conventional and traditional channels, i.e., in writing or in person. However, Poland has recently made a significant technological leap in the way businesses communicate with regulatory authorities. After January 1, 2025, in accordance with applicable regulations, this communication relies largely on electronic communication – both with the central government administration, central offices, and institutions regulating the modern technology, industrial, financial, pharmaceutical, energy, and, above all, TMT sectors.

Act on Electronic Delivery

The legal basis is the Electronic Delivery Act, which introduces two delivery methods: a public registered electronic delivery service and a public hybrid service. In practice, this means that deliveries are made exclusively electronically – to a designated electronic delivery address, which is linked to an IT system enabling electronic communication, particularly via email (Article 2, point 1 of the Act on Providing Services by Electronic Means). According to Article 5, a public entity may deliver correspondence requiring confirmation of sending or receipt using a public hybrid service if delivery to an electronic delivery address is not possible in accordance with Article 4, or if it is known that the individual holding such an address has been deprived of liberty. The delivery box allows for sending, receiving, and storing documents in accordance with the Trust Services and Electronic Identification Act. These regulations do not apply to correspondence containing classified information.

Example of the recent case handled by KIELTYKA GLADKOWSKI KG Legal

In one of the cases conducted by KIELTYKA GLADKOWSKI, the essence of which was the proceedings arising from the cybersecurity regulations, the core problem was a situation interfering with the economic freedom of the supplier and creator of a trading platform operating on the FOREX market, including the CFD market, covering derivative securities, including instruments corresponding to Polish subscription warrants for shares, classic securities, and speculative assets of the crypto market. In this case, communication with the Office of Electronic Communications took place separately from that with the CERT Polska – NASK CSIRT Team (Computer Security Incident Response Team), operating within the Scientific and Academic Computer Network – National Research Institute NASK. In practice, in accordance with new regulations, in particular the Act on the National Cybersecurity System implementing Directive (EU) 2016/1138 (NIS 1) and Directive (EU) 2022/2555 (NIS 2), it is only possible to file a case electronically. Communication by other means remains unresolved. Furthermore, the Act on Combating Abuse in Electronic Communications, implementing the European Electronic Communications Code, also reinforces the importance of the exclusive electronic channel as the applicable standard in relations with public offices. Importantly, electronic confirmations of sending and receipt of letters – issued by the operator of the public registered electronic delivery service – have the status of proof of delivery within the meaning of Article 40 of the Act on Electronic Delivery. Such a document is secured with the electronic seal of the trust service provider.

ePUAP

The Electronic Platform of Public Administration Services (ePUAP) is a nationwide IT platform used to facilitate communication between citizens and public administration in a uniform manner, in accordance with the Act on the Computerization of Entities Performing Public Tasks (Article 19a). This system allows for many official matters to be handled online. However, a trusted profile can only be created by an individual with a PESEL number and full or limited legal capacity (Article 20c of the Act on the Computerization of Entities Performing Public Tasks). Therefore, creating a trusted profile directly for a company is not possible. However, an individual can set up an ePUAP mailbox for an organization and act on its behalf. It is also possible to grant power of attorney to other individuals, such as partners, to use the mailbox. Under the amendment to the Electronic Delivery Act (Article 147), delivery of correspondence sent by an individual or non-public entity that uses an ePUAP account to a public entity with an electronic mailbox in ePUAP, as part of the service provided by ePUAP, is legally equivalent to delivery using the public registered electronic delivery service until December 31, 2025. Similarly, delivery of correspondence by a public entity with an electronic mailbox in ePUAP to an individual or non-public entity, if the correspondence is a response to an application or request submitted through ePUAP, or if that individual or entity requested delivery to an ePUAP account, will also have the same legal effects as delivery using the public registered electronic delivery service until the end of 2025.

e-Delivery

e-Delivery, in turn, is a registered electronic delivery service, based on Regulation (EU) 910/2014 eIDAS and the Electronic Delivery Act. It enables the exchange of official correspondence in a manner equivalent to registered mail with acknowledgment of receipt. The e-Delivery address becomes the official communication channel between companies and the administration. From January 1, 2025, offices will exclusively use this system (Article 155, Section 11 of the Electronic Delivery Act). The obligation to have an e-Delivery address applies to entrepreneurs registered in the CEIDG and the National Court Register, regardless of their legal form (this includes general partnerships, joint-stock companies, cooperatives, foundations, etc.). The obligation to use e-Delivery also applies to members of professions of public trust, such as attorneys, legal counselors, tax advisors, patent attorneys, restructuring advisors, and notaries (Article 9, Section 1 of the Electronic Delivery Act). During the transitional period until the end of 2025, a public entity will forward correspondence to a non-public entity at the electronic delivery address – if such an address has been provided. Otherwise, traditional delivery remains permissible. However, from 2026, e-Delivery will become the only permissible channel for all entities subject to the obligation, and from 2029 – also for courts, bailiffs, and prosecutors’ offices.

Summary

The new regulations on electronic delivery clearly establish electronic communication as the primary and often exclusive means of contact with public administration. Each office publishes both its electronic delivery address and ePUAP mailbox in the Public Information Bulletin. Failure to have an active e-Delivery address or failure to submit a document electronically when required will result in the case being left unprocessed. This means that businesses and their representatives must not only implement appropriate technical solutions but also ensure the ongoing operation of electronic delivery mailboxes, in accordance with the rigors of laws and implementing regulations. Digitizing delivery is no longer a matter of choice, but a statutory obligation.

Artykuł Communication and contact between international companies and Polish Agencies regarding regulatory matters in Poland only via electronic means pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

In this article attention will be paid to the valuation of the company’s shares:

When is a stock valued at the day’s price?

When is a stock valued at its mid-year average price?

The topic will be analyzed from an economic perspective. Additionally, these aspects will include situations in which one of the previously mentioned valuations is used and why it works well in those situations.

Stock Valuation

Stock valuation is a key process for investors, allowing them to assess investment risk and helping them decide whether to buy or sell a stock. There are several stock valuation methods that provide information about whether a company is undervalued or overvalued.

The most popular share valuation methods:

1. The accounting method (net asset value) estimates the value of a company’s assets after subtracting liabilities, and divides the result by the number of shares outstanding. This method does not take into account future growth prospects and is therefore rarely used.

2. Liquidation method – assesses the value of a company’s assets in the event of its liquidation, i.e. the sale of all assets after paying off liabilities.

3. Multiples (comparative) method – this method relies on valuing the company relative to other companies in the same sector. Ratios such as price/earnings and price/book value are key here.

4. The DCF method assumes that the value of a company is equal to the sum of discounted future cash flows. This model is more complex, taking into account all relevant economic variables.

Intrinsic value of shares

If the IVA is higher than the market price, the stock is undervalued, suggesting a buy. If it is lower, the stock is overvalued, suggesting a sell.

Company valuation

A company valuation is necessary in many situations, such as during a sale, merger, creditworthiness assessment, or liquidation. Three main categories of valuation methods are used: asset-based, income-based, and comparable. Each method can be selected depending on the company’s business activity and economic conditions. Among the asset-based methods are the adjusted net asset method and the liquidation value method, which are particularly useful in the event of a company liquidation.

In summary, stock valuation is an important tool for investors to help them assess the true value of a company and make informed investment decisions.

Assets and liabilities are valued at least once per balance sheet date in accordance with the Accounting Act. Valuation methods depend on the type of assets and liabilities.

Asset valuation principles:

• Fixed assets and intangible assets: are valued at acquisition price or production cost, less depreciation and impairment losses.
• Real estate and intangible assets classified as investments: valued according to the principles relating to fixed assets or at market value.
• Fixed assets under construction: the valuation includes costs related to acquisition or production, taking into account write-offs for permanent impairment.
• Long-term shares and investments: valued at cost, adjusted for impairment losses or fair value.
• Short-term investments: valued at market value or cost, whichever is lower.
• Material current assets: at acquisition price or production cost, which cannot be higher than their net selling price.
• Receivables and loans granted: are valued at the amount due, in accordance with the prudence principle.

Principles of valuation of liabilities:

• Liabilities: are valued at the amount due, unless they are financial liabilities that can be valued at market value.
• Reserves: are valued at a reliably estimated value.
• Equity: valued at nominal value.

Additionally, assets and liabilities denominated in foreign currencies are valued at the average NBP exchange rate as at the balance sheet date.

If an entity is unable to continue as a going concern, assets are valued at their net realisable prices and a provision is made for potential losses associated with the liquidation of the business.

Stock valuation involves determining a stock’s value to identify which stocks are undervalued (to buy) or overvalued (to sell). There are several main valuation methods:

1. Income Methods: These rely on the company’s future earnings and project future cash flows to assess the value of a stock.

2. Cost and asset-based methods: These take into account the company’s assets, value of assets and liabilities to determine the value of shares.

3. Mixed methods: They combine different approaches, taking into account both the value of the assets and future income.

The key concept is the stock’s intrinsic value (IVA), which may differ from the market price due to market imperfections. Stocks are:

• Undervalued (market price is lower than PAH) – worth buying.
• Overvalued (market price is higher than PAH) – worth selling.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Stock valuation boils down to determining the value of a company, also known as its intrinsic value. The value of a single share is obtained by dividing the value of the company by the number of shares outstanding. For new share issues, the arithmetic or weighted average of the number of shares outstanding at the beginning and end of the reporting period is used.

The basis for company valuation is to take into account two values:

1. Company assets.

2. The company’s ability to generate future profits (goodwill).

Business valuation methods are divided into four groups:

1. Income methods – based on forecasting the company’s future income, updated as of the valuation date.

2. Cost- and asset-based methods – focus on valuing a company’s assets.

3. Comparative methods – based on market values of equity and debt.

4. Mixed methods – combine elements of the income and asset approaches.

Income-based valuation methods are based on forecasting the financial benefits a company can generate for its owner. Key steps include determining the company’s ability to generate income and forecasting this income in the future. These valuation methods include the discounted cash flow method , future earnings valuation, and dividend-based methods.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _D – income value of the enterprise being valued
• W _P – capital inflows in the nature of returns to investors
• W _W – capital expenditure of investors for the enterprise
• D _D – dividends
• D _I – other income of investors related to owning the enterprise
• q – discount factor
• t – years

The formula presented above is considered the only true one, although its practical implementation is unlikely. Therefore, solutions are used to simplify the general value formula.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• P – value of an ordinary share
• C _t – income from owning shares obtained in the t-th period
• r – required rate of return of the investor
• n – number of share holding periods

Income from owning common stock comes from two sources:

• changes in the share price during the investment period
• dividends (or other income, e.g. from subscription rights) obtained during the investment period

The disadvantage of this model is the difficulty of estimating future changes in the dividend and share price on the stock exchange.

In the case of an investor holding shares indefinitely, the formula becomes:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

The dividend growth rate is crucial for stock valuation using the discounted dividend model. In practice, the Gordon-Shapiro model is most commonly used. In addition to estimating the required rate of return, there is also the issue of determining the dividend growth rate, denoted by g. Typically, past data is used and the formula: g = r _t r _e ,

Where:

• r _t – retention ratio calculated as the share of retained earnings in the company’s total profit
• r _e – rate of return on retained earnings, determined e.g. by the ROE (Return On Equity) ratio

The discounted dividend model, presented in formula (III), does not account for the fact that the value of a dividend received in the distant future is more uncertain than the value of a dividend received in the near future. This fact should be reflected in the stock valuation model.

One indirect way to account for this fact is to assume that the required rate of return is not constant but increases over time. This will cause the value of the dividend in subsequent periods to be reduced even more than would be implied by the time value of money at a constant interest rate. This reduction reflects uncertainty. The result is a model (called Gordon’s “bird in the hand” model ) , which is a generalization of the discounted dividend model:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

The discounted cash flow (DCF) method is one of the most popular business valuation methods, which is based on the future cash flows generated by the company. Cash flow (Cash flows reflect the cash flows between the company and its environment (suppliers, customers, employees), excluding owners. If these cash flows are positive, they can be reinvested or paid out as dividends; negative cash flows require the use of reserves, which leads to a decrease in the company’s assets.

The DCF method assumes that a company’s value is equal to the sum of future, discounted cash flows available to equity holders. It comprises free operating cash flow (FOCF) and non-operating free cash flow (NCF), which together constitute free cash flow (FCF). Non-operating assets and residual value are added to this, leading to an estimate of the company’s gross value. After subtracting the market value of debt, we obtain net value, or the intrinsic value of equity.

One of the key elements of the DCF method is the discount rate, which is most often determined based on the weighted average cost of capital (WACC). Cash flows are forecasted for several years, after which a residual value is calculated, which takes into account the company’s future earnings after the forecast period ends.

Although the DCF method is widely used in business valuation, including during mergers and acquisitions, it has its drawbacks. Forecasting future cash flows and adopting an appropriate discount rate can be difficult and risky.

Fundamental analysis also uses other metrics, such as P/E ( price -to- earnings ratio), P/BV, P/S, P/CF, and D/S. These metrics help investors evaluate a company in comparison to its competitors and market trends.

Approaches such as EVA (Economic Value Added), which measures residual income after covering all costs of capital, and SVA (Shareholder Value Added), which focuses on the added value for shareholders resulting from investments exceeding the cost of capital, are also used to value companies.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Cost-based and asset-based methods, the oldest in the history of valuation, rely on assessing the value of a company’s assets, i.e., its assets less liabilities. This value is referred to as the company’s net asset value. These methods focus on analyzing net assets, i.e., the difference between total assets and debt.

