Turkish Regulation On Crypto Assets Has Become A part Of Capital Markets Law (No.6362)

The Draft Law on the Amendment of the Capital Markets Law, which includes regulations on crypto assets, was accepted by the General Assembly of the Grand National Assembly of Turkey and became law. Date 26 June 2024.

With the accepted law, definitions of crypto asset regulations are now has become a part of current Capital Markets Law.

Accordingly, “wallet” is defined as software, hardware, systems or applications that enable the transfer of crypto assets and the storage of these assets or the private and public keys related to these assets online or offline. According to the accepted law, “crypto assets” are defined as intangible assets that can be created and stored electronically using distributed ledger technology or a similar technology, distributed over digital networks, and can express value or rights.

“Crypto asset service provider” includes platforms, crypto asset custodial service providers and other organizations designated to provide services related to crypto assets, including the initial sale or distribution of crypto assets, in the regulations to be made on the basis of this Law, while “crypto asset custodian” means the storage of the crypto assets of the platform customers or the private keys that provide the right to transfer these assets from the wallet,  management or other custodial services to be determined by the Capital Markets Board (CMB).

“Platform” is defined as institutions where crypto asset trading, initial sale or distribution, exchange, transfer, custody required by them and one or more of the other transactions that can be determined are carried out.

It is aimed to authorize the Board to determine the principles for the issuance of capital market instruments as crypto assets without being included in the Central Registry Agency (CRA) system. Accordingly, the Board will be able to determine the principles regarding the issuance of capital market instruments as crypto assets instead of being issued and monitored by the MKK in accordance with the provisions of this article, and their recording monitoring in the electronic environment provided by the service providers where they are created and stored.

In case of issuance of capital market instruments as crypto assets; In the monitoring, assertion and transfer of rights against third parties, the records in the electronic environment in which crypto assets are created and stored will be taken as basis. The Board will be able to require integration between these electronic records and the CRA system. The procedures and principles regarding the implementation of this regulation will be determined by the Board.

– Crypto-asset service providers

According to the regulation, crypto asset service providers will be required to obtain permission from the Board in order to establish and start operating. They will exclusively carry out the activities to be determined by the Board. The Board will determine the principles regarding their establishment and commencement of activities, partners, managers, personnel, organization, capital and capital adequacy, liabilities, information systems and technological infrastructures, share transfers, activities they can carry out, temporary or permanent suspension of their activities, and other principles and principles to be followed during their activities. It will be obligatory to obtain the permission of the Board for share transfers.

Transfers made in violation of these regulations will not be recorded in the share book and entries made in the share book in violation of this provision will be deemed null and void.

Crypto asset service providers will be obliged to make the necessary arrangements, take precautions and establish the necessary internal control units and systems for the secure management of their systems. In order for crypto-asset service providers to be allowed to establish and/or start their activities by the Board, compliance with the criteria to be determined by TÜBİTAK in terms of information systems and technological infrastructures will be sought.

The conditions that the partners of crypto-asset service providers must meet are also stipulated by law. Accordingly, in addition to the conditions that the partners of the crypto asset service providers are not bankrupt, have not declared a concordat, have not approved the restructuring application by reconciliation or have not been given a decision to postpone bankruptcy, they must not have a final conviction for the crimes listed in the relevant laws, and the transaction is not prohibited; On the other hand, they will have the necessary financial strength and the honesty and reputation required by the job, and the partnership structure will have to be transparent and open.

The law aims to provide the partners and board members of the platforms with the necessary financial power and the honesty and reputation required by the business by imposing some minimum conditions similar to other capital market institutions.

Buying and selling crypto assets through platforms and making their first sale or distribution; The authority to regulate the procedures and principles regarding the exchange, transfer and storage of crypto assets is given to the CMB.

Crypto asset service providers will not be subject to other provisions of the Law other than the provisions referred to. Within the scope of the relevant paragraphs of the Law, the Board will be authorized to regulate and direct the implementation by establishing regulatory procedures and taking special decisions. Pursuant to the relevant articles of the Law, the Board will seek the opinion of the Banking Regulation and Supervision Agency (BRSA) for regulations that will impose obligations on banks.

The CMB will be authorized to establish regulatory procedures, take special and general decisions, and impose measures and sanctions regarding crypto assets that provide rights specific to capital market instruments. The Board will be able to determine the principles for the sale or distribution of crypto assets, which are created by the development of distributed ledger technology or a similar technological infrastructure, and whose value cannot be separated from this technology, without being subject to the provisions of the Law on capital market instruments, except for crypto assets that provide rights specific to capital market instruments. In order to evaluate in terms of technical criteria during the determination of crypto assets that will be subject to these principles, it will be able to request technical reports from TÜBİTAK or related institutions and organizations affiliated with ministries and other public institutions. In this context, the approval of the technological features of a crypto asset and allowing their sale or distribution will not mean that they are guaranteed to the public. The relations between those who collect money from the public through the sale or distribution of these crypto assets and those who fund them will be subject to general provisions. Real and legal persons who sign all kinds of information documents prepared and announced in a manner to be determined by the Board during these transactions will be severally liable for damages arising from incorrect, misleading or incomplete information contained in these documents.

