The main legislation governing the banking sector is Law No 5411 (the "Banking Law"). Other key legislative and regulatory provisions are:
The Banking Regulation and Supervision Agency (BRSA) ensures regulatory and consolidated supervisory in the Turkish banking system. Pursuant to Article 82 of the Banking Law, the BRSA is a public legal entity with administrative and financial autonomy. Accordingly, the BRSA independently fulfils the regulatory and supervisory duties and powers assigned to it by the Banking Law and related legislation. The BRSA is responsible for the regulation and operation of the activities of the institutions under its supervision, and for authorising their establishment and carrying out these functions in a safe and sound manner. The BRSA has the authority to carry out both prudential and conduct supervision and to request the institutions subject to its supervision to take the necessary measures. According to Articles 146 and 149 of the Banking Law, the BRSA is entitled to impose financial penalties and certain severe sanctions on banks. In addition, Articles 150 and 161 of the Banking Law state that shareholders and members of the board of directors can also be subject to sanctions and penalties. The BRSA acts in compliance with foreign supervisory authorities and has the authority to grant authorisation to independent audit firms, as well as valuation and rating agencies. Pursuant to Article 95 of the Banking Law, the BRSA also assesses the structure, adequacy and reliability of annual financial reports prepared by independent audit institutions.
Types of Licences
It is necessary to obtain permission from the BRSA in accordance with Article 6 of the Banking Law in order to establish a bank or a branch of a foreign bank in Turkey and to engage in banking, financial leasing and/or factoring activities. Banks must also obtain an operating licence from the BRSA.
Additionally, banks are required to obtain a licence from the Capital Markets Board to perform certain activities specified in Article 37 of the Capital Markets Law.
Activities of Licensed Banks and Any Restrictions
The operating licence covers all activities specified in Article 4 of the Banking Law, unless otherwise decided by the BRSA. The following activities are permitted to be carried out by banks:
However, some of the activities listed above are restricted depending on the type of banks. Accordingly, development and investment banks cannot accept deposits and participation funds. Deposit banks cannot accept participation funds and cannot carry out financial leasing transactions. In addition, participation banks cannot accept deposits.
Pursuant to Article 39 of the Capital Markets Law, banks are also required to obtain a licence from the Capital Markets Board (CMB) for;
Additionally, upon obtaining a licence from the CMB, investment and development banks may also engage in:
Conditions for Authorisation
The requirements for a bank establishment permit are as follows.
Banks that have obtained an establishment permit must comply with the following before the commencement of operations.
Application Process
The applicant is required to apply to the BRSA for the establishment permit by submitting the necessary documents specified in Articles 4 and 5 of the Authorisation Regulation. The establishment permit must be approved by at least five of the seven board members of the BRSA. After obtaining the establishment permit, an operating permit must be obtained from the BRSA in accordance with Article 7 of the Authorisation Regulation. The application for an operating licence must be made within nine months from the date of publication of the BRSA's decision on the establishment authorisation in the Official Gazette. In addition, an activity licence fee amounting to TRY2,128,115.80 (regulated in Tariff No 8 attached to the Law on Fees No 492) must be paid. This fee is paid both at the time of application for an activity licence and in each year of banking activities. Pursuant to Article 7 of the Permit Regulation, the BRSA issues the operating licence within three months at the latest from the date of application. The authorisations are valid as of the date of publication in the Official Gazette.
Pursuant to Article 19 of the Banking Law, the following require the permission of the BRSA:
The documents listed in Article 11 of the Licence Regulation must be attached to the applications to be made to the BRSA regarding these acquisitions and transfers, and the documents to be submitted in case the bank or financial institution is established abroad are also mentioned in the same Article.
Within three months from the date of authorisation, the relevant bodies of the banks are required to take a decision in accordance with Articles 7, 11, 15 and 19 of the Regulation on Merger, Transfer, Demerger and Share Exchange of Banks and to commence the permitted transactions. Otherwise, the authorisation granted shall be null and void.
After the acquisition, all assets and liabilities are transferred to the acquiring bank, the legal personality of the transferred institution is terminated, and it is removed from the Trade Registry.
According to Article 18 of the Banking Law, the following types of share acquisitions require the approval of the BRSA:
As per Article 18 of the Banking Law, regardless of the percentage of share acquisition/transfer, the approval of the BRSA is required for the right to appoint members to the board of directors or audit committee and for the transfer of privileged shares or the issuance of new privileged shares.
Qualified shares are shares that directly or indirectly represent 10% or more of the capital or voting rights of the bank, or that give the privilege to appoint members to the board of directors even if this rate is below 10%. Shareholders with qualified shares must meet the conditions required for founders. Otherwise, they will no longer be entitled to shareholding rights other than dividends. It is important to noted that as a condition for obtaining the BRSA's authorisation, a transfer fee of 1% of the nominal value of the shares to be transferred must be paid to the Savings Deposit Insurance Fund (SDIF) by the transferee. If the shares are transferred without the authorisation of the BRSA, the shareholding rights of the legal entity arising from these shares, other than dividends, will be used by the SDIF.
