When the State Freezes Your Money
Poland built an algorithm to catch tax cheats. It works—except when it doesn’t.
On a Monday morning in Warsaw, a midsize textile wholesaler—let’s call it one of many, because the pattern has repeated itself dozens of times—discovered that it could not pay its employees. The company’s bank accounts had been frozen overnight, locked by an automated order originating from deep within Poland’s fiscal apparatus. No criminal charge had been filed. No court had issued a warrant. An algorithm had examined the company’s transaction patterns, cross-referenced them against a classified risk model, and decided that the flow of money looked suspicious. Within seventy-two hours, the freeze would almost certainly be extended to three months. In the interim, workers would go unpaid, suppliers would go uncompensated, and the company—guilty or innocent—would begin the slow organizational death that accompanies the sudden loss of liquidity.
This is what a STIR blockade looks like in practice. The acronym, which stands for System Teleinformatyczny Izby Rozliczeniowej—the Clearing House Information Technology System—does not, in Polish, carry the sinister ring it perhaps should. It is the instrument through which Poland’s tax authorities can freeze business bank accounts on the basis of algorithmic risk analysis, without prior judicial approval, and hold the funds hostage for up to three months. The system was introduced in January of 2018 as part of a broader legislative campaign to combat VAT carousel fraud—an elaborate scheme, prevalent across the European Union, in which chains of shell companies pass invoices among themselves, each claiming tax refunds on fictitious transactions, until the money vanishes offshore. Poland’s VAT gap, the difference between the tax theoretically owed and the tax actually collected, had become a source of national embarrassment. Something needed to be done. STIR was the something.
The legal architecture is contained in Division IIIB of the Ordynacja podatkowa—Poland’s Tax Ordinance, a statute that serves roughly the function of the Internal Revenue Code—added by a law with the commendably forthright title “On Amending Certain Laws to Counteract the Use of the Financial Sector for Tax Fraud.” Under Article 119zv (Polish legislative drafting, like Polish consonant clusters, demands patience), the Head of the National Revenue Administration—the Szef Krajowej Administracji Skarbowej, or Szef KAS, a figure who combines the roles of the I.R.S. Commissioner and a rather more muscular enforcement chief—may block any “qualified entity’s” bank account for up to seventy-two hours whenever the available information, “in particular the results of risk analysis,” suggests that the entity may be using the banking system for purposes connected with tax fraud. The subjunctive is doing a great deal of work in that sentence. There is no requirement that fraud be proved, or even that probable cause be established in any sense an American lawyer would recognize. The standard is possibility, assessed by a secret algorithm, validated by a government official. It amounts to a seizure of company assets without a court judgment—a concept that would give a Fifth Amendment scholar fits.
If the initial freeze seems warranted—and, in practice, it nearly always does—the Head of KAS may extend the blockade for up to three months, provided there is “justified concern” that the entity will fail to meet existing or anticipated tax obligations exceeding ten thousand euros. The mechanism operates in parallel to Poland’s broader regime of prejudgment security over taxpayer assets, though its preconditions are distinct and, in some respects, less demanding. The statistics on the extension point are striking in their uniformity. In 2019, five hundred and thirty-seven accounts were frozen by the Head of KAS on a seventy-two-hour basis; five hundred and thirty-three of those freezes were extended. In 2020, the numbers were eight hundred and twenty-one and eight hundred and twenty-one. The seventy-two-hour window, in other words, is not so much a provisional measure as a bureaucratic antechamber—a brief pause during which the paperwork catches up with the decision that has already been made.