The most important methods in this group include:

1. The balance sheet net asset valuation method measures equity based on the balance sheet, as the difference between assets and liabilities. This value often underestimates the true market value of a company, particularly its ability to generate profits. The market value of intangible assets, such as patents, licenses, or trademarks, can differ significantly from their book value.
2. The adjusted net asset method is a more advanced version of the balance sheet method. Here, the net asset value is adjusted for items whose balance sheet value requires updating. This takes into account, for example, differences between the book and market values of fixed and current assets.

These methods, despite their simplicity, often do not reflect the full market value of a company, especially in the context of its ability to generate future profits.

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _P – company value
• A – carrying amount of assets (property components)
• K _A – adjustment to the carrying amount of assets
• P _O – external liabilities (carrying amount of external liabilities)
• K _Po – adjustment of the carrying amount of external liabilities

• The replacement method – informs about the amount of expenditure that must be incurred to recreate the existing potential in a given company.

The value of an enterprise using this method is calculated based on the formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• Wp – enterprise value,
• W _A – carrying amount of assets,
• △ _C – the difference between the amount of expenditure that must be incurred to create a new material potential and the balance sheet value of the assets,
• U _M – degree of technical wear and tear expressed by the degree of depreciation of assets.
• Liquidation method – allows us to answer the question of what net proceeds the company’s owners would have achieved if they had decided to liquidate it at the time of valuation.

In this method, the value of the company is calculated according to the following formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W _p – enterprise value,
• W _LA – liquidation value of assets (the sum of funds that can be obtained from the sale of individual assets),
• Z – balance sheet monetary liabilities to be repaid,
• K _L – liquidation costs.

The method of valuing a company based on its asset value involves several difficulties:

1. Valuation of assets, especially intangible assets, is complicated.
2. The approach of treating a company as the sum of its components ignores the connections between them, which can lead to an incomplete assessment of value.
3. Focusing on asset replacement costs, rather than potential benefits, limits the valuation perspective.

Mixed methods combine asset and income approaches, assuming that the value of a company depends on both its assets and its ability to generate income.

The general concept of this relationship is expressed by the formula:

Source: Valuation Methods | Brokerage House of Bank Ochrony Środowiska (bossa.pl)

Where:

• W – enterprise value
• W ^M – property value
• Z – standardized annual profit
• r – capitalization rate
• a – weight factor

The most well-known mixed methods are:

1. Average value method – combines the asset and income approaches to obtain the average value of the company.
2. Additional profit methods – these include, among others, the year’s method purchase, Stuttgart and UEC, which are based on the additional profit of the company.
3. Methods of valuing unprofitable companies – such as the Schnettler method and methods taking into account badwill, which refer to companies generating losses.

Choosing the right method depends on several key factors:

• purpose and function of valuation,
• perspectives of the valuation entity,
• the economic situation of the enterprise,
• socio-economic conditions in the region where the company operates.

Stock valuation is crucial for investors to assess whether a stock is expensive or cheap. Stock analysts use various methods to perform this valuation and create recommendations, such as “buy” or “sell.” The main valuation approaches are income, comparative, and asset-based.

Income-based valuation methods focus on assessing a company’s future financial health, assuming that its value depends on future cash flows. Analysts forecast future earnings, revenues, and dividends, which allows them to estimate the stock’s value. The more accurate the forecasts, the more reliable the valuation. An example is the future dividend valuation method, which is based on the value of dividends the company will pay to investors.

Comparative methods involve analyzing ratios such as price to earnings per share (P/E) or price to book value (P/BV). These ratios are compared to other companies in the same industry, allowing us to determine how a given company’s stock compares to its competitors. Choosing the right companies for comparison is crucial, as discrepancies can distort valuation results.

Asset-based valuation methods are based on valuing a company’s assets less liabilities. This is the simplest approach, although it has been criticized for failing to consider the company’s ability to generate future profits. In some cases, a liquidation valuation is used, which estimates how much money shareholders would receive in the event of a company liquidation.

When analyzing stock valuations, it’s worth considering not only analyst recommendations but also carefully examining the company’s development plans and forecasts for the industry it operates in. This will help you better understand investment prospects.

When it comes to valuing shares on the balance sheet date, an entity that has not adopted micro status is entitled to more flexible asset valuation methods. According to the Accounting Act, micro entities must value their assets and liabilities at historical values, i.e., at purchase price, which excludes the possibility of using market value. To achieve micro status, an entity would have to decide to prepare simplified financial statements.

Since the entity in question did not opt for simplifications, it has the option of valuing shares classified as long-term assets in accordance with Article 28, Section 1, Item 3 of the Act. This means that financial assets should be valued at purchase price, with the option of revaluing to market value. If the value of the shares increases, this difference can increase the revaluation reserve, whereas if the value decreases, the effects of this action will have to be recorded as financial costs.

This approach allows an entity to adjust its share valuation to current market prices, which facilitates a more accurate representation of asset values in financial statements. This is crucial for making informed investment decisions based on realistic data about the value of shares held.

Valuing shares on the balance sheet date is a complex process that depends on their classification as short-term or long-term financial assets. For both categories, in accordance with the Accounting Act, shares are valued at purchase price less impairment losses or at fair value, which translates to market valuation.

Shares are issued by joint-stock companies and provide investors with property rights (e.g., the right to dividends) and non-property rights (e.g., the right to vote at the general meeting). The Act defines investments as assets acquired for the purpose of achieving economic benefits, which includes both appreciation in value and dividend income. Shares qualified for investment are classified according to their intended holding period: short-term (sale within 12 months) or long-term (sale after that period).

Pursuant to Article 28, Section 1, Item 3 of the Accounting Act, shares should be valued at cost or fair value no less frequently than on the balance sheet date. Costs associated with the purchase of shares, such as brokerage commissions, are included in the purchase price, while other costs, such as investment analyses, are classified as operating expenses.

If the value of shares changes, a revaluation must be performed on the balance sheet date. An increase in the value of shares to the market price increases the revaluation reserve, while a decrease in value reduces this reserve if the difference has not been previously settled. Otherwise, the effects of the decrease in value are recognized as financial expenses.

The examples illustrate the valuation principles. In the first case, the company holds shares with a market value below the acquisition price; the valuation effects are recognized as write-downs. In the second case, when the market value of the shares increases, the valuation effects are recognized as financial income.

The classification of shares as short-term or long-term financial assets influences their valuation. Entities that cannot or do not wish to apply detailed valuation principles can use the general provisions of the Accounting Act, which is advantageous for small entities.

Selling or buying a company is a process that requires precise decisions based on reliable data.