Article 3 of the Law No 4875 on Foreign Direct Investment states that foreign investors shall be treated equally with domestic investors. Therefore, there are no specific restrictions on foreign ownership under the Banking Law.
According to Article 22 of the Banking Law, structure, processes and principles regarding the corporate governance of banks are determined by the BRSA by taking the opinion of CMB and its associations.
Turkish banks are required to establish:
There must be at least five members (including the general manager) of the board of directors. The audit committee, which will be established by the board of directors, will have at least two members. Members will be appointed among the board members, but they cannot have an executive position.
According to Article 25 of the Banking Law, a bachelor's degree in law, economics, finance, banking or business administration, and related fields, or an undergraduate degree in engineering together with a graduate degree in one of these fields and ten years of professional experience in banking or business administration is required for general managers. Deputy general managers are required to have at least seven years of professional experience. In addition, it is important to note that, at least two-thirds of the deputy general managers of a bank must have at least an undergraduate degree in one of the above fields.
The Regulation on Corporate Governance is another essential regulation on the corporate governance and management requirements of banks. Under this Regulation, the corporate governance principles are defined as follows.
The Banking Law does not specifically regulate the appointment or dismissal of board members or senior executives. In this case, since banks are joint stock companies, the provisions of the TCC shall apply.
Pursuant to Article 370 of the TCC, the board of directors may delegate its representation authority to one or more managing directors or third parties as directors. At least one member of the board of directors must be authorised to represent the company. According to Article 370 of the TCC, the board of directors may appoint those who are affiliated with the company with an employment contract as senior executives or other managers with limited authority.
According to Article 4-7 of the Regulation on the Directors of Banks, the selection or appointment of directors or senior managers must be notified to the BRSA within seven business days. The notification will include several documents providing the information required for the position.
Following their election or appointment, the members of the board of directors, the chair and members of the board of managers are obliged to take an oath before starting their duties. Pursuant to Article 9 of the Regulation on the Directors of Banks, the general manager, who is the ordinary member of the board of directors, and the persons who will represent the general manager must take an oath. The oath is taken at the commercial court and the document issued after the oath is sent to the BRSA. According to Article 10 of the Regulation on the Directors of Banks, directors and senior executives are obliged to declare their assets.
Legal duties of bank directors and senior executives are regulated under the Regulation on Corporate Governance. Directors and senior executives must perform their duties in a fair, transparent, accountable and responsible manner, as set out below.
On 31 March 2016, the BRSA published the Guide on Good Remuneration Practices in Banks (the “Guide”) to provide a better remuneration system for bank employees, including executives and qualified staff. The Guide sets out some principles and minimum standards in determining all kinds of material benefits to bank employees and managers. However, it should be noted that the principles set out in the Guide are not mandatory provisions.
The Guide aims to ensure that the remuneration policy, process and practices of banks are established within the framework of a sound and effective risk management approach, and explains the good practices expected from banks in this regard.
The Guide covers the bank's board of directors, senior management and all other employees, as well as identified staff. Identified staff are the staff whose professional activities have a material impact on the bank's risk profile.
The implementation of the Guide is based on the principle of proportionality. Accordingly, not all banks have to comply with the requirements on remuneration in the same scale and way, and systematically important banks should develop more detailed policies, processes and practices. Banks are responsible for keeping the risk exposure under control by assessing their own characteristics and establishing remuneration policies and practices. The following practices should be adopted by systemically important banks, while other banks should implement these practices considering their own risk structure and strategies.
The bank should establish a clear and written remuneration policy in accordance with the following principles.
The bank should consider the impact of remuneration policies on financial soundness indicators such as capital and liquidity. In the case of a threat against capital adequacy or if needed, a more conservative policy should be followed.
Under the Regulation on Corporate Governance, bank directors and senior managers should ensure that remuneration policies are in line with the ethical values, strategic objectives and internal balances of the bank. In addition, Turkish banks are required to establish a remuneration committee.
Countries across the globe implement anti-money laundering (AML) and countering the financing of terrorism (CFT) measures to fight illicit finance. As part of the Financial Action Task Force (FATF), Turkey has adopted stiff AML/CFT regulations to shield its financial framework from illegal money flows and combat terrorist funding. AML and CFT measures are governed by Law No 5549 on the Prevention of Laundering Proceeds of Crime in Turkey. Alongside its amendments and its guidelines, this legislation defines the roles and tasks for key players like banks, designated non-financial organisations and government agencies.
Financial institutions serve crucially to detect and avert money laundering and terrorist financing. With policies, procedures and internal controls in place, organisations must identify and report suspect activity or transactions. Encompassed within these measures are customer due diligence, enhanced due diligence for high-risk clients, ongoing monitoring and document-keeping.
Compliance requires financial institutions to have a designated officer in charge of managing AML/CFT processes, including risk evaluations and personnel training. Organisations need to develop internal checks to determine how effective their AML/CFT procedures are.
