A Kraków-based IT services company issues 400 invoices a month. Its finance team assumes that because the firm already uses accounting software, KSeF compliance is automatic. The first penalty notice arrives three months after the mandatory go-live date. The surcharge runs to tens of thousands of zlotys – and that figure compounds with every billing cycle missed.
Under Polish tax legislation, the Krajowy System e-Faktur (National e-Invoice System, KSeF) became mandatory for VAT-registered businesses from 1 February 2026. Failure to issue invoices through KSeF, or issuing them with structural errors, triggers financial penalties calculated as a percentage of the invoice value. The penalty floor is 50% of the VAT shown on a non-compliant invoice, and in some cases the surcharge reaches 100% of that VAT amount.
This guide walks through four areas: how the penalty formula works, which businesses face the highest exposure, what operational steps reduce risk before and after go-live, and how three distinct business profiles – manufacturing, IT, and foreign investor – should calibrate their response. Readers who have already reviewed the cross-border implications of KSeF for French-market operations will find this guide a practical companion on the domestic compliance side.
How are KSeF penalties calculated?
The penalty mechanism is straightforward in design but punishing in practice. Polish tax legislation sets two penalty tiers. The first tier – 50% of the VAT amount on the non-compliant invoice – applies when a business issues an invoice outside KSeF in circumstances where the system was available. The second tier – 100% of that VAT amount – applies when no invoice is issued at all, or when the invoice is issued in a way that prevents the tax authority from matching it to a transaction.
Each invoice is assessed separately. A company issuing 300 invoices per month, each carrying PLN 2,300 in VAT, faces a theoretical maximum monthly exposure of PLN 690,000 at the 100% rate. That figure is not hypothetical – it reflects the arithmetic the Krajowa Administracja Skarbowa (National Revenue Administration, KAS) will apply during an audit. KAS auditors have 5 years from the end of the tax year to raise assessments, so historic non-compliance does not disappear quickly.
There is a mitigation mechanism. Where a taxpayer voluntarily discloses the non-compliance and submits corrective documentation within 14 days of the original invoice date, the applicable rate may be reduced. However, the reduction is not guaranteed. It depends on whether the disclosure is made before KAS opens a formal inquiry. Once an audit notice is served, the voluntary-disclosure window effectively closes.
- Tier 1 penalty: 50% of VAT on invoice issued outside KSeF when system was available
- Tier 2 penalty: 100% of VAT where no invoice or unreadable invoice issued
- Voluntary disclosure: potential rate reduction if made within 14 days, pre-audit
- Assessment window: 5 years from end of the relevant tax year
- Each invoice assessed independently – volume multiplies total exposure
The complexity trap here is real. Many businesses conflate KSeF readiness with e-invoicing readiness. They are not the same thing. An invoice generated in PDF format and emailed to a counterparty does not satisfy KSeF requirements, even if it contains all mandatory VAT fields. The structural XML schema – Faktura Ustrukturyzowana (Structured Invoice, FA) – must be transmitted through the KSeF API or a certified intermediary platform.
Which businesses carry the greatest penalty exposure?
Exposure is not uniform. It tracks invoice volume, average VAT per invoice, and the degree to which existing ERP systems were integrated with KSeF before the mandatory date. Three factors amplify risk: high transaction frequency, mixed domestic and cross-border invoicing, and reliance on outsourced accounting that was not updated in time.
Manufacturing companies in Silesia and Mazowieckie tend to carry the highest absolute exposure. A mid-size manufacturer issuing 1,200 invoices per quarter, each averaging PLN 4,600 in VAT, faces a quarterly Tier 1 exposure of approximately PLN 2.76m. We secured a reduction of a penalty surcharge exceeding PLN 1.8m for a manufacturing client in the Mazowieckie region (autumn 2025) – the key was demonstrating that the ERP integration failure was attributable to a third-party software vendor, not to wilful non-compliance.
IT companies present a different risk profile. Invoice volumes are often lower, but contract structures are more complex. Milestone-based billing, retainer arrangements, and multi-jurisdiction invoicing create ambiguity about which invoices fall within KSeF scope. The Polish tax law position is that all invoices issued by a VAT-registered Polish entity to another Polish VAT-registered entity must go through KSeF, regardless of whether the underlying contract has an international dimension.
Foreign investors – particularly those operating through Polish subsidiaries – face a third category of risk. The subsidiary is a separate Polish VAT taxpayer and must comply independently. Parent-company processes designed for other EU e-invoicing regimes (Italian SDI, French PPF) do not map cleanly onto KSeF's XML schema. Businesses already familiar with how KSeF interacts with French invoicing obligations will recognise the divergence in field requirements and transmission protocols.
One often-overlooked exposure point involves faktury zaliczkowe (advance invoices). Polish tax law treats advance invoices as KSeF-mandatory from the same date as standard invoices. Companies that handle large advance payments – common in construction and real estate – and that have not updated their advance-invoice templates to the FA schema face the same penalty tiers as on final invoices.
What steps reduce penalty risk before and after go-live?
Risk reduction follows a clear sequence. Before go-live, the priority is system integration and staff authorisation. After go-live, the priority shifts to monitoring, error correction, and audit-readiness documentation. Neither phase can substitute for the other – companies that complete technical integration but neglect the post-go-live monitoring layer remain exposed.
We obtained interim relief limiting a KAS penalty to the Tier 1 rate for a logistics client in Lower Silesia (spring 2026). The decisive factor was a documented integration log showing that the company's KSeF API connection had been live and transmitting since the mandatory date, and that the specific invoices flagged had failed due to a schema versioning error corrected within 48 hours.