The scale of the system is considerable, and it has grown rapidly. When STIR went live, six hundred and nineteen banks and coöperative savings institutions were feeding data into it, covering 3.44 million qualified entities, 11.56 million settlement accounts, and some 8.5 billion reported transactions. By the end of 2020, the number of monitored accounts had risen to nearly nineteen million, transactions exceeded fifteen billion, and eighty-one thousand entities had been classified as elevated-risk—up from twenty-nine thousand just two years earlier. Every day, Poland’s banks transmit to STIR a detailed dossier on every business account they hold: account numbers, identifying data on owners, authorized signatories, beneficial owners, and—crucially—daily transaction summaries including sender and recipient data, amounts, currencies, and descriptions. It is, by any measure, one of the more comprehensive financial-surveillance systems operating in a European democracy.
In its first partial year of operation, from May through December of 2018, the Head of KAS blocked forty-one accounts belonging to twenty-three entities, freezing roughly ten million złoty—about 2.3 million dollars at the time. A year later, the numbers had exploded: a hundred and thirteen entities, five hundred and thirty-seven accounts, sixty-seven million złoty in frozen funds, and estimated tax losses of five hundred and eighty-four million złoty attributed to the targeted entities. By 2020, when authority had been delegated to five regional customs-and-fiscal-audit chiefs as well, the combined toll reached a hundred and ninety-six entities, more than a thousand accounts, and over ninety-six million złoty frozen—against estimated fraud of six hundred and sixty-one million.
The sectoral breakdown offers a portrait of Poland’s underground economy, or at least of the economy’s pressure points. In 2019, the textile trade led the field with twenty-nine blockades, followed by electronics and fuels. By 2020, the landscape had shifted: e-commerce surged to the top, with thirteen blockades attributed to the Head of KAS, alongside textiles, cooking oils—a peculiarly persistent category, reflecting the profitability of VAT fraud on vegetable fats—and, notably, temporary-employment agencies. The last category is revealing. Poland’s economy depends heavily on labor intermediaries, particularly for workers from Ukraine and other Eastern neighbors, and the sector’s cash-intensive, high-volume, low-margin structure makes it fertile ground for invoice manipulation. The phantom transaction—an empty invoice documenting goods that never moved and services never rendered—remains the foundational instrument of VAT fraud, and STIR was designed, above all, to detect the financial fingerprints it leaves behind.
Then, beginning in 2024, something unexpected happened: the numbers went down. Through the first three quarters of 2024, the Head of KAS blocked two hundred and ninety-nine accounts belonging to eighty-five entities—a significant decline from the four hundred and sixty-four accounts and a hundred and thirty entities in the same period of 2023. The total value of frozen funds dropped from 38.5 million to 23.87 million złoty. The Ministry of Finance, asked to explain, offered a studied shrug: blockades are an exceptional measure, applied in exceptional circumstances, and the numbers naturally fluctuate.
The experts were less sanguine. Jacek Aninowski, a director at the Institute of Tax Studies, enumerated the possibilities with the practiced caution of a man accustomed to ambiguous data. Perhaps the carousel chains had simply grown shorter, involving fewer entities per scheme. Perhaps—more troublingly—the criminals had learned how STIR works and adapted. Cryptocurrency, which bypasses the banking system entirely, is one obvious escape route—and Poland’s regime for cryptocurrency transaction reporting is only now reaching regulatory maturity. Gerard Dźwigała, a tax attorney, noted that the opacity of the algorithm makes any confident assessment impossible: “We cannot credibly confirm whether the lower numbers reflect criminals circumventing the Polish financial system, or, on the contrary, the creation of settlement schemes that circumvent STIR itself.” It is equally plausible, he added, that the algorithm is simply getting smarter—learning, in the way that machine-learning systems do, to make fewer false positives.
Aninowski offered a darker reading. “In my view,” he said, “there has been a decrease in the effectiveness of uncovering tax fraud, particularly carousel fraud.” The criminals, he suggested, have learned the system’s defenses and are evading them more successfully, while the authorities have lost a step in responding to the criminals’ innovations. He pointed to Poland’s widening VAT gap as corroborating evidence. Unofficial reports, meanwhile, suggested that a culture of leniency toward business—a political posture rather than a legal one—had settled over the revenue administration, a climate in which even fraudsters posing as legitimate enterprises might find it easier to operate unmolested.