Designated non-financial business and professions (DNFBP) such as lawyers, accountants, realtors and gemstone vendors in Turkey also fall under the purview of AML/CFT requirements. Transactions that are reported as suspicious must be followed up with Financial Crimes Investigation Board (MASAK), and transactional data needs to be preserved.
In accordance with AML and CFT requirements, MASAK ensures proper regulatory oversight and enforces conformity among financial institutions. Through inspections and audits, MASAK guarantees that financial institutions and DNFBPs comply with their responsibilities.
In order to combat these issues, Turkey has put into place efforts to boost global collaboration. To share data and collaborate on cases, MASAK has developed bilateral pacts and co-operation procedures with multiple nations. By taking part in several intergovernmental groups and projects focused on improving worldwide AML and combating CFT activities, Turkey has implemented robust measures to fight against money laundering and terrorist financing risks. Financial institutions and other organisations, such as DNFBPs, must work together to ensure the overall stability of the economy through adherence to regulations.
The BRSA oversees the depositor protection framework under Banking Law in Turkey. The BRSA performs a crucial function by ensuring the stability and integrity of the banking system and protecting depositors' rights. Regulatory bodies such as the CMB, MASAK and the Central Bank of the Republic of Turkey (CBRT) work in tandem.
The depositor protection regime safeguards a wide range of depositors and their deposits. Depositors, who can be businesses or individuals, are protected regardless of where they reside.
Protecting depositors' rights is the responsibility of the SDIF. Each depositor is protected up to TRY400,000 by deposit insurance at each bank. If a depositor has multiple accounts at the same bank, their coverage is capped. In the case of joint accounts, each depositor is covered individually. The depositor protection regime also covers foreign currency deposits, the coverage for which is calculated based on the exchange rate determined by the CBRT at the time of failure or withdrawal.
The depositor protection scheme in Turkey organised by SDIF ensures safety for bank depositors. By implementing various measures, the SDIF ensures the safety of depositors and the stability of the banking system. The BRSA and other regulatory agencies help the organisation fulfil its obligations.
Scheme Funding for Depositor Protection
The funding of the depositor protection scheme is essential for its long-term viability. In Turkey, the scheme is funded from various sources, including contributions from banks. The level of contributions depends on the SDIF-determined risk ratio and bank deposit size. Bank contributions contribute substantially to ensuring that the SDIF can protect depositors in the event of bank failures.
Aside from contributions from banks, other sources include recovery efforts from failed banks, investments and loans.
In addition to supervising and regulating the banking system, the BRSA is also responsible for ensuring the protection of depositors. As part of its responsibilities, it ensures that banks adhere to the provisions of the depositor protection scheme and takes appropriate measures to protect depositors' interests.
Importance of Depositor Protection
Protecting depositors is essential to maintaining the trustworthiness and stability of the banking system. With increased confidence, depositors save more, leading to financial stability promoted by banks. Robust safeguards against potential risks are offered by Turkey's deposit insurance system, bolstering both depositor trust and financial stability.
Enforcement and Sanctions
The BRSA has the authority to enforce the provisions of the depositor protection regime and impose sanctions on banks that fail to comply. The sanctions may include financial penalties, restrictions on banking activities, and disciplinary actions against bank executives and board members. These enforcement measures ensure the effectiveness and integrity of the depositor protection scheme.
The BRSA has established a comprehensive Regulation on Sharing of Secret Information (the “Secrecy Regulation”) regarding how banks share confidential information with each other. The Regulation aims to protect the rights of bank customers while allowing for necessary disclosures in specific circumstances. The purpose of this Regulation is to strike a balance between preserving customers' privacy and making disclosures when appropriate. It specifically describes the principles and methods for disclosing sensitive information. Both individuals and entities who have developed customer connections with banks are subject to Turkey's bank secrecy laws. The term "customer secret" is used generally and refers to any information that a person or organisation claims to be related to their financial situation. In addition, banks are required to protect the privacy of information they accept from other banks even if no customer relationship has been created.
Pursuant to the Article 4/3 of the Secrecy Regulation, the information covered by bank secrecy requirements includes any data specific to banking activities that is collected from customers after establishing a customer relationship. It is important to note that the confidentiality obligation also applies to information that identifies an individual as a customer of a bank, even if no formal customer relationship has been established.
While banking confidentiality is a general obligation, exceptions exist for disclosing confidential information under certain circumstances. These exceptions allow necessary disclosures while protecting customer privacy.
According to Article 5/1 of the Secrecy Regulation, disclosing secret information to those who are authorised by law, such as courts, tax authorities, the BFSA, SDIF and MASAK, does not constitute a breach of the obligation to keep the information secret.
