1C/BAS ban: what private‑sector accountants should do

Ukraine’s IT landscape has changed dramatically: former accounting “standards” 1C and BAS have become sanctioned and effectively prohibited software for many users, and for private businesses their sanctions status and the proposed 2% annual turnover fine already turn continued use of these systems into a material legal and reputational risk. In this environment, the accountant of a private company effectively becomes the “first line of defence” between legacy software and new compliance requirements.

Regulatory framework: from sanctions to draft law No. 13505
As of 2026, restrictions on 1C/BAS operate on two levels. First, NSDC sanctions enacted by presidential decrees have banned the sale, support and distribution of a number of Russian products, including the entire BAS line and classic 1C, effectively depriving them of legal updates and official support in Ukraine. Second, draft law No. 13505 provides for a phased phase‑out of “hostile software” by 2030 and fines of up to 2% of annual turnover for legal entities using such solutions, so the use of 1C/BAS is increasingly seen as a threat to cybersecurity and digital sovereignty, and the room for a “grey zone” is rapidly shrinking. For government bodies, defence enterprises, critical infrastructure and payment‑system participants, a full ban is already in force, while private businesses, although not formally required to disconnect immediately, now find that continued operation in 1C/BAS conflicts with the spirit of current sanctions policy.

Legal and compliance risks for private companies
The key question is whether it is still safe to keep working in 1C/BAS when no explicit prohibition has yet come into force. In practice, the risks are:

• sanctions against 1C/BAS developers already give supervisory authorities grounds to question the use of software listed by the State Special Communications Service; if draft law No. 13505 is adopted, a fine of up to 2% of turnover will become a direct enforcement tool against companies that have not migrated;
• for investors and banks, sanctions compliance is mandatory; if a company’s internal policies record the use of “hostile software”, this may justify refusing cooperation or financing;
• sanctioned software also heightens cyber‑risk: vulnerabilities in the code and potential leaks of 1C/BAS databases containing financial information and personal data of employees and counterparties may lead to losses and claims for inadequate data protection.

The accountant’s role: between IT choice and legal liability
Formally, the accounting system is chosen by owners or management, but it is the accountant who is responsible for data integrity, reporting and communication with regulators, and therefore will be the first to feel the consequences of using “toxic” software. In practice, the accountant should initiate an IT‑landscape audit: explain the sanctions status of 1C/BAS, assess migration scope and risks, identify critical processes (payroll, taxes, primary documents) and participate in selecting and testing the new system. If this role is ignored and the choice is left solely to the IT department, the company risks years of “patchwork” accounting and, once 1C/BAS is formally banned, additional sanctions and fines landing precisely during a troubled migration.

Transition strategies: what private‑sector accountants should do
The optimal scenario for a private company is not to wait for a formal “X‑date” but to launch a planned transition now. The “we won’t touch anything until we are forced to” approach is dangerous in the 1C/BAS context, because restrictions can be introduced quickly, while migrating an accounting system always takes months of preparation and testing.

From a practical standpoint, accountants should:

1. Initiate a compliance audit of software.
   Assess which specific 1C/BAS products the company uses, whether they appear on public lists of prohibited software, and record this in a memo to management.
2. Define requirements for the new system.
   A clear list of functional needs (payroll, inventory, production, management accounting, IFRS, etc.) helps avoid the temptation to install “one system for everything” without regard to actual business processes.
3. Break the transition into stages.
   It is advisable to start with a “minimal critical core” — current accounting and tax reporting — and then import historical data in batches (by years or transaction types). This reduces the risk of business paralysis caused by a complex one‑time migration.
4. Budget for training and support.
   Moving from 1C/BAS to another platform always requires training accountants and integrating with bank systems, M.E.Doc, the taxpayer e‑cabinet and similar services; underestimating these costs often results in “double work” done manually and missed reporting deadlines.
5. Monitor legal aspects.
   Involve a lawyer or tax adviser to review contracts with software providers, analyse sanctions‑related risks and track the progress of draft law No. 13505. This helps adjust internal policies in time and avoid fines being imposed retrospectively for a period of delay.

Ethical and reputational dimension
In wartime, using products linked to the aggressor state goes beyond pure economic calculation: for companies working with international partners, abandoning 1C/BAS has become a matter of corporate stance and social responsibility, and the accountant is often the one who explains to management that “it’s cheaper this way” is no longer a valid argument. Sanctioned software also influences audit opinions: although IFRS contains no explicit ban, auditors increasingly focus on cyber‑risk and sanctions compliance, so the accountant will have to justify why the company still operates in an environment the state officially labels as high‑risk.

Conclusions: time for a strategic decision
The ban on 1C and BAS is now part of a consistent state policy featuring sanctions, official lists of prohibited software and a draft law on financial liability, so for businesses the question is no longer “whether to migrate” but “how and when to do it with minimal losses.” In this context, the accountant is not just a user but a key expert who sees sanctions, compliance and cyber‑risks as well as the operational consequences of migration; the earlier they initiate an honest conversation with owners about phasing out sanctioned software, the higher the chances of a controlled transition instead of chaotic decisions under pressure from inspections or security incidents.

Author: Ihor Yasko, Managing Partner at JSC “WINNER Law Firm”, PhD in Law.

If you have any questions or issues related to assessing the risks of using 1C/BAS, planning a migration to alternative software or preparing your company for new sanctions requirements, seek professional advice to analyse your situation and minimise possible consequences.