The duties and powers of institutions and organizations arising from other legislation regarding crypto assets will be reserved. The provisions of this law will not be applied to crypto assets other than crypto assets traded on platforms within the scope of the regulation. The provisions of the Law on the Protection of the Value of the Turkish Currency and the relevant legislation regarding all kinds of transactions made with crypto assets will be reserved. The Law on Movable Pledge in Commercial Transactions will not be applied to pledge contracts involving crypto assets.

– Prices will be freely formed on the platforms

The law regulates the activities of crypto asset service providers and the principles regarding the transfer and custody of crypto assets.

Accordingly, the contracts signed between crypto asset service providers and customers who want to make transactions in them can be established in writing or by using remote communication tools, whether or not they can be replaced by the written form, and which the Board determines to be a substitute for the written form, and which will be carried out through an information or electronic communication device and which will allow the verification of the customer’s identity, and the procedures and principles related to this are determined by the Board. to be determined by.

The Board will be able to make determinations regarding the regulation, scope, amendment, fees and expenses, expiration and termination of the contract between crypto asset service providers and their customers, and the minimum issues that should be included in the content of these contracts. Any contractual terms that eliminate or limit the liability of crypto-asset service providers to their customers will be deemed invalid. Platforms will be obliged to establish internal mechanisms to effectively resolve their customers’ objections and complaints regarding their transactions. Crypto asset service providers will be obliged to identify customers within the scope of the provisions of the Law on the Prevention of Laundering Proceeds of Crime and other relevant legislation.

It will be obligatory for the platforms to establish a written listing procedure for determining the crypto assets to be traded or to be sold or distributed for the first time and to terminate their trading; principles and principles may be regulated by the Board in this regard. In the principles and principles to be determined, technical criteria regarding the technological properties of crypto assets can be included by taking the opinion of TÜBİTAK or other institutions and organizations deemed necessary. The fact that a crypto asset is listed by platforms will not mean that they are guaranteed to the public.

Prices will be formed freely on the platforms. In order to ensure that transactions are carried out in a reliable, transparent, effective, stable, fair, honest and competitive manner, to detect, prevent and prevent the recurrence of market-distorting actions and transactions, the platforms will determine the order and transaction principles, establish the necessary surveillance system within their bodies and take all kinds of preventive measures.

– Transaction records

It will be obliged to make determinations regarding market-distorting actions and transactions carried out on the Platform, to take the necessary measures, including restricting, suspending and closing the accounts that carry out such actions and transactions, and to report the findings to the Board by linking them to a report.

Disputes between the parties arising from the relations between the platforms and their customers and the transactions carried out on the platforms will be subject to the general provisions. The fact that the platforms have been granted an operating license by the Board does not mean that the transactions are under the guarantee of the public. Crypto assets will not be subject to investor indemnification provisions.

Records of the wallets where customers’ crypto asset transfers are made and the accounts where fund transfers are made will be kept by crypto asset service providers in a secure, accessible and traceable manner. The integrity, accuracy and confidentiality of all transaction records will be ensured. In the crypto asset transfer transactions of customers, the regulations made by the Board and the Financial Crimes Investigation Board will be followed. The information and data envisaged to be included in the transfer messages regarding the sender and receiver will be sent securely by the crypto asset service providers within the periods specified in the regulations. For this purpose, software applications and technological tools that enable messaging, such as distributed ledger technology, another independent messaging platform or application interface, can be used.

It will be essential to keep the crypto assets of the customers’ customers in the customers’ own wallets. Crypto assets stored in banks and cash belonging to customers within this scope will not be subject to the provisions of insurance of deposits and participation funds regulated in Article 63 of the Banking Law.

It will be obligatory to provide custody services for crypto assets that customers do not prefer to keep in their own wallets by banks authorized in accordance with the regulation to be made by the Board and approved by the BRSA or by institutions authorized by the Board to provide crypto asset custody services, and to keep the cash belonging to customers in banks. The Board will be authorized to determine separate principles for each crypto asset or within the scope of the technological features on which they are based or the quality and quantity of crypto assets.