Non-disclosure agreements play an important role in allowing the exchange of confidential information in specific situations listed in Articles 5/2, 5/3 and 5/4. These exceptions allow the exchange of information and documents between banks and financial institutions and through the Risk Centre established under the Banking Act. The exchange of information and documents on the sale of such shares for the purpose of informing potential buyers and for use in the valuation of assets, including loans and securities relating to such assets, provided that at least 10% of the Bank's capital is represented directly or indirectly does not constitute a violation. If the required administrative and technical procedures are used the disclosure of information and documents to individuals who perform services in the areas of valuation, rating, support services, and independent audit activities does not constitute a violation of confidentiality.
A breach of the obligation of banking secrecy can have serious consequences for the banks and the individuals involved. The Secrecy Regulation emphasises the continuity of the obligation to maintain secrecy, even if the person who has obtained the confidential information has left their position. Breaches of the obligation to maintain confidentiality may result in legal, criminal, and regulatory sanctions, including one to three years' criminal penalty.
Proportionality is a fundamental aspect of banking secrecy. It limits the scope of information exposed and guarantees that the scope of confidential information disclosure is appropriate to the purpose of the disclosure. In making disclosures, banks must demonstrate that the proportion of data disclosed is necessary to achieve the intended purpose. Where possible, methods of aggregation, de-identification or anonymisation methods should be used to disclose information.
The adoption of Basel III in law requires aligning legal provisions with international standards. The Turkish government and regulatory authorities have taken measures to ensure that Turkish banks adhere to the requirements of Basel III.
The implementation of robust risk management measures is essential to ensuring financial stability in an interconnected global economy. To achieve this goal, the Basel III standards have emerged as a crucial framework. The Basel III standards, developed by the Basel Committee on Banking Supervision (BCBS), aim to enhance the resilience of the global banking system. Following the financial crisis of 2008, these standards were developed to prevent a repeat of that event. Capital adequacy, supervisory review process, and market discipline and disclosure are the three main components of the framework.
Basel III is built on the following three pillars.
Turkey understands the significance of harmonising its financial sector rules with global standards, considering its membership of the G20. Turkey has integrated the principles of Basel III into its domestic banking regulations, namely the BRSA's Regulation on Banks Capitals and Regulation on Measurement and Assessment of Capital Adequacy of Banks. This marked a significant advancement in the BRSA's efforts to strengthen its banking industry and improve its risk management procedures.
One of the most significant changes that Basel III has brought about is changes in a bank's capital adequacy requirements. Turkish banks must maintain a minimum capital adequacy ratio of 12%, which is higher than the previous requirement of 8%. This increase ensures that banks are better prepared to withstand financial shocks by maintaining a strong capital base.
Basel III standards have also introduced stringent risk management rules in Turkey. Banks are required to conduct rigorous stress tests to assess their ability to withstand adverse economic conditions. This ensures that banks are adequately capitalised to absorb potential losses and maintain stability during periods of financial downturns. Additionally, Turkish banks are required to maintain higher levels of high-quality liquid assets stock sufficient to cover net cash outflows in the next 30 days to safeguard against liquidity risks. As a result of all these regulations, the bank's capital adequacy ratio was 19.5% in 2022, well above and stronger than minimum standards sets out in Basel III and local regulations.
Systemically Important Banks
Systemically important banks are essential to the development and expansion of the country's economy. However, their size and importance also pose serious hazards and regulatory concerns. On 23 February 2016, the BRSA issued the Regulation on Systemically Important Banks. This new Regulation introduces a method that relies on indicators to determine the significance of a bank in the system. Factors such as the banks size, level of interconnections, complexity and substitutability are taken into consideration using indicators and sub-indicators. Furthermore, this regulation imposes an additional requirement for equity capital ranging from 1% to 3% on banks that are identified as systemically important and mandates them to provide more comprehensive and timely reporting to regulators, shareholders and the public. This transparency ensures that risks are more visible and can be addressed promptly.
The Basel III standards are a crucial step towards the strengthening of the international banking system. The framework has enhanced the resilience of the banking industry in Turkey by increasing the capital requirements, improving the risk management procedures, developing liquidity standards and promoting transparency.
Resolving a Failing Bank
As a result of the authorisations granted to the BRSA by the Banking Law in Turkey, the BRSA has a very effective supervision and control mechanism over banks. The BRSA is authorised by the Banking Law to take measures by limiting and regulating the assets, receivables, shareholders' equity, debts and liabilities of banks and all other factors affecting the financial balance. Banks are obliged to comply with these regulations and to implement the measures requested by the BRSA within the specified period.
The BRSA has the authority to audit whether the restrictions and regulations against banks are implemented or not. The BRSA is intended to operate as an effective supervisory mechanism by conducting on-site inspections and checking the information, documents and reports requested from the banks. In line with all these provisions, it is understood that the primary purpose of the Turkish banking legislation on banks is to "prevent" the possibility of bank failure through an effective supervision mechanism.