The Importance of Company Valuation

Company valuation is crucial in the context of purchases, sales, mergers, acquisitions, and tax procedures. This process includes analysis of the company’s financial condition, sector potential, customer structure, resources, and growth opportunities. A professional valuation increases the chances of attracting buyers and allows for informed investment decisions.

Valuation Methods

1. Income Method (DCF):
   1. It is based on future cash flows.
   1. Considered one of the most reliable methods, it uses financial forecasts and analyzes the company’s risk.
2. Market-Transaction Method:
   1. Compares the valued company with similar ones using market ratios (e.g. P/E, P/BV, EV/EBITDA).

Valuation Process:

1. Selecting the Valuation Objective:
   1. Key to further proceedings and method selection.
2. Data Acquisition:
   1. Collecting relevant information regarding the business model, finances and market environment.
3. Creating a Report:
   1. It includes a detailed analysis and valuation, as well as answers to customer questions.

DCF Valuation – Stages

• Business model analysis.
• Micro-environment and market research.
• Preparation of a financial model.
• Financial analysis and macroeconomic indicators.
• Valuation summary and report preparation.

Valuation Report

Contains:

• Valuation assumptions.
• Methodology.
• Key company data.
• Detailed financial analyses.
• Estimated value of the company and justification.

For a proper valuation, there need to be considered the following aspects:

• Do they have extensive experience in transaction advisory?
• Is it possible to adapt activities to individual needs?
• High quality and reliable valuations – what exactly does it look like?
• Identification of risks related to transactions – whether they are identified, and even more so whether the detection is carried out reliably.

Valuing a company’s shares based on the daily price and the six-month average is a key consideration in investment analysis and speculation. Each of these valuation methods has different applications and implications for investment decisions.

The spot price is the current market price of a stock, which reflects current market sentiment and reaction to news. Investors who follow the spot price typically have a more short-term perspective. This valuation method is preferred in situations where a dynamic response to market changes is important, such as during a day trading or short-term speculation.

Daily price / current price:

– It reflects current market conditions such as company news, macroeconomic changes, political decisions, and speculation.

– It is more volatile and can be susceptible to manipulation in the short term, which is important in the context of speculation.

– Used in transactional valuation, i.e. when selling or buying shares, where the current price is important.

Average price for half a year ( average Price ) is a method that smooths out short-term volatility and allows to take a longer-term view of a stock. It is a more conservative approach, often used in longer-term valuations, such as in financial reports or when assessing a company’s fundamental value.

Half-year average:

• It provides a broader market perspective, which means that investment decisions are based on more average data, which can reduce the risk of making decisions based on momentary price fluctuations.
• Minimizes the impact of short-term anomalies, such as one-off events affecting the stock price (e.g., crises, quarterly results).
• It may be a more stable indicator for long-term investors, pension funds or M&A transaction valuations.

Speculation and practical applications

From a speculator’s perspective, the choice between the daily price and the six-month average directly impacts investment strategy. Here are some examples:

• The daily price is ideal for short-term speculation, where investors try to capitalize on market volatility. Decisions based on this price are quick and responsive to current changes, increasing profit potential but also increasing risk.
• The six-month average is more appropriate for long-term investments because it minimizes the risk of momentary price fluctuations. This method is often used by investors who want to avoid short-term volatility.
• Speculators can manipulate the market based on the difference between the daily price and the six-month average. For example, they can push up or down stock prices for a short period of time, triggering reactions from investors who base their decisions on current prices.

Arbitrage – Investors can profit from differences in stock valuations based on the divergence between the current market price and its historical average, a common strategy among hedge funds.

When should a company’s shares be valued at the current price and when at the six-month average?

Valuing a company’s shares is a key element of market analysis, and choosing the right method influences investment results and strategic decisions. In practice, we most often encounter two approaches: valuation at the daily price (known as the market price or current price) and valuation at the six-month average. Each of these methods has its specific applications, and the choice depends on the investment context and the desired goal.

Valuation of shares at the current price

The daily price, also known as the spot price, reflects the current market valuation of a stock at a given moment. It is the price at which shares are bought or sold during a trading session.

Applications:

1. Short-term speculation:
2. Speculative investors often use the daily price because it is the most accurate and reflects the current state of the market.
3. Quick reaction to changes in stock prices allows speculators to take advantage of sudden price spikes to make profits.
4. Decisions based on current price are often correlated with technical analysis, trend indicators and market analysis tools.
5. Investment portfolio valuation:
6. In actively managed portfolios, where investors frequently trade, the daily price is the primary parameter for valuing assets. In such cases, quick adaptation to changing market conditions is crucial.
7. Settlement of stock exchange transactions:
8. For the settlement of purchase and sale transactions on the public market, the daily price is the basis for calculating the transaction value and commission.

Disadvantages and risks:

1. High volatility: Daily prices are susceptible to changes due to speculation, investor sentiment, and macroeconomic events. This can lead to wild fluctuations, making long-term forecasting difficult.
2. Emotional decisions: Investors, observing current price movements, may make decisions influenced by emotions, which leads to incorrect investment steps.

Share valuation at the half-year average

The six-month average price measures the average value of a stock over a specified period, which helps smooth out market volatility. This method is particularly useful for minimizing the impact of short-term market fluctuations on investment decisions.

Applications:

1. Long-term investing:
2. For long-term investors, a valuation based on a six-month average provides a more stable picture of the company’s value, avoiding sudden fluctuations.
3. The average price allows to better assess a company’s fundamentals while avoiding short-term market disruptions such as sudden corrections, political events, or other factors that may temporarily impact prices.
4. Planning the company’s strategy:
5. For company management or financial advisors, average-based valuation is useful for long-term planning and growth analysis. It offers a more balanced approach, helping assess financial health without being influenced by short-term fluctuations.
6. Valuation of management options and bonuses:
7. When executives are compensated through stock options, the average price is fairer because it eliminates the element of speculation and is more reflective of the long-term success of the company.

Disadvantages and risks:

• Limited response to changes: Using an average price can delay the response to dynamic market changes. This can lead to over- or underestimation during significant events, such as economic changes or mergers and acquisitions.
• Averaging: A valuation based on the average can mask serious problems for a company if the market currently values it significantly lower. This approach does not always reflect market reality.

Speculation and valuation – practical aspects

Choosing between the daily price and the six-month average price can also be a speculative strategy. Speculators, familiar with market dynamics, can use different valuation methods depending on their goals.

Short-term play: When a stock is trading at its current price, speculators may try to capitalize on short-term fluctuations, allowing them to make a quick profit at high risk.

Long-term speculation: Valuation at the six-month average can be used for more conservative speculation, where the investor hopes that the market price will return to the historical average.

Conclusions

Valuing stocks at the daily price and the six-month average are tools used in various investment contexts. The daily price is crucial for speculators and short-term investors, while the six-month average price is preferred for long-term investors, where stability is paramount. Choosing the right method depends on your investment goals, risk, and attitude toward market volatility.

