With the introduction of the mandatory National e-Invoicing System (KSeF), businesses face a new administrative reality. One of the key elements of this transition is the proper management of authorisations, which is carried out, among other ways, through the ZAW-FA form. At first glance, it may seem like just another administrative document. In practice, however, it plays a crucial role in managing access rights within KSeF.

The notification form for granting or revoking authorisations serves as an official communication tool with the National Revenue Administration in the context of managing access to the National e-Invoicing System. Its proper completion and submission can directly impact the efficiency of business processes, while mistakes or delays may result in temporary suspension of access to KSeF functionalities. It is important to note that granting or revoking authorisations via the paper-based ZAW-FA form is generally considered an ‘emergency’ procedure, or is reserved for specific situations where it is impossible to grant access electronically.

Have a question or need support?

Contact us

Legal basis and scope of the ZAW-FA Form

The obligation to submit a notification when granting access rights stems directly from the regulations governing KSeF, which detail the procedures related to managing access to the system. The ZAW-FA form is used in cases where a taxpayer wishes to authorise another person to act on their behalf in KSeF, or when it becomes necessary to revoke previously granted access rights.

The scope of the form covers both granting access to employees within the taxpayer’s own organisation and to external parties such as accounting firms, law offices, or tax advisers. Every change in the authorisation structure requires formal notification to the tax authorities, ensuring transparency and control over access to sensitive tax and financial data.

It is particularly important to understand that the ZAW-FA form is not just a formal legal requirement but also a practical tool for managing data security in KSeF. Careful consideration should be given to deciding who within the organisation should be granted access. The right selection of authorised persons helps minimise the risk of errors and ensures an appropriate division of responsibilities.

Structure of the form and key fields

The ZAW-FA form follows a logical structure guiding the taxpayer through each stage of granting or revoking authorisations. The first section contains basic identification details of the entity submitting the notification, including the taxpayer’s NIP (tax identification number), company name, and registered address.

The section relating to the authorised person is the heart of the form and requires particular attention. Here, the name and surname of the person being authorised must be clearly stated, along with their PESEL number (Polish personal identification number) or an identity document number for foreign nationals. Providing the correct email address for system notifications is equally important.

It should be noted that authorisation to access invoices covers both sales and purchase invoices. In KSeF, it is not possible to grant access exclusively to one category (e.g., only purchase invoices).

Revoking authorisations – procedure and practical considerations

The process of revoking access rights is just as important as granting them and may be necessary for various reasons. Common situations include the termination of cooperation with a particular person or changes in an employee’s responsibilities. The ZAW-FA form allows for efficient revocation of rights, which is essential for safeguarding data security.

An often-overlooked but valuable practice is internal documentation of the reasons for revoking authorisations. While the ZAW-FA form itself does not require justification, it is advisable to maintain internal records, particularly in cases involving disputes or suspected misconduct. Such documentation can prove useful in the event of disputes or inspections by the tax authorities.

Practical tips for effective access management

Efficient access management in KSeF requires the implementation of appropriate internal procedures. It is recommended to appoint a person responsible for supervising authorisations and regularly reviewing their validity. This person should have a full overview of who has access to KSeF and to what extent, enabling a quick response when changes are needed.

Another key element is training for staff responsible for completing ZAW-FA forms. Familiarity with all functionalities and understanding the implications of different choices in the form can significantly improve process efficiency and data security. Such training should address not only technical aspects but also procedural and legal issues.

Keeping a record of all changes in authorisations is a further best practice and a sign of due diligence. Maintaining a register with details such as the date of granting access, the scope of authorisation, and the reasons for any changes can be invaluable during internal audits or external inspections. This documentation also supports risk management and process optimisation within the organisation.

Need support in implementing KSeF and optimising your access management processes? CRIDO’s experts can help you prepare your organisation for the new requirements, design efficient procedures, and deliver the necessary training. Contact us to discuss your company’s specific needs and ensure a smooth transition to the National e-Invoicing System.