Situations such as a bank's assets failing to meet its liabilities or failing to comply with regulations regarding liquidity, its profitability not being at a level sufficient to continue its activities safely, its funds being insufficient within the framework of the provisions regarding capital adequacy, or the possibility of this situation being realised are specified in the Law as situations that require measures to be taken. When the systematics of the Banking Law are analysed, it can be seen that the measures specified in Articles 68, 69 and 70 are qualitatively differentiated from each other as "corrective", "restrictive" or "remedial".
Corrective measures are defined as milder measures, such as increasing the bank's shareholders' equity, suspending dividend payments, restricting or stopping new investments and suspending loans to shareholders for a period of time. Remedial measures are defined as the disposal of long-term or fixed assets with an appropriate period, reduction in operating and administrative expenses, or the cessation of payments other than regular payments to the bank's employees under any name. Restrictive measures include more severe measures such as:
If the bank fails to take measures or the total value of its liabilities exceeds its total assets or the conditions specified in Article 71 of the Banking Law occur, the BDSA is authorised to revoke the operating licences of these banks or to transfer their shareholding rights excluding dividends and their management and supervision to the SDIF for partial or complete transfer, sale or merger, provided that the loss is deducted from the capital of the existing shareholders.
Pursuant to Article 106 of the Banking Law, in the event that the operating licence of a bank is revoked, its management and supervision shall be transferred to the SDIF, and the SDIF shall pay the insured deposits and insured participation funds and request the direct bankruptcy of the bank instead of the depositors and participation fund holders. Within this framework, the SDIF may request the partial or complete revocation of the bank's operating licence or assume its losses by providing financial support.
Implementation of the Financial Stability Board Effective Resolution Regime in Turkey
According to the Financial Sector Assessment Program's (FSAP) "Peer Review of Turkey" dated 19 November 2015; the FSAP concluded that the bank resolution and deposit insurance frameworks in Turkey were well designed, reflecting the experience gained from the 2000-01 banking crisis. In particular, the 2005 Banking Law had significantly improved procedures for the resolution of failing banks. It examines:
Substantial reforms have been implemented in the resolution regime since the banking crisis of 2000-01, during which several Turkish banks faced failure. These improvements were particularly notable in the 2005 Banking Law reform, which enhanced the procedures for handling failing banks. Since 2005, only one bank resolution case has occurred, involving a small bank in May 2015. As a result, the current framework's effectiveness remains untested in handling the failure of a bank with the potential to create systemic risks.
The key authorities (KAs) advise that authorities should ensure that there are recovery and resolution plans in place for all domestic banks that could be systemic in the event of failure. Furthermore, authorities should have powers to require banks to adopt measures to improve their resolvability.
At present, the existing framework lacks both of these provisions. There is no existing obligation for banks to create and uphold recovery plans, and the authorities lack the legal authority to conduct resolution planning or mandate a bank to eliminate impediments to resolution, except in cases where the bank is already undergoing resolution and is under the supervision of the SDIF. Resolution planning is initiated solely when the BRSA informs the SDIF that a bank has been instructed to implement corrective, remedial or restrictive measures.
At that point, when it becomes likely that resolution may be required, the SDIF develops a Resolution Action Plan, which includes alternative bank-specific resolution plans; a verification process for determining the number of insured deposits to be covered; and plans for the rapid deployment of personnel for the safeguarding of information technology systems and data of the bank. However, this falls short of the resolution planning specified in the Key Attributes, and the authorities do not have a framework by which they identify banks that are likely to be systemic in the event of failure for resolution purposes.
Deposits in the Case of Insolvency
In accordance with Article 63 of the Banking Law, savings deposits and participation funds held by natural persons in credit institutions are subject to insurance provided by the SDIF. The specific coverage amount is determined by the SDIF Board, following approval from the Central Bank, the BRSA and the Treasury. For the year 2023, savings deposits and participation funds not related to commercial transactions are insured up to TRY400,000 per individual. The SDIF establishes the risk-based insurance premium tariff, collection schedule, methodology, and other related terms after consulting with the BRSA.
To ensure a banking environment the BRSA has recently implemented a range of regulations and guidelines for operations in digital banking.
As digital banking continues to grow, it is crucial to establish frameworks that protect the security and integrity of financial transactions. In Turkey, the regulatory framework governing banking is primarily based on Law No 6493, which addresses Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions.
Furthermore, the Regulation on Remote Identification Methods for Use via Banks and the Establishment of Contractual Relationships in an Electronic Environment was introduced through publication in the Gazette on 4 January 2021. This Regulation outlines remote identification techniques that banks can employ to onboard customers and establish relationships using digital communication devices instead of traditional paperwork. It offers a framework that supports banking services while ensuring compliance with international standards.
Monetary transparency is crucial for KYC guidelines, as they prevent various types of financial crimes. With stronger KYC measures in place, financial institutions will be able to verify their customers’ identities, perform due diligence on them to determine their risk profile, and showcase their activities. KYC helps to prevent money laundering, fraud, identity theft and other monetary crimes that can have devastating consequences for both customers and financial institutions. Digital banks have to gather up-to-date and accurate details of customers, such as name, address, birth date, as well as documents of identification.
