KSeF – New Rules for Using the System in the Practice of Entrepreneurs and Accountants

Paweł Gorzelec
9 minutes ago
3 min read

With the introduction of the mandatory structured invoicing system, the legislator has adopted detailed implementing regulations governing the use of the National e-Invoicing System (KSeF). These provisions go far beyond technical instructions – they define access rules, user authentication, responsibility structures, and the circulation of invoices operating outside the system.

For entrepreneurs, accounting firms, and finance departments, this means a real redesign of internal processes rather than a simple system upgrade.

KSeF Authorisations – A New Responsibility Architecture

The regulation on the use of KSeF introduces a precise division of roles and authorisations. Four main categories of rights have been defined:

rights to grant and revoke authorisations,
rights to issue and view invoices,
rights related to self-billing,
rights to issue VAT RR invoices and corrections.

Importantly, these rights are not reserved exclusively for taxpayers. They may also be granted to employees, proxies, entities handling tax settlements, and buyers issuing invoices under self-billing arrangements.

In practice, this requires:

restructuring responsibility frameworks,
implementing formal access-granting procedures,
ongoing verification of authorisations.

ZAW-FA – Formalised Access Management

One of the key organisational tools introduced is the ZAW-FA form, the template of which is set out in an annex to the regulation. The form is used to:

grant and revoke authorisations for individuals,
report unique data linked to a qualified electronic signature or seal,
notify changes in the authorisation structure.

For businesses, this creates a new administrative obligation comparable to managing tax powers of attorney. Failure to maintain accurate notifications may result in operational disruptions, including the inability to issue invoices.

Authentication and the KSeF Certificate

The regulation introduces a multi-level authentication model. Access to KSeF may be obtained using:

an electronic identification means (e.g. trusted profile),
a qualified electronic signature,
a qualified electronic seal,
a KSeF certificate generated after successful authentication.

The KSeF certificate plays a key role in automating accounting processes, allowing system access without repeated user authentication.

The certificate is valid for a maximum of two years and may be renewed during its validity period, which must be reflected in IT security policies.

Access to Invoices and Verification

The new rules specify how access to invoices in KSeF is obtained using a verification code. After entering identifying data (invoice number, buyer’s tax ID, total amount due), the system allows:

confirmation of invoice authenticity,
verification of document integrity,
immediate validation by the counterparty.

This significantly changes traditional document circulation models and limits the risk of disputes.

Marking Invoices Used Outside KSeF

Invoices functioning outside KSeF (PDF, email, paper) must be clearly linked to the structured invoice in the system. Therefore, mandatory verification markings must be applied directly to the document.

The scope of required markings depends on the issuance mode and timing and is regulated in detail by § 9 of the Regulation of 12 December 2025.

Invoices with Attachments – New Procedures

For the first time, the regulation comprehensively governs invoices with attachments. This is particularly important for entities handling mass or complex settlements, such as those in the energy or telecommunications sectors.

Issuing invoices with attachments requires:

notification to the Head of the National Revenue Administration,
disclosure of transaction types and data structures,
compliance with strict technical requirements for XML format and file size.

Transitional Provisions – Time for Adaptation

A transitional period has been introduced until 31 December 2026 for selected authentication methods. Separate deadlines apply to VAT RR invoices, which will be mandatory in KSeF from 1 April 2026.

Practical Guidance

The new regulation is not merely a technical manual. It represents a fundamental shift in how business transactions are documented. Effective implementation requires: