Organizational efficiency is a competitive advantage.

A term sheet is a non-binding document setting out the terms of an investment before the actual agreements are signed. The key elements to pay attention to are the pre-money valuation and the cap table after the investment, exit priority rights (liquidation preference in either a 1x non-participating or participating variant), anti-dilution rights, drag-along and tag-along rights, operational restrictions requiring the investor's consent (reserved matters), and clauses concerning subsequent rounds. A term sheet is non-binding as a rule, but the terms set out in it become the starting point for negotiating the actual documentation. Changing unfavorable provisions after the term sheet has been signed is many times harder than before it is accepted.

Legal due diligence covers an analysis of five main areas: the corporate structure, including shareholders and the history of changes; intellectual property, including legal title to the code and trademarks; key contracts with clients and suppliers; the status of employees and B2B contractors; and any liabilities and litigation. The result of the work is a professional report with a map of gaps and a risk assessment, not just a list of documents. For a seller, conducting the review before the process makes it possible to close gaps before the investor enters the data room and prices them in as risk.

Preparing a company for subsequent investment rounds starts at least 6 months before the planned closing of the round. The most critical areas are securing legal title to the IP through appropriate agreements with developers, full documentation of existing ESOPs, an up-to-date and consistent corporate structure, the absence of unresolved shareholder disputes, complete employee and contractor documentation, and full GDPR compliance. In subsequent rounds, the investor carries out full due diligence, so every material gap means either a lower valuation or a condition precedent to closing the transaction. Your company should pass this review without any surprises.

The simple joint-stock company (PSA) was designed with startups and technology companies in mind. The main differences compared with a limited liability company are the complete absence of a minimum share capital, which in a limited liability company is PLN 5,000; the ability to take up shares in exchange for a contribution of work or services, which makes it easier to implement ESOPs and to bring in a founder without cash; a simplified governing-body structure; and the option of online registration within 24 hours. The downsides of the PSA are lower recognition among foreign investors and counterparties, and less case law and market practice. For a company planning a round with a foreign VC fund, the classic limited liability company or joint-stock company is still more often preferred by investors.

A holding structure makes sense when a company reaches operational maturity and faces decisions about diversification, protecting assets, or tax optimization. The main reasons are separating operational risk across the individual subsidiaries; exempting dividends paid from subsidiaries to the holding company from tax where shares above 10% are held for a period of 2 years; making it easier for an investor to exit a single subsidiary without selling the whole group; and protecting the owner's assets from operational risk. A holding company does, however, generate fixed costs, including additional accounting, maintaining a management board, or consolidated financial statements. The decision on a holding structure should precede an investment round or a significant acquisition, not come right after them.

A family foundation is an institution introduced into Polish law in 2023. It allows a company owner to contribute assets in the form of company shares, real estate, or cash to the foundation and to manage them for the beneficiaries according to set rules. The tax benefits include dividends and income from the foundation's activity being taxed only when paid out to beneficiaries, at a rate of 15% CIT, as well as the complete absence of tax when profits are reinvested within the foundation. For the owner of an IT company, it is a proven tool for succession planning, protecting assets from the company's operational risk, and tax optimization on exiting the company. A family foundation does not replace a holding company, but it can work alongside one as part of the structure.

The Whistleblower Protection Act of 2024 obliges companies employing more than 50 people to implement an internal reporting procedure. Implementation involves drawing up a procedure for receiving and handling reports, designating a person or unit responsible for handling reports, putting in place an internal reporting procedure based on a form, a mailbox, or a dedicated platform, consulting employee representatives, and informing the entire team about the procedure that has been implemented. The whistleblower is protected against retaliation, because the act places a presumption on the employer that any unfavorable action against a person reporting a breach constitutes retaliation. The absence of a procedure is a direct violation of the act and a risk that the first serious incident goes straight to external authorities or the media, instead of being efficiently resolved within the company.

EU Directive 2023/970 on pay transparency takes effect for companies with more than 100 employees from 2026, and for entities with more than 250 employees from 2027 as regards the first report. The key obligations are disclosing salary ranges in job advertisements, reporting the pay gap between women and men, the employee's right to information about pay in comparable positions, and a ban on asking about a candidate's pay history. For IT companies, unstructured pay scales, individually negotiated salaries, and the lack of clear job descriptions are the most common problems that the directive will expose, laying bare accumulated pay inequalities. This in turn will make it easier for employees to pursue any court claims. Preparing the pay structure before the national rules take effect is many times cheaper than fending off lawsuits later.

Every form of payout generates different tax and social-security consequences. A dividend payout is taxed at 19% capital gains tax with no social security (ZUS) contributions, but the funds are paid out of profit after CIT taxation, which means a combined burden of CIT at 9% or 19% plus 19% dividend tax. Management remuneration constitutes a deductible cost on the company's side, but gives rise to an obligation to pay social security (ZUS) contributions and income tax on the management board member's side. A B2B contract is flexible, but requires genuine economic independence, as the tax authorities increasingly challenge B2B agreements that conceal an actual employment relationship. The optimal structure depends on the level of remuneration, the company's legal form, and the owner's investment plans.

Withholding tax (WHT) is a tax collected by a Polish company acting as a remitter when paying certain amounts abroad for software licenses, intangible services such as advisory or management services, dividends, interest, or other license fees. The standard rate is 20% for intangible services and licenses. Double taxation treaties (DTTs) can reduce or eliminate it, but they require the recipient's tax residency certificate and meeting the beneficial owner test. For payments above PLN 2 million per year to a single entity, the pay and refund procedure applies. The Polish company as remitter is responsible for correctly collecting WHT, and an error means a tax arrears arising together with interest.

Crossing the threshold of 50 employees triggers a range of additional obligations. Work rules and remuneration rules become mandatory, as does a social fund (ZFŚS) or payment of a holiday benefit, though setting up a ZFŚS can be legally waived with the appropriate provisions in the remuneration rules; an internal reporting procedure for whistleblowers; and an anti-mobbing policy. At 100 employees, reporting the pay gap is added under the pay transparency directive from 2026, and at 250 employees, ESG reporting obligations arising from the CSRD directive. IT companies that grow fast often cross the thresholds without knowing what obligations this triggers, which is why an employment law audit at every significant increase in headcount is good practice.

Corporate disputes between shareholders most often concern the distribution of profit and dividend policy, the company's direction and management decisions, the valuation of shares on the exit of one of the shareholders, and breaches of the shareholders' agreement or the articles of association. The ways to resolve them include negotiation and mediation as the fastest and cheapest methods, arbitration, which is effective where the shareholders' agreement contains an arbitration clause, or traditional court proceedings, which can be long, costly, and public. Prevention rests on a well-drafted shareholders' agreement with exit mechanisms including call and put options, drag-along, tag-along, or a shotgun clause, as well as clear rules for making decisions. A dispute is not won by the one who is right, it is won by the one who has the better agreement.

NIS2 places on the management bodies of entities covered by the directive an obligation of active oversight of cybersecurity and personal liability for breaches. This means that security policies have to be approved by the management board, not just by the IT department. Corporate governance under NIS2 requires putting cybersecurity on the agenda of the management board and the supervisory board, documenting management decisions concerning security risks, training management board members in cybersecurity, and implementing security policies approved by a management board resolution. IT companies, as essential or important entities under NIS2, are covered by the broadest scope of obligations. The absence of documentation at the management board level is a risk of personal liability for board members, regardless of whether an incident has occurred.