The BRSA has also published a draft communiqué regarding the efficient handling of climate-driven finance-related risks in banks. The aim of these guidelines is to provide guidance on how to manage the climate-related financial risks related to the Turkish banking system. The rules state that banks must apply the principles accordingly to the size of the banks, organisational structure and complexity of business activities. The guidelines are aligned with the objective of the BRSA to reduce environmental and social risks that endanger financial stability and promote the transition to a low carbon state.
In recent years, as the concept of sustainability has gained importance, ESG (environmental, social and governance) has also gained great importance. ESG refers to making investment decisions by considering environmental awareness, social impact and corporate governance issues.
Since 2015, the size of global investment funds considering ESG criteria has tripled. In a very short period of time, ESG criteria will become a prerequisite for access to finance, and companies that do not take these criteria into account will find it very difficult to compete in national and international markets.
Financing activities constitute one of the most important activities in the process of decarbonising, or in other words, transitioning to a greener economy. Sustainable banking efforts to tackle environmental and social problems in Turkey accelerated with the signing of the Paris Climate Agreement.
The increasing awareness of how to manage environmental and social risks in the banking system in Turkey has led to numerous banks developing practices in this area or attempting to build capacity. Fifteen banks, accounting for 62% of the sector's share, have established an environmental and social risk assessment system to conduct risk assessments on a project and client-specific basis. Some banks even conduct portfolio-level analyses such as scoring, heat mapping, stress testing, scenario analysis, or work on building capacity in these areas.
Despite the practices within the sector and the steps taken by authorities, the concept of sustainable finance in Turkey has not progressed in parallel with the banking industry's level of development and diversity. The obstacles to this development can be categorised into two main areas: structural and institutional.
The structural issues primarily involve uncertainties in the macroeconomic environment, low national savings rate, and the banking sector's short-term funding structure. These problems significantly limit banks in building corporate capacities for sustainability, accessing long-term funds, and, consequently, providing the essential long-term financing needed for sustainable investments.
One of the main institutional problems is the lack of a green classification for economic activities. The lack of a classification prevents the labelling of assets, liabilities and financial instruments in terms of sustainability and the production of consistent and reliable data on sustainability, making it difficult to carry out assessments and formulate policies.
For these reasons, the Turkish banking sector needs legislative regulations that can improve its weaknesses in order to provide ESG criteria in terms of sustainability. The sector's short-term funding structure, the absence of taxonomy leading to deficiencies in green asset identification and classification, the inability to provide comparable and reliable data, the absence of necessary standards for regulation and supervision in the field of sustainable finance, and the lack of adequate analytical capacity regarding climate change are the weakest points hindering the fulfilment of these criteria.
Therefore, the priority is to make the necessary legislative amendments to improve these issues.
Levent Mh. Yapı Kredi Plaza B Blok
Kat:11 Beşiktaş
İstanbul
Turkey
+90 212 216 40 00
info@aktay.av.tr www.aktay.av.trDigital Banking
The banking industry in Turkey has been undergoing a transformation for a number of years due to the rise of digital banking. This article explores what has driven this shift, the framework established by the Banking Regulation and Supervision Agency (BRSA) and how digital banking has impacted the banking landscape in Turkey.
Digital banking has revolutionised the sector by changing how individuals and businesses manage their money. It applies to the provision of banking services through channels like apps, websites and digital payment solutions. In Turkey, digital banking has gained popularity due to its convenience, accessibility and ability to provide experiences for customers. The emergence of online banks allows customers to conduct most of their transactions electronically without needing local branches. This transition to digital banking brings advantages such as convenience, accessibility and cost effectiveness.
The BRSA has played a role in promoting and overseeing digital banking in Turkey. To create a safe banking environment, the BDDK has implemented various regulations and guidelines to ensure smooth digital banking operations. As a result, digital banking has gained popularity among Turkish consumers.
However, with the growth of digital banking, it is essential to establish strong regulatory frameworks to safeguard the security and integrity of financial transactions. One crucial aspect in this regard is adhering to know your customer (KYC) regulations. KYC refers to the process of verifying the identity of customers before establishing a business relationship with them. It is a critical component of anti-money laundering (AML) and counter-terrorism financing (CTF) efforts, aimed at preventing financial crimes and ensuring the integrity of the financial system.
The regulatory framework governing digital banking in Turkey is mainly based on Law No 6493 on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions. This comprehensive regulation provides a solid foundation for digital banking services and ensures compliance with international standards.
The role of KYC in financial transparency
KYC guidelines play a crucial role in promoting monetary transparency and preventing financial crimes. By enforcing robust KYC procedures, financial establishments can verify the identification of their customers, assess their risk profile, and review their transactions for suspicious activity. KYC facilitates the prevention of money laundering, fraud, identity theft, and other monetary crimes that can have severe outcomes for both clients and financial establishments.