There is a deep irony in this. STIR was built to be aggressive, and its defenders have always justified its extraordinary powers by pointing to the severity of the threat. Now the same defenders find themselves explaining why the weapon is being used less—and unable to say with certainty whether that means the war is being won, the enemy has changed tactics, or the soldiers have simply grown tired.
For the companies on the receiving end, the legal remedies are limited and the odds are long. A “qualified entity” whose accounts have been frozen may file a complaint—a zażalenie, in the Polish administrative-law lexicon—against the decision to extend the blockade from seventy-two hours to three months. The complaint is heard, in an arrangement that would give an American due-process lawyer pause, by the same agency that imposed the freeze: the Head of KAS reviewing his own decision, or the relevant regional director reviewing the decision of a subordinate customs-and-tax chief. This is the eternal problem of unchecked power—the fox auditing his own henhouse—dressed in the formal garments of administrative procedure.
The results are predictable. In 2019, of sixty-one complaints resolved by the Head of KAS, fifty-four ended with the original order upheld. In 2020, the ratio was fifty-eight upheld out of sixty-eight decided. The entity may then appeal to the administrative courts—the Wojewódzki Sąd Administracyjny, a regional administrative court, roughly analogous to a federal district court in administrative matters. Here, the picture improves slightly. In 2020, eight of forty-nine judicial challenges succeeded, an overturn rate of about sixteen per cent. This is not generous, but it is not nothing, either, and the courts have begun to articulate standards for the quality of evidence that the authorities must assemble before freezing an account. Defective judicial reasoning in the blockade order—vague factual findings, conclusory risk assessments, failure to address the entity’s counterarguments—has emerged as a viable ground for reversal, a jurisprudential development that, in a legal system still feeling its way through a novel statute, carries significance beyond the individual cases.
The law does provide narrow channels through which frozen funds may trickle out. An entity may petition the Head of KAS for permission to pay employee salaries from a blocked account, provided the employment contracts predate the blockade by at least three months and the employees are registered with the social-insurance system. It may request permission to pay alimony or alimentary pensions. It may ask to settle tax liabilities early. And it may invoke an all-purpose “particularly justified circumstances” clause—a formulation whose vagueness is both its promise and its limitation. In 2020, the Head of KAS received thirty-three salary-disbursement petitions and granted twelve, denied eight, and discontinued seventeen. The statistics for other categories are similarly mixed—enough to sustain hope, not enough to sustain a business.
Where the blockade proves to have been unjustified, the entity may pursue a claim for state liability—damages caused by the wrongful exercise of public authority. The practice in this area remains embryonic, but the principle is clear: a government that freezes a company’s lifeblood without adequate cause owes compensation for the damage it inflicts.
The constitutional questions raised by STIR have not yet received the attention they deserve, either in Polish legal scholarship or in the broader European conversation about the digitization of tax enforcement. Article 64 of the Polish Constitution guarantees the protection of property. Article 31 enshrines the principle of proportionality, requiring that any restriction of rights be necessary, suitable, and no more burdensome than required to achieve its purpose. A system that freezes a company’s assets for three months on the basis of an algorithm whose parameters are classified, under a legal standard that requires only the possibility of fraud, and that subjects the resulting decision to review by the very authority that made it, is not an obvious exemplar of proportional governance.
And yet the counterargument is formidable. VAT carousel fraud is not a victimless abstraction. It drains public revenues that would otherwise fund hospitals, schools, and infrastructure. It distorts markets by allowing fraudulent operators to undercut honest competitors. And it is extraordinarily difficult to combat through traditional enforcement methods, because the transactions that constitute it are, individually, entirely lawful—it is only their arrangement, their choreography, that reveals the fraud. STIR’s defenders argue, with some justice, that the speed of modern financial crime requires the speed of modern financial countermeasures, and that the messy imperfections of an algorithmic system are preferable to the elegant impotence of one that moves too slowly to matter.