Mark -to-market valuation of a company’s shares is a method of determining the value of assets (including shares) based on their current market price. This type of valuation has many applications in economics and finance, and the decision to use it depends on specific market conditions and the objectives of investors and fund managers.

Here are the main economic aspects to consider when analyzing the valuation of a stock at its current price:

1. Transparency and ongoing market value assessment

Daily price valuation provides the most up-to-date assessment of a company’s stock value. This is useful when:

• You want to know the exact value of your investment portfolio.
• You follow current market changes, which may influence your decisions to buy or sell shares.
• You analyze the current state of the market for management purposes, e.g. in investment funds or capital reserves.

• Application in short-term investment strategies

Daily price pricing is particularly important for speculators and short-term investors. It’s linked to dynamic share price movements, allowing for:

• Quick response to changing market conditions.
• Using day trading, swing trading or other short-term investment techniques that require quick decision-making based on current prices.
  • High volatility and market risk

High market volatility means that stock prices can change rapidly, which impacts investment decisions. Investors who use the price of:

• They can better adapt their decisions to current changes and reduce the risk of losses resulting from sudden price drops.
• However, they must be prepared to take higher risks arising from these fluctuations, which may lead to the need to monitor their investments more frequently.

• Financial reporting and regulations

Daily valuation is often required for asset valuations for financial reporting purposes, particularly by financial institutions such as investment funds and pension funds. Using this valuation method allows for:

• Better transparency for investors and regulators.
• Real-time assessment of the true value of assets.

• Comparison with long-term valuation (e.g. after a six-month average)

For long-term investments, daily valuation may not be appropriate because:

• It can introduce large fluctuations in portfolio value over short periods that do not reflect long-term trends.
• Long-term investors may prefer to value the stock at a six-month average, which helps mitigate the impact of short-term market movements and better reflect the company’s long-term potential.

• Speculation and valuation stability

For speculators looking to maximize profits in the short term, intraday pricing is more useful. It allows them to:

• Immediate response to market events, such as company financial results, macroeconomic or political changes.
• But it also carries greater risk due to sudden, unpredictable price changes.

In general, daily stock valuation is crucial when a current, market-based assessment of a stock’s value is needed. It is particularly useful for short-term investors and speculators who capitalize on dynamic market movements. However, its use also involves higher risk and greater volatility of asset values.

Examples of using daily price pricing can help illustrate how different approaches to this method impact investment decisions and portfolio management. Here are some specific examples from different markets and strategies:

1. Short-term speculator in tech stocks

Let’s assume an investor focuses on technology stocks such as Apple, Amazon, or Tesla, which are often characterized by high price volatility.

Example:

An investor buys Tesla stock on Monday morning at $240 per share. Later in the day, news breaks that Tesla is launching a new electric car model with revolutionary technology. Tesla’s share price jumps to $270 by market close.

By valuing the shares at the daily price, the investor can immediately estimate the profit:

Purchase price: $240

Closing Price: $270

Earnings per share: $30 ($270 – $240)

The investor decides to sell the stock at the end of the day, realizing an immediate profit. In this case, the daily price allowed him to react quickly to new information and realize a profit in the short term.

2. Investment fund monitoring portfolio daily

Investment funds, especially those managing highly liquid assets, often use overnight pricing to keep investors informed about the value of their portfolio.

Example:

The investment fund holds shares of several large companies from the S&P 500 index, including Microsoft, Apple, Alphabet (Google), and Johnson & Johnson. Following Apple’s quarterly earnings announcement, the company’s share price fell 5% overnight.

At the end of the day, the fund must mark -to-market all of its assets:

Apple shares fall from $190 to $180.

Microsoft shares rise from $300 to $305.

Other shares remain stable.

The fund’s management may inform its investors that the value of the portfolio has changed as a result of the decline in Apple prices, which may influence decisions on possible adjustments to the fund’s strategy.

3. Management of financial reserves by the company

For large companies that hold shares as part of their financial reserves, day-of valuation allows for accurate monitoring of the value of those reserves and for making management decisions.

Example:

The company has a $10 million investment in shares of energy company ExxonMobil . As a result of the changes in the oil market, ExxonMobil’s share price is down 3% on the day.

Portfolio value at the beginning of the day: $10 million

3% share price drop: $10 million * 0.03 = $300,000

End-of-day portfolio value: $9.7 million

Thanks to the day’s valuation, the company’s management knows that the value of the reserves has decreased by USD 300,000, which may prompt the company to decide to sell the shares or hedge against further declines, for example through derivatives.

4. Asset management in high volatility conditions

Investors who trade in highly volatile markets, such as cryptocurrency markets , often rely on day-of-the-day pricing.

Example:

An investor buys Bitcoin on Monday morning for $20,000. During the day, the price of Bitcoin rises to $22,000, but by the end of the day, it falls back to $19,500.

Purchase price: $20,000

Closing Price: $19,500

Loss per unit: $500 ($20,000 – $19,500)

An investor who values the price daily can decide whether to hold Bitcoin for an extended period (hoping for a trend reversal) or minimize losses and sell at closing. High volatility in the short term is a risk that investors must consider.

5. Regulations on the valuation of financial assets

Regulated pension and insurance funds often need to use spot pricing to provide current data on their investment portfolios to regulators.

Example:

The pension fund has 20% of its assets in healthcare stocks. Due to changes in drug reimbursement regulations, the share price of the pharmaceutical company Pfizer is falling 6% in a single day.

The fund must update its financial statements at the end of the day:

Pfizer stock value before the drop: $5 million

6% decrease: $5 million * 0.06 = $300,000

Value after probate: $4.7 million

In accordance with regulatory requirements, the fund must immediately update its reports and inform the supervisor of changes in the value of its assets.

Summary

In each of these examples, daily pricing enables rapid response to market changes. This is useful for portfolio management in volatile and speculative environments, as well as for asset monitoring by companies and funds that need to provide current information to investors and regulators.

Let’s look at each example in more detail, expanding on market mechanisms and practical implications.

1. Short-Term Tech Stock Speculator

Details:

Short-term speculators, also known as day traders operate in highly volatile markets, such as the technology sector. These types of investors rely on intraday price movements, reacting to news that can suddenly change the value of a stock. In the Tesla example above, the sudden announcement of a new car model with advanced technology triggered a rapid increase in demand for the company’s shares.

Economic explanation:

Short-term market valuations: In this situation, the stock price is directly influenced by newly emerging information and the immediate market reaction. Investors try to predict how a given event will affect the company’s future earnings and, consequently, the value of its shares.

Market psychology: Short-term speculators often use technical analysis tools (charts, indicators) to track trend direction. When Tesla announces a new product, the price increases are linked to expectations of increased sales and profitability for the company.

