# DORA Reporting in Poland: KNF Guide for Financial Entities Source: https://www.cyadviso.com/dora-poland-knf Last reviewed: 2026-05-01 Country: Poland (PL) Tags: DORA, Poland KNF as Poland's DORA competent authority for banks, payment firms, investment firms, insurers and CASPs: scope, ICT reporting framing and evidence checklist. --- ## Short answer In Poland, the Polish Financial Supervision Authority (KNF) is the integrated financial supervisor and the relevant DORA competent authority for Polish financial entities within scope, including banks, payment institutions, investment firms, insurers and CASPs. ## Competent authorities - **Polish Financial Supervision Authority (Komisja Nadzoru Finansowego — KNF)** (KNF) — https://www.knf.gov.pl/en ## Entities in scope - Credit institutions (banks) - Payment institutions and electronic money institutions (PIs / EMIs) - Investment firms - Crypto-asset service providers (CASPs) authorised under MiCA - Insurance and reinsurance undertakings, where supervised in this jurisdiction - Other financial entities listed in DORA Article 2 ## Jurisdictional nuances - Poland uses an integrated supervision model under KNF, which reduces authority-routing ambiguity compared with split-authority jurisdictions. - The KNF DORA page is the starting point for local DORA communications, consultations and market guidance; entities should verify current forms and filing routes there before reporting. - Polish entities should align DORA reporting with existing ICT security, outsourcing and operational-risk supervisory expectations from KNF. - Groups operating in Poland and another EU Member State should keep entity-level reporting decisions separate from group-level incident handling. ## Primary sources - KNF — DORA — https://www.knf.gov.pl/dla_rynku/dora - KNF — English homepage — https://www.knf.gov.pl/en - Regulation (EU) 2022/2554 — DORA, EUR-Lex — https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32022R2554 - European Banking Authority — Digital Operational Resilience Act (DORA) — https://www.eba.europa.eu/activities/direct-supervision-and-oversight/digital-operational-resilience-act --- Canonical HTML: https://www.cyadviso.com/dora-poland-knf Authored by Andrey Gubarev — CISO for EU fintechs (CISM, CDPSE, SABSA). CyAdviso · DORA / ICT risk / vCISO programmes for EU-licensed fintechs.