NEWS & INSIGHTS
Up-to-date.

  • Home
  • News & Insights
  • Turkey's Crypto Law now in effect: Key updates and compliance requirements
Insights

Turkey's Crypto Law now in effect: Key updates and compliance requirements

July 2024 – On 2 July 2024, Turkey enacted new provisions to its Capital Markets Law to regulate crypto assets (“Crypto Law”). These provisions, published in the Official Gazette, grant the Capital Markets Board of Turkey ("CMB") the authority to supervise crypto asset service providers ("Service Providers").

What do the new provisions cover?

The primary focus of the Crypto Law is to regulate the following key areas:

  • defining the core concepts, such as crypto assets, wallets, platforms and Service Providers;
  • outlining the obligations and principles for Service Providers;
  • defining the rules for transactions conducted with customers;
  • establishing principles for the transfer and storage of crypto assets;
  • implementing oversight of Service Providers and detailing sanctions for non-compliance.

The Crypto Law makes it clear that its scope does not cover crypto assets that do not provide rights specific to capital market instruments or those that are traded on platforms that do not follow the principles set forth in the law.

How does the Crypto Law define the relevant terms?

Crypto Assets: "Intangible assets that can be created and stored electronically using distributed ledger technology or similar technology, distributed over digital networks, and that can attribute value or rights."

Wallets: "Systems, such as software and hardware, that enable the transfer or storage of Crypto Assets."

Platforms: "Organizations where transactions such as the purchase, sale, first sale, and exchange of Crypto Assets are carried out."

Service Providers: "Platforms, Crypto Asset custodians and other entities designated to provide services in relation to Crypto Assets, including the initial sale or distribution of Crypto Assets."

What are the obligations of Service Providers?

Under the Crypto Law, the main obligations for Service Providers are as follows:

  • Obligation to obtain an incorporation and operation permit: Service Providers must obtain permission from the CMB to be established and to commence operations in Turkey.
  • Obligation to establish an internal control and information system: Service Providers must take the necessary arrangements and measures and establish the necessary internal control units to ensure that transactions are carried out in a reliable, transparent, effective, stable, fair, honest and competitive manner.
  • Obligation to pay revenue share: Each year, 1% of all revenues generated by the Platforms, excluding interest income accrued in the previous year, must be transferred to the CMB and to the budget of the Scientific and Research Council of Turkey (“TÜBİTAK”).

What activities of foreign platforms are prohibited?

The Crypto Law prohibits certain activities related to Crypto Asset services offered by Platforms established in foreign countries. These prohibited activities, defined as "Unauthorised Activity by Service Provider," include:

  • opening a business in Turkey related to Crypto Asset services;
  • creating a website in Turkish for Crypto Asset services;
  • undertaking promotional and marketing activities directly or through persons or institutions resident in Turkey for Crypto Asset services offered by foreign Platforms.

Any activities directed at Turkish residents by foreign Platforms or the provision of services related to Crypto Assets to residents in Turkey, which are prohibited by CMB regulations, are considered unauthorised.

What does the Crypto Law stipulate about customer agreements?

The Crypto Law introduces principles for agreements between Services Providers and customers:

  • agreements must be in writing;
  • customer agreements may be concluded remotely, but methods verifying customer identity must be used;
  • any contractual terms that eliminate or limit the Service Provider’s liability against customers are invalid;
  • records of customer transactions, including Wallets for crypto asset transfers and accounts for fund transfers, must be maintained.

Can Service Providers store customers’ Crypto Assets?

The Crypto Law mandates that Crypto Assets belonging to customers must be stored in their own Wallets. Service Providers are explicitly prohibited from storing customers' Crypto Assets in their own Wallets.

The Crypto Law also allows customers to engage the services of specialised organisations that offer “Crypto Asset custody services". These services encompass the storage, management, and other permitted custody services related to Crypto Assets. According to the Crypto Law, Crypto Asset custody services can be provided by:

  • banks authorised by the Banking Regulation and Supervision Authority, or
  • Institutions authorised by the CMB.

Can Crypto Assets be subject to execution or judicial proceedings?

Crypto Assets can be seized, pledged, or subject to precautionary measures. However, according to the Crypto Law, the cash and Crypto Assets belonging to customers must be kept separate from the assets of Service Providers. Therefore, under Crypto Law, the cash and Crypto Assets held by Service Providers on behalf of customers cannot be seized, pledged, or subjected to any precautionary measures due to debts incurred by the Service Providers, or vice versa.

What sanctions may be imposed for non-compliance with the Crypto Law?

The Crypto Law empowers the CMB to impose the following sanctions for non-compliance on those who engage in unauthorised activities:

  • suspension of activities;
  • removal of content and/or blocking of access;
  • minimum fine of TRY 246,511.47 and maximum fine of TRY 3,081,378.30 (approx. EUR 7,000 to 90,000);
  • imprisonment from three years to five years and a judicial fine from five thousand days to ten thousand days for natural person Service Providers and officials of legal entity Service Providers.

Announcement by the Capital Markets Board

On 2 July 2024, the CMB issued an important announcement outlining the key requirements for the existing Platforms and Service Providers that are based in Turkey or abroad to ensure their compliance with the Crypto Law:

  • Notification Requirement: Existing Service Providers must submit a written notification to the CMB by 2 August 2024. This notification should include all necessary information, documents, and explanations.
  • Liquidation Decision: Institutions that do not intend to continue their activities in Turkey must make a liquidation decision within three months, ensuring no harm to customer interests.
  • Termination for Foreign Providers: Service Providers based abroad must cease activities for residents in Turkey by 10 October 2024.
  • Pre-Operation Declarations: Institutions planning to commence operations after the enactment of the Crypto Law, but before secondary regulations are issued, must submit written declarations to the CMB. These declarations should include all required information, documents, and explanations.
  • ATM and Electronic Device Activities: Operations of automated teller machines (ATMs) and similar electronic devices in Turkey facilitating the conversion of Crypto Assets into cash or vice versa must cease by 2 October 2024.
  • Failure to comply with these obligations as specified in the Crypto Law may result in the imposition of sanctions in accordance with applicable legal provisions.

What comes next for Crypto Asset regulation?

The CMB is expected to issue secondary regulations on Crypto Assets in the near future. These regulations will provide detailed guidance on various aspects, including the establishment of Service Providers, procedures and principles regarding regulatory licences, liabilities, information systems, customer agreements, and share transfers.

During this period, Service Providers and/or Platforms engaged in Crypto Asset transactions with customers must prioritise compliance. It is essential for them to initiate the compliance process and apply to the CMB to ensure lawful operation in Turkey.