The numbers support this view, at least in part. In 2019, STIR data enabled the identification of a hundred and thirty-seven carousel chains involving roughly six hundred and seventy entities. Information on more than two hundred and sixteen thousand bank accounts belonging to delinquent taxpayers was transmitted to local tax offices, leading to over eighty-one thousand asset seizures and the recovery of 323.5 million złoty—about seventy-five million dollars—in unpaid taxes. STIR has also been credited with improving the targeting of tax audits, reducing the number of audits conducted while increasing their yield—a development that, if accurate, benefits honest taxpayers who would otherwise be subjected to unnecessary scrutiny.
The trouble, as so often in the history of state power, is at the margins. The algorithm does not explain itself. The entity whose account has been frozen cannot examine the data that triggered the freeze, cannot interrogate the model’s assumptions, and cannot compare its own risk profile against the threshold that separates the blocked from the unblocked. In this opacity, the system resembles other algorithmic-governance tools that have drawn scrutiny in recent years—predictive policing, automated welfare-eligibility determinations, credit scoring—all of which share the characteristic of rendering consequential judgments about individuals on the basis of processes that those individuals cannot see or challenge.
What, then, is to be done? The Polish experience offers a case study of broader relevance, because the tension it illustrates—between the state’s legitimate interest in preventing fraud and the individual’s legitimate interest in not having her assets confiscated by a machine—is not unique to Poland or to tax law. Every modern revenue authority is exploring or deploying some version of algorithmic risk analysis. The question is not whether such systems will exist but how they will be governed.
Several principles suggest themselves. The first is transparency—not of the algorithm’s precise parameters, which might indeed enable evasion, but of its general logic, its error rates, and its outcomes. Poland publishes aggregate statistics, which is something, but independent auditing of the system’s accuracy and fairness would be a meaningful step. The second is procedural independence: the reviewing authority for a freeze should not be the same authority that imposed it. The third is proportionality in practice as well as in theory—a recognition that a three-month freeze on a small company’s only bank account is, for all practical purposes, a death sentence, and should be treated with corresponding gravity. The fourth, perhaps most elusive, is humility: an acknowledgment that an algorithm trained on historical fraud patterns will inevitably generate false positives, and that the cost of those false positives—measured in bankrupted firms, unpaid workers, and shattered livelihoods—must be weighed honestly against the revenues recovered.
For businesses operating in Poland—particularly those in sectors flagged as high-risk—the practical implications are immediate. Robust due diligence on counterparties, disciplined documentation of supply chains, and thoughtful asset-protection structures—including holding architectures and the maintenance of foreign bank accounts for operational continuity—are no longer merely prudent. They are existential.
Poland’s STIR system has unquestionably made the country a harder place to commit VAT fraud. Whether it has also made it a harder place to run an honest business is a question that the data, for all their abundance, cannot quite answer. The algorithm keeps its own counsel. ♦
Founder and Managing Partner of Skarbiec Law Firm, recognized by Dziennik Gazeta Prawna as one of the best tax advisory firms in Poland (2023, 2024). Legal advisor with 19 years of experience, serving Forbes-listed entrepreneurs and innovative start-ups. One of the most frequently quoted experts on commercial and tax law in the Polish media, regularly publishing in Rzeczpospolita, Gazeta Wyborcza, and Dziennik Gazeta Prawna. Author of the publication “AI Decoding Satoshi Nakamoto. Artificial Intelligence on the Trail of Bitcoin’s Creator” and co-author of the award-winning book “Bezpieczeństwo współczesnej firmy” (Security of a Modern Company). LinkedIn profile: 18 500 followers, 4 million views per year. Awards: 4-time winner of the European Medal, Golden Statuette of the Polish Business Leader, title of “International Tax Planning Law Firm of the Year in Poland.” He specializes in strategic legal consulting, tax planning, and crisis management for business.