Timing: Daily pricing is key because the investor needs to know the exact value of their assets in real time to decide when to sell the shares and take a profit.

2. Investment fund monitoring portfolio daily

Details:

Investment funds that manage stock portfolios for individual and institutional investors must report the value of their portfolios on an ongoing basis. If a fund holds a variety of stocks, such as Microsoft, Apple, or Alphabet, earnings announcements can trigger changes in their valuations.

Economic explanation:

Mark-to-market: Investment funds must value their assets based on current market prices. This regulatory requirement allows investors to track the fund’s value on an ongoing basis. In the event of price volatility resulting from quarterly earnings releases, as in the Apple example, the value of the fund’s portfolio can change significantly.

Risk management: Changes in the value of individual company shares require portfolio managers to make decisions about whether to sell, buy, or rebalance their portfolio to minimize losses or maximize gains.

Investor Communication: Investors in mutual funds are kept up-to-date on the value of their shares. If the price of a stock, such as Apple, falls by 5%, fund managers must provide investors with information about the decline in the value of their shares, which may influence investors’ decisions about whether to continue investing in the fund.

3. Management of financial reserves by the company

Details:

Companies often hold investment portfolios as part of their financial reserves. By investing excess capital in stocks or other financial instruments, the company must monitor the value of these investments in real time to make appropriate financial decisions.

Economic explanation:

Liquidity Control: For large companies, the value of their investment portfolio directly impacts their cash flow and operating reserves. A 3% decline in ExxonMobil’s stock price reduces the value of their reserves, which can impact their ability to invest in other projects or meet current liabilities.

Diversification Strategy: Companies often diversify their portfolios by investing in different sectors (energy, technology, healthcare, etc.) to minimize the risk of a single sector declining in value. However, daily valuation provides them with a picture of how price changes in one segment impact their overall financial reserves.

Managing losses and gains: If there are significant declines in the value of shares, the company may decide to sell assets to realize capital losses (which may have tax benefits) or to protect itself against further declines.

4. Asset management in high volatility conditions

Details:

In highly volatile markets like cryptocurrencies , overnight pricing is a key tool for monitoring portfolio value and making quick investment decisions.

Economic explanation:

High volatility: The cryptocurrency market is characterized by significant price fluctuations over short periods. Investors purchasing Bitcoin can see its value fluctuate by several percent in a single day. By valuing it at the daily price, they can continuously monitor whether their investment is generating profits or losses.

Risk Management: High volatility also means high risk. Investors must react quickly to changing market conditions, for example, by selling assets when their value falls below a certain threshold (e.g., $19,500 in the example). Daily pricing allows for immediate action, which is crucial in such a dynamic environment.

Cryptocurrency investors often use short-term strategies like day trading or swing trading to capitalize on short-term price fluctuations. Daily pricing is an essential tool for monitoring the value of an investment and making buy or sell decisions.

5. Regulations on the valuation of financial assets

Details:

Regulated pension and insurance funds must use spot pricing to provide regulators and investors with current asset values.

Economic explanation:

Regulatory: Pension and insurance funds are required to report the value of their assets on an ongoing basis to ensure they have sufficient resources to cover future liabilities. Daily valuation provides them with an accurate picture of their portfolio’s value on a given day, which is crucial for meeting regulatory requirements.

Risk management: When a pension fund invests in stocks, such as those in the healthcare sector, and there is a 6% decline in Pfizer shares, the fund must update the portfolio value and potentially adjust its investment strategy to minimize the risk of further losses.

Transparency for investors: These funds must provide current information about the value of their assets to their clients. As stock market prices fluctuate, daily valuation ensures that investors and fund clients are informed about the current value of their investments.

Each of these examples demonstrates the importance of monitoring stock prices on an ongoing basis, especially in times of high volatility or regulatory constraints. Daily pricing allows for quicker responses to market changes, risk management, and better investment decision-making.

Analyzing a company’s stock valuation using the six-month or annual average price has many practical applications, particularly in the context of long-term investment decisions, assessing a company’s financial health, and risk management. Using the average price allows for a more balanced assessment of a stock’s value by eliminating the impact of short-term price fluctuations. Let’s look at a few situations when this method is worthwhile.

When do we use the half-year (or yearly) average price for stock valuation?

1. Fundamental analysis of long-term trends

In long-term fundamental analysis, the average share price over six months (or longer) is used to assess a company’s overall financial health and growth potential. Instead of focusing on short-term fluctuations, which may be the result of speculation or short-lived events, the average price provides a more stable picture.

Example: An investor is analyzing a company in the energy sector, which is subject to periodic fluctuations in commodity prices. Using the average price over the past six months, they can assess whether the company’s value is growing steadily or is subject to cyclical fluctuations. The average price allows them to assess whether the current trend (upward/downward) is part of a larger, long-term picture or a short-term anomaly.

Economic explanation:

Balancing fluctuations: The six-month average price allows investors to ignore momentary fluctuations that may be the result of speculation, unexpected news, or seasonal changes.

Assessing Long-Term Trends: A company’s value should be assessed based on its performance over the long term. The average price better reflects the overall direction of a company, as opposed to sudden spikes or declines.

2. Risk management by financial institutions

Banks and pension funds often use average stock prices to reduce the impact of short-term fluctuations on their portfolios. This allows them to better plan long-term investment strategies and protect themselves from excessive risk.

Example: A pension fund invests in shares of large, stable companies. Using the average share price over a six-month period, the fund can monitor the stability of its investments, reducing the risk associated with temporary fluctuations, such as those caused by speculation or temporary stock market declines. This helps avoid panic-driven investment decisions.

Economic explanation:

Portfolio stability: Pension and investment funds have long-term commitments to their investors. Analyzing average prices over a longer period allows for more stable asset management.

Avoiding overreactions: Using price averages reduces emotional or momentary market events that can lead to unsuccessful investments.

3. Calculating value for long-term transactions (e.g. acquisitions, mergers)

The average share price is also often used in calculations in mergers and acquisitions. A stock’s value based on an average price over six months or longer is more representative than the daily price, as it eliminates momentary fluctuations that can result from market sentiment.

Example: Company A plans to acquire Company B. Instead of basing the valuation on the current share price, which may be inflated by takeover rumors, the parties may agree to a valuation based on the average share price over six months to achieve a fairer deal value.

Economic explanation:

Representativeness: The average price better reflects the true value of a company over the long term, especially when the current share price may be inflated or deflated by speculation.

Minimizing risk: Using an average price eliminates the impact of short-term fluctuations, which is important for large transactions such as acquisitions or mergers where the stakes are very high.

4. Assessment of investment attractiveness in low-liquidity markets

In illiquid markets, where stock prices can fluctuate significantly over short periods, using the six-month average price helps investors assess how stable a company is. This can be especially important for small companies whose shares aren’t traded frequently.