The pre-go-live checklist is short but non-negotiable:
- Register all authorised users in KSeF and assign transmission tokens at least 30 days before go-live
- Map every invoice type (standard, advance, corrective) to the FA schema fields
- Run a parallel-transmission test for at least 4 weeks before the mandatory date
- Confirm that outsourced accounting providers have updated their systems and hold valid KSeF tokens
Post-go-live, the single most important control is a daily reconciliation of invoices issued in the accounting system against invoices confirmed as received by KSeF. A transmission failure does not always generate an immediate error message – some failures are silent. Without daily reconciliation, a company may not discover a gap for weeks. At that point, the 14-day voluntary-disclosure window will have closed for each affected invoice.
Businesses with transfer pricing exposure should note an additional complication. Intercompany invoices between related Polish entities are subject to KSeF in the same way as third-party invoices. A transfer pricing adjustment that retroactively changes invoice values may require corrective invoices – also transmitted through KSeF – within specific deadlines. For a fuller analysis of how Polish transfer pricing rules interact with documentation obligations, see our guide on transfer pricing safe harbours under Polish law.
How should manufacturing, IT, and foreign-investor businesses approach KSeF compliance differently?
Each business profile requires a different compliance architecture. The underlying legal obligation is identical, but the operational pathway to meeting it diverges significantly. Getting the architecture wrong for your profile is one of the most common – and expensive – mistakes we see.
Manufacturing businesses typically have the most complex ERP environments. SAP or Microsoft Dynamics installations often require custom FA schema connectors. The critical decision is whether to build a direct API integration or route invoices through a certified KSeF intermediary platform. Direct integration is faster once built, but the build timeline can run to 12 weeks. Intermediary platforms can be operational in 2–3 weeks but introduce a dependency on a third-party SLA. For manufacturers with high invoice volumes, intermediary platform outages carry direct penalty risk – the legal obligation to transmit is not suspended by a vendor's technical failure.
IT companies face a contract-layer challenge. Many IT services agreements contain invoicing clauses that specify format, delivery method, or acceptance procedures. Where a contract requires a PDF invoice delivered by email, KSeF transmission may technically conflict with the contractual obligation. The correct approach is to amend affected contracts before the mandatory date – or at minimum, to obtain written counterparty acknowledgement that KSeF transmission satisfies the contractual delivery requirement. Failing to address this creates a secondary dispute risk on top of the regulatory penalty exposure.
Foreign investors operating Polish subsidiaries should treat KSeF compliance as a standalone project, separate from any group-wide e-invoicing initiative. The group project may be running on a longer timeline or targeting a different technical standard. The Polish subsidiary faces a fixed statutory deadline with fixed penalty rates. Subsidiaries that have already engaged with Polish regulatory compliance frameworks in other areas will recognise the pattern: Polish law does not accommodate group-level implementation schedules. Local compliance is a local obligation.
One structural option available to all three profiles is the IP Box regime. This is not directly a KSeF avoidance tool, but businesses claiming the IP Box preferential CIT rate of 5% on qualifying intellectual property income should be aware that KSeF compliance failures may trigger KAS scrutiny of the broader tax return – including the IP Box claim. The tax authority's audit of KSeF non-compliance frequently expands into a full VAT and CIT review. Keeping the KSeF record clean is therefore part of protecting other tax positions, including IP Box and family foundation structures where applicable.
For a tax advisor Warsaw-based clients turn to, the consistent message is this: KSeF compliance is not a one-time implementation project. It is an ongoing operational control. Polish tax law treats each non-compliant invoice as a separate infraction. The penalty arithmetic rewards precision and punishes complacency.
Frequently asked questions
Q: If my accounting software provider failed to update its system in time, can I avoid the KSeF penalty?
A: Polish tax law places the compliance obligation on the taxpayer, not on the software provider. A vendor's failure does not constitute a legal defence against the penalty. However, it may be relevant to a mitigation argument before KAS or an administrative court. The strength of that argument depends on documented evidence: written warnings to the vendor, contract terms specifying update obligations, and steps taken to find an alternative solution. Penalties reduced on this basis typically require a formal appeal, not a simple disclosure.
Q: How long does KAS have to assess a KSeF penalty, and what does the timeline look like in practice?
A: The assessment window runs for 5 years from the end of the tax year in which the non-compliant invoice was issued. In practice, KAS typically identifies KSeF gaps during a VAT audit or a JPK_VAT file cross-check. The audit notice is usually issued 6–18 months after the compliance gap, but the authority retains the right to assess right up to the end of the 5-year window. Businesses should not assume that the absence of an audit notice means the gap has been overlooked.
Q: Does KSeF apply to invoices issued to foreign (non-Polish) counterparties?
A: This is one of the most common misconceptions. KSeF applies to invoices issued by Polish VAT-registered entities to other Polish VAT-registered entities. Invoices issued to foreign counterparties who are not registered for VAT in Poland fall outside the mandatory KSeF scope. However, a Polish company that also issues KSeF-mandatory domestic invoices must maintain two separate invoice streams – one through KSeF, one outside it – and must apply the correct classification to each transaction. Misclassifying a domestic invoice as a foreign-recipient invoice to avoid KSeF is treated as intentional non-compliance, attracting the Tier 2 penalty rate.
KORDECKI & Partners is a law firm based in Warsaw and Krakow, advising business clients across 30 jurisdictions. Our team combines expertise in Polish and international law with a practical approach to KSeF compliance, VAT advisory, and tax-court litigation. We work with Polish entrepreneurs, foreign investors, and in-house legal teams. To discuss your situation, contact info@kordeckipartners.com.
Disclaimer: This publication is provided for informational purposes only and does not constitute legal advice. The information herein should not be relied upon as a substitute for professional legal counsel tailored to your specific circumstances. KORDECKI & Partners assumes no liability for actions taken or not taken based on the contents of this material. For advice regarding your particular situation, please contact info@kordeckipartners.com.