The first step in KYC is verifying the identity of customers. Digital banks must collect accurate and up-to-date information about their customers, including their name, address, date of birth and identification documents. This information is crucial for establishing the customer’s identity and conducting ongoing due diligence. KYC also involves assessing the risk profile of customers. Different customers pose varying levels of risk based on factors such as their occupation, source of funds and country of residence. Digital banks must classify their customers into different risk categories, such as low, medium or high risk, and implement appropriate risk mitigation measures based on these assessments.
Regulatory requirements for digital banks
KYC (know your customer) regulations
Digital banks are subject to various regulatory requirements to ensure compliance with KYC regulations. These requirements aim to prevent financial crimes, protect customer data, and maintain the integrity of the financial system. In this section, the authors will explore some of the key regulatory requirements that digital banks must adhere to.
With the amendment of the second paragraph of Article 76 of the Banking Law by Law No 7247 (the “Banking Law”), banks are now capable of acquiring customers remotely and through digital methods. Subsequently, with the Regulation on Remote Identification Methods to be Used Use by Banks and the Establishment of Contractual Relationships in an Electronic Environment (the “Regulation”) published in the Official Gazette on 4 January 2021, procedures regarding the remote identification techniques that banks can make use of to acquire new customers and set up contractual relationships through replacing written paperwork with information or digital communication devices have been regulated.
In accordance with Article 4 of this Regulation, remote identification takes place by way of online video calls, without the need for the customer representative and the person to be in one another’s presence. The methods and systems for use for remote identification are considered to be important. The remote identification process must be carried out by expert customer representatives. According to Article 9 of the Regulation, the video call phase of remote identification will be terminated if visual verification and/or verbal communication with the person is not possible due to issues such as poor lighting, low image quality and other similar issues. After the remote identification is completed, the customer’s declaration of intent must be obtained through internet banking or mobile banking distribution channels. To establish a contractual relationship that may replace the written form, the relevant contractual terms must be sent to the customer through internet banking or mobile banking channels in a format that can be easily read. Upon receipt of the customer’s declaration of intent to establish the contract, it should be signed using the customer’s encrypted secret key, as specified by the legislation.
Although these KYC regulations are essential for ensuring the integrity of the financial system, they also present challenges for digital banks. The authors will now explore some of the challenges and opportunities faced by digital banks in implementing KYC procedures.
One of the challenges faced by digital banks is the process of digital onboarding. Traditional banks can verify the identity of customers through in-person meetings and physical documents. In contrast, digital banks must rely on digital channels for customer onboarding, which can be susceptible to fraud and impersonation. However, advancements in technology, such as remote video identification and biometric authentication, provide opportunities for digital banks to streamline the onboarding process while ensuring compliance with KYC regulations.
Also, digital banks must prioritise data privacy and security to protect customer information from unauthorised access or data breaches. They must implement robust cybersecurity measures, encrypt customer data, and comply with data protection regulations, such as the General Data Protection Regulation (GDPR) and Law No 6698 on the Protection of Personal Data (LPPD). By ensuring data privacy and security, digital banks can build trust with their customers and maintain the integrity of their KYC procedures.
KYC regulations play a vital role in ensuring the integrity of the financial system and preventing financial crimes in the digital banking landscape. Digital banks must comply with regulatory requirements, such as obtaining a banking licence, conducting customer due diligence, and maintaining comprehensive records. While KYC presents challenges for digital banks, advancements in technology and collaboration with regulatory authorities offer opportunities for streamlining KYC procedures and enhancing the customer experience. By prioritising data privacy, security and compliance, digital banks can build trust with their customers and contribute to a safer and more transparent financial ecosystem.
Banking licence and capital requirements
In Turkey, digital banks are required to have a banking licence from the BRSA as the regulatory authority. The licensing of digital banks requires compliance with set criteria, which include capital requirement as one element. Under Turkish law, digital banks must raise a minimum capital of TRY1 billion. For this reason, digital banks must be well financed in order to guarantee the proper functioning and provision of sufficient services for their clients.
Customer due diligence (CDD)
Digital banks are required to conduct thorough customer due diligence (CDD) as part of their KYC procedures. CDD involves verifying the identity of customers, assessing their risk profile, and obtaining information about the nature and purpose of the business relationship. Digital banks must collect and verify customer information, including identification documents, proof of address, and source of funds. They must also conduct ongoing monitoring of customer transactions to detect any suspicious activities.
The digital banks should have complete records on their KYC processes and customer details. The records should contain all pertinent documents including personal identification, transaction papers, due diligence findings, and current monitoring reports. Records should be kept in compliance with the regulatory requirements and be obtainable to the inspecting authority.
Reporting obligations
All digital banks must comply with all statutory disclosures that are mandated by the regulators. In particular, they are expected to report any suspicious transaction or activity to either the Financial Crimes Investigation Board (MASAK) or the relevant authority. While conducting KYC, reporting suspected money laundering transactions is very important in ensuring the proper detection and prevention of money laundering and other related financial crimes by the authorities.