Example: An investor is considering buying shares of a small company in the local market. Because the number of transactions is low, the share price often fluctuates due to single, large transactions. By analyzing the average price over six months, the investor can gain a more objective picture of the company’s value.

Economic explanation:

Avoiding the Impact of Low Liquidity: In low-liquidity markets, single trades can cause large price swings. Average prices over a longer period provide a better understanding of a stock’s true value by eliminating the impact of small, individual trades.

Reliable risk assessment: Average-price pricing gives investors greater certainty about the value of their investment, especially in less liquid and riskier environments.

5. Assessment of value for tax and accounting purposes

In some cases, particularly for companies and funds, valuing shares based on the six-month average price may be used for tax or accounting purposes. This helps avoid value spikes that could impact tax liabilities or reported profits.

Example: A company has an investment portfolio and must reconcile its value for accounting purposes at the end of the year. Using the average share price over the six-month period avoids a situation where a high price on the valuation date would inflate the portfolio’s value, which could lead to higher tax liabilities.

Economic explanation:

Minimizing the effect of volatility: Average-price valuation eliminates the impact of one-time events that could disproportionately impact the portfolio value and tax liability of the company.

Reliable asset valuation: The average price is more representative for accounting purposes because it provides a more stable picture of the asset value over the long term.

Summary

Valuing stocks based on the six-month (or annual) average price is particularly useful when investors or institutions want to avoid the influence of short-term fluctuations on their decisions. This method is often used in long-term analysis, risk management, mergers and acquisitions, in illiquid markets, and for accounting and tax purposes. Choosing this valuation method allows for more balanced investment decisions and minimizes the risk of short-term market anomalies.

Artykuł Valuation of company shares – analysis from the economic point of view pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

Dynamic technological advancements have led modern businesses to operate in ways unforeseen decades ago. Computerization, in particular, without which modern business operations are inconceivable, has effectively broadened the horizons of many entrepreneurs, while simultaneously leaving room for abuse by cybercriminals. The protection of data stored on companies’ internal servers has become crucial. It should be noted that despite the efforts of both EU and national authorities, new threats are emerging in the field of personal data protection law, which may lead to violations not only of general provisions on the protection of personal rights but also of many other legal disciplines, such as copyright. The unprecedented mass digitization of artistic works has resulted in the inclusion of records of paintings, photographs, films, music, architectural designs, and many other manifestations of creative activity as data. From this perspective, the phenomenon of data laundering takes on a unique character and carries with it new threats.

What is data laundering?

Data laundering essentially involves transforming stolen data so that it can be sold or used by ostensibly legitimate databases. For such transformation to be possible, an organization must first obtain the data illegally, either by fraud or theft via malware. The laundering process itself boils down to three stages:

1. Establishing an organization that will face relatively few restrictions related to data processing due to its use for non-commercial or scientific purposes. These are most often non-profit organizations.

2. Perform data manipulation operations using new technologies (for example, randomizers). The goal of these operations is to modify the data in such a way as to make it more credible to potential buyers.

3. Selling data to other businesses or making it available to for-profit organizations that will then use it for commercial purposes.

It can therefore be seen that the entire process aims to make illegally obtained data appear devoid of any suspicion regarding its origin. It is important to note that data laundering can have a significant impact on individual rights, as expressed not only in the Personal Data Protection Act but also in the Copyright and Related Rights Act.

A specific type of data laundering involves exploiting artists’ creative work. Specifically, it involves processing data containing information about a work without the required authorization, in such a way that its reuse would be unrecognizable to others.

Controversy over data laundering under copyright law

It is worth pointing out from the outset that processing data related to works, as defined by the Copyright and Related Rights Act, creates an entirely new work, the disclosure of which would not constitute a direct infringement of the author’s moral rights. This is problematic, as in this situation, it is difficult to define the boundary beyond which the author would be able to bring a copyright lawsuit and effectively pursue claims.

The problem of defining the limits of using someone else’s work to create an entirely new work has become particularly pressing with the development of AI-based tools. These tools operate on the basis of a database composed of multiple works—a crucial element for ensuring the effective functioning of such tools in the future. Therefore, it is impossible to deny the significant contribution of authors to the existence of such models, for which they receive no remuneration. The key question becomes: how did the organizations training the AI tool obtain this data?

Under Polish law, an artist can freely dispose of their rights to their work unless the law provides other restrictions. Therefore, if they grant a license to an organization using an AI tool, it does not constitute an infringement of the artist’s copyright, as, in accordance with the principle of freedom of contract, the artist may authorize the use of their work for the purpose of training an AI tool.

The problem arises, however, when it comes to so-called fair use, regulated in Articles 23-35 of the Copyright and Related Rights Act. These provisions are based on vague terms that require appropriate interpretation. In such a situation, it is necessary to examine the specific case based on the evidence collected. To date, there are no judgments in Poland that would establish a specific line of jurisprudence regarding fair use based on AI tools, but certain conclusions can be drawn from the rulings of foreign courts.

One of the rulings addressing the issue of fair use for someone else’s work that may impact the legal situation of organizations using AI-based tools is the U.S. Supreme Court ruling of May 18, 2023, in the case of Andy Warhol Foundation for the Visual Arts, Inc. v. Goldsmith et al. The Supreme Court emphasized that when determining the legality of fair use, the similarity between the original and secondary works is not the only factor that matters. The manner in which the resulting copy is used is also crucial – its use solely for research purposes or by a non-profit organization will be considered differently than if the direct or indirect purpose is to generate profit.

Another lawsuit, this time closely related to the use of AI-based tools to create new works based on a database containing information about existing, original works by artists, is Andersen et al. v. Stability AI Ltd et al. The lawsuit was filed by artists accusing three companies – Stability AI, Deviant Art, and Midjourney – using their works without the creators’ consent to train AI-based tools. According to the plaintiffs, the works created using these models are derivative of the artists’ original works and are essentially copies, the use of which constitutes copyright infringement. The main counterargument that the court will have to consider is the aforementioned fair use issue, because despite the artists’ position that the generated works are merely copies of existing works, the defendants will attempt to prove that AI-based tools create transformative results that differ significantly from the original works.

Conclusions

Data laundering in copyright law is a problematic phenomenon. The primary reason for this is the novelty of AI technology and the insufficiently precise legal provisions that could be applied to determine the legality of using works created using AI tools based on datasets containing information about the works of other creators. Undoubtedly, recognizing the dynamic development of AI, legislators should strive to shape regulations so that courts can issue the most equitable judgments possible. It cannot be denied that without artists’ contributions to their work, tools like Stable Diffusion would be unable to function due to the lack of sufficient data needed to train the model. At the same time, it is important to note the partially valid argument that the resulting work is not a copy in the strict sense of the word. Therefore, defining the boundaries of fair use is crucial in this matter, because without clear criteria, the market for tools generating works will remain a gray area, which is never desirable.

Artykuł Data laundering and the threat it poses under copyright law pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.

In an era of dynamic digital technology development and a growing number of cyberthreats, cybersecurity and personal data protection are becoming key aspects of how organizations operate in the European Union. New regulations, such as NIS2, DORA, AI Act, CRA, and eIDAS 2.0, combined with the current GDPR, create a comprehensive security system aimed at raising protection standards and ensuring greater transparency in data processing.

NIS2 and GDPR: Strengthening Data Protection and Incident Response

The Network and Information Security Directive (NIS2) is another step towards increasing the cyber resilience of entities operating in key economic sectors. In 2025, its implementation will require organizations to take a number of actions, including:

• Expanding security measures against cyberattacks,
• Introducing more rigorous incident reporting procedures,
• Strengthening cooperation between supervisory authorities and the private sector.

NIS2, in conjunction with GDPR (Regulation 2016/679), means that businesses will not only have to protect personal data more effectively, but also implement new procedures for risk management and auditing of IT security activities.

5 Things You Need to Know About NIS2

01 – Fines up to €10 million or 2% of total annual global turnover

02 – Expanded scope compared to NIS1, changing the way companies are classified and requiring more of them to comply with the directives

03 – Management staff is liable for violations and the authorities may suspend activities or functions

04 – Broad security risk management measures and shift to a risk-based approach

05 – Initial reporting of security incidents within 24 hours, further action within 72 hours, and final summary within 1 month

DORA: Cyber Resilience and Personal Data Security in Finance

DORA is the Regulation of the European Parliament and of the Council (EU) of 14 December 2022 on the digital operational resilience of the financial sector. This is another of many recent regulations concerning cybersecurity and the broadly defined security of information technology.

The Digital Operational Resilience Act (DORA) focuses on the financial sector, which is particularly vulnerable to cyberattacks. Key requirements imposed by DORA include:

• Testing the operational resilience of IT systems,
• Implementing risk management strategies based on threat analysis,
• Obligation to monitor and report digital incidents.

DORA applies to:

1. credit institutions;
2. payment institutions, including payment institutions exempted under Directive (EU) 2015/2366;
3. providers of account information access services;
4. electronic money institutions, including electronic money institutions exempted under Directive 2009/110/EC;
5. investment companies;
6. crypto-asset service providers,
7. central securities depositories;
8. central counterparties;
9. trading systems;
10. transaction repositories;
11. alternative investment fund managers;
12. management companies;
13. information sharing service providers;
14. insurance and reinsurance undertakings;
15. insurance intermediaries, reinsurance intermediaries and ancillary insurance intermediaries;
16. institutions of occupational pension programs;
17. rating agencies;
18. administrators of critical benchmarks;
19. crowdfunding service providers;
20. securitization repositories;
21. external ICT service providers.

In the context of GDPR compliance, financial institutions must ensure adequate security measures to protect customer data against unauthorized access and information leakage. GDPR also mandates cooperation with cloud service providers and external IT operators, which requires thorough verification of their security standards.

Article 33 of the DORA Directive requires personal data breaches to be reported without undue delay, and within 72 hours where possible. In the event of a delay, an explanation of the reason for the delay must be included.

AI Act and GDPR: Managing Artificial Intelligence and Data Protection

The AI Act regulations classify AI systems according to risk level and impose obligations on entities that implement them. In the context of data protection, the AI Act requires:

• Transparency of artificial intelligence algorithms and mechanisms,
• Possibilities of controlling and auditing decisions made by AI,
• Compliance with the principles of data minimization and limitation of the processing purpose.

Companies that use AI to process personal data will have to meet stringent GDPR requirements, giving users greater control over their information and minimizing the risk of abuse.

CRA: Cyber Resilience Act – Security of Digital Products

The Cyber Resilience Act (CRA) introduces obligations related to the security of digital software and hardware. Its key requirements include:

• Designing secure digital products,
• Monitoring vulnerabilities and updating them regularly,
• Manufacturers’ responsibility to ensure continued safety throughout the product life cycle.

CRA aims to increase cybersecurity across the entire digital ecosystem, minimizing the risk of attacks based on device and application vulnerabilities.

eIDAS 2.0: Strengthening digital identification

The amendment to the eIDAS (electronic IDentification, Authentication and trust Services) regulation – known as eIDAS 2.0 – introduces a European digital identity wallet that:

• Allows citizens to securely store and share their identity data,
• It enables public and private institutions to provide secure online services,
• Strengthens authentication standards in digital transactions.

In conjunction with GDPR, eIDAS 2.0 improves users’ control over their identity data and increases the security of online transactions.

Challenges and benefits of new regulations

Adapting to new regulations poses numerous challenges for companies, including:

• The need to invest in modern security systems,
• Employee training in cybersecurity and data protection,
• Implementation of effective incident monitoring and reporting mechanisms.

However, the new regulations also bring numerous benefits, such as:

• Better protection of customer data and greater trust in the organization,
• Increased resistance to cyber attacks,
• Possibility to avoid high fines for violating data protection regulations.

The impact of new regulations on small and medium-sized enterprises (SMEs)

New regulations such as NIS2, DORA, AI Act, CRA, and eIDAS 2.0 can pose challenges for small and medium-sized enterprises (SMEs). Implementing these regulations requires investment in modern security systems and employee training in cybersecurity and data protection. SMEs may face challenges related to limited financial and human resources, which can make it difficult to fully comply with the new requirements.

However, compliance with these regulations also brings benefits, such as better protection of customer data, increased trust in the organization, and the ability to avoid significant fines for violating data protection regulations. Therefore, it is worthwhile for SMEs to consider partnering with external IT service providers and cybersecurity specialists to effectively implement the required security measures.

The future of cybersecurity in the EU

In the coming years, we can expect further development of regulations regarding cybersecurity and personal data protection. The European Union will continue to work on strengthening the legal framework to address growing cyber threats and ensure a high level of data protection. Organizations will need to be prepared to continuously adapt to new requirements and invest in modern security technologies and procedures.

Summary

In 2025, organizations will have to comply with a range of regulations regarding cybersecurity and personal data protection. NIS2, DORA, AI Act, CRA, and eIDAS 2.0, combined with the GDPR, create a modern legal framework aimed at improving data protection and increasing resilience to cyber threats across various economic sectors. Implementing these regulations will be a challenge, but also an opportunity, to build a more secure and digitally resilient business environment in the EU.

Artykuł Cybersecurity and GDPR Compliance in 2025 pochodzi z serwisu KIELTYKA GLADKOWSKI LEGAL | CROSS BORDER POLISH LAW FIRM RANKED IN THE LEGAL 500 EMEA SINCE 2019.