Digital wallet
The digital wallet offers the opportunity to simplify, speed up and secure payment processes and is changing the way financial transactions are conducted. The “digital wallet” has also gained legal regulation with the Regulation Amending the Regulation on Payment Services and Electronic Money Issuance and Payment Service Providers published in the Official Gazette on 7 October 2023.
In order to provide digital wallet services, providers must:
Conclusion
There are many benefits of digital banking for both the customers and the banks. Digital banking provides 24/7 access to banking services for clients, eliminating the need for physical visits to branches and enabling fast operations, while banks enjoy and the benefits low operational costs, better efficiency and more personalised services that are tailored to meet each customer’s need.
Digital banking has upended the conventional banking industry in Turkey. Digital-only banks and fintech start-ups have added to the rivalry of traditional banks. In order to ensure they remain ahead of their competition, traditional banks have been forced to invest in digital infrastructure and make their online and mobile banking platforms very user friendly as well as create new and more advanced financial products and services.
Project Finance
The growth of the Turkish project finance market can be traced back to the banking crisis of 2001. It gained significant momentum, especially after 2012, due to the increase in foreign direct investment and the government’s involvement in public-private partnership (PPP). The government actively promoted investments, focusing on key sectors such as energy, infrastructure and healthcare projects.
The Turkish banking sector quickly adapted to this emerging trend in financing. Today, all major banks, as well as most small and medium-sized banks, have established dedicated project finance departments. These departments employ a substantial number of project finance experts, including lawyers experienced in the field. As a result, the market has matured considerably, and there is a wealth of expertise encompassing a wide array of project financings.
Private sector project financings and PPP project financings are both swiftly expanding financing models in Turkey, with robust backing from the government across diverse sectors, ranging from energy to healthcare. Turkey has legislation in place that supports various PPP models, including build-operate-transfer, transfer of operational rights, build-operate, and build-lease-transfer.
For instance, electricity generation projects are typically implemented using the build-operate model, infrastructure projects commonly follow the build-operate-transfer model, and healthcare projects are usually executed through the build-lease-transfer model.
The prevalent project financing structures in Turkey encompass the conventional loan structure model, the borrowing base model, and the mega-project PPP model. While alternative methods like fundraising through leasing and capital market instruments, such as bonds and project finance funds, are accessible, they are not widely favoured. Additionally, the use of direct agreements, which govern the lenders’ involvement in the project contracts, may be pertinent, contingent upon the specific project and the loan amount involved.
BRSA Releases Communiqué on Green Asset Ratio
The Communiqué on the green asset ratio (GAR), which is one of the most significant recent efforts of the BDSA in terms of sustainability and compliance with the European Green Deal, was published on 1 October 2023. The GAR concept aims to measure the contribution of banks to their climate-related goals and is a calculation method that the European Banking Authority has been working on and has recommended to supervisory authorities.
The calculation of the GAR requires the classification of financial assets according to the “technical screening criteria”, “no significant harm to the environment criteria” and “minimum safeguards criteria” in the EU taxonomy. Therefore, when examining the relevant Communiqué and its annexes, it can be seen that its classification system is in line with that of the EU taxonomy.
This classification methodology can serve as a temporary taxonomy for the banking sector, other financial institutions, relevant authorities and real sector companies until Turkey's national taxonomy comes into effect.
Under the Communiqué, loans for activities that meet the “technical screening criteria” will be classified as "compatible assets" and will be taken into account in the calculation of the GAR.
As a result of all these developments, the Communiqué aims to increase the contribution of the Turkish banking sector to environmental sustainability and to enable banks to analyse and manage their climate-related financial risks. In this way, the performance of organisations in relation to sustainability will become comparable and investments within the country will be directed to green areas.
Draft Guidelines on Effective Management of Climate-Related Financial Risks by Banks
On 27 September 2023, the BRSA published the Draft Guidelines on Effective Management of Climate-Related Financial Risks by Banks (the “Guidelines”). The purpose of the Guidelines is to set out the basic principles regarding the policies, processes and activities that will enable banks subject to the Turkish banking system to effectively manage their climate-related financial risks.
Pursuant to the Guidelines, banks should implement their duties and responsibilities regarding the relevant principles in a “proportionate” manner, taking into account their financial size, corporate structure, and the scope and complexity of their activities.
The Guidelines, which are directly related to the BRSA’s mission to minimise environmental and social risks that may threaten financial stability due to their impact on the banking sector and to play a guiding, facilitating, encouraging and educational role for the banking sector in financing the transition to a low-carbon economy, is only a road map for now.
Considering the other studies carried out by the BRSA, it is clear that these Guidelines will contribute to the objectives of effectively managing the financial risks encountered in the climate change process and increasing co-operation with relevant parties in the field.
Levent Mh. Yapı Kredi Plaza B Blok
Kat:11 Beşiktaş
İstanbul
Turkey
+90 212 216 40 00
info@aktay.av.tr www.aktay.av.tr