Cash and crypto assets belonging to customers will be separate from the assets of crypto asset service providers, and records will be kept in accordance with this regulation. Customers’ cash and crypto assets cannot be seized, pledged, included in the bankruptcy estate, and injunctions cannot be placed on them due to the debts of crypto asset service providers, and the assets of crypto asset service providers cannot be seized, pledged, included in the bankruptcy table, even if they are for public receivables due to the debts of customers.

The procedures and principles regarding investment consultancy and portfolio management for crypto assets will be determined by the CMB.

Crypto asset service providers will comply with the principles determined by the Board regarding their publications, announcements, advertisements and announcements and all kinds of commercial communication.

Crypto asset service providers will be given a certificate of authorization showing the activities they will perform. The approval of the BRSA will be sought for banks.

According to the Law on the Amendment of the Capital Markets Law, which includes regulations on crypto assets adopted by the General Assembly of the Grand National Assembly of Turkey, it will be essential to monitor customer cash held by banks separately from the investment institution’s own cash assets in individual accounts or accounts to be opened for the customers of the relevant investment institution.

The principles regarding the settlement of customer accounts in banks will be determined by the CMB. Customer accounts cannot be shown as loan collateral, and blockages, pledges and similar encumbrances cannot be established on these accounts in favor of the investment institution. Banks’ liability in this context will be limited to the notifications made by investment institutions. All kinds of administrative and judicial requests such as measures, seizures and similar requests regarding the customers whose balances are included in these accounts will be exclusively notified to the relevant investment institution and fulfilled by the investment institution.

Accounts opened by investment institutions with banks for customer cash will be tracked in a separate account in bank accounting. Banks will be obliged to notify the Board in the form and frequency determined by the Board regarding the accounts in which the cash of investment institution customers is recorded. This obligation can also be fulfilled through a system allocated to the Board by the Banking Regulation and Supervision Agency (BRSA).

– Obligation for service providers to be a member of the Turkish Capital Markets Association

Crowdfunding platforms and crypto-asset service providers will be required to be members of the Turkish Capital Markets Association. In this way, it will be ensured that they are represented within a professional organization and that they can communicate with the sector through a single common point. In addition, it is aimed to benefit from the self-regulatory function of the Turkish Capital Markets Association in ensuring the self-discipline of the sectors.

The law stipulates the measures to be applied if it is determined that unauthorized capital market activities are carried out via the internet. Accordingly, in accordance with the abolition of the domestic-international distinction in crimes where it may be decided to remove the content or block access due to the problems experienced in determining the content or hosting provider of the publications subject to the crime committed on the internet, the distinction between domestic and international is also abolished in the execution of unauthorized capital market activities via the internet. The measure to remove content is added to the measures to be implemented.

When it is determined that unauthorized capital market activities are carried out via the internet, the Board will decide to remove the content or block access to the publications made via the internet and will be sent to the Access Providers Association for implementation.

– Measures to be applied in the activities of crypto-asset service providers

The law also regulates the measures to be applied in the activities of crypto asset service providers.

Carrying out activities for persons residing in Turkey by platforms located abroad or offering a prohibited activity related to crypto assets to persons residing in Turkey within the scope of the regulations to be made by the Board will also be considered as unauthorized crypto asset service providers. In the presence of any of the situations in which a business is opened in Turkey by platforms located abroad, a Turkish website is created, promotional and marketing activities are carried out directly or through persons or institutions residing in Turkey regarding the crypto asset services offered, the activities will be deemed to be aimed at persons residing in Turkey. Additional criteria for determining that the activities are aimed at persons residing in Turkey may be determined by the Board.

In the event that it is determined that crypto asset service providers are unable to fulfill their cash payment and crypto asset delivery obligations arising from their activities or cannot fulfill them in a short time, or that their financial structures are seriously weakening independently of these, or that their financial situation is too weak to meet their commitments, the Board may request the strengthening of their financial structures within an appropriate period not exceeding 3 months, or directly without giving any period of time. It will be authorized to temporarily stop the activities of crypto-asset service providers. The Board will also have the authority to revoke their operating authorizations and to limit or remove the signature powers of managers and employees whose responsibility has been determined.

In cases where the Board obtains information about announcements, advertisements and announcements made on the internet in violation of the principles or prohibitions determined by the Board, obtaining information about investment consultancy or portfolio management for crypto assets in violation of the principles determined by the Board, and in cases where it is determined by the Board that the crypto asset service provider activity is carried out over the internet without permission, the content It will be able to decide to remove or block access and send the decision to the Access Providers Association for implementation.

In the event that it is determined that advertisements, advertisements and announcements have been made from channels other than the internet in violation of the principles determined by the Board, the advertisements and advertisements of the responsible persons may be stopped in accordance with the relevant legislation, and the advertisements and advertisements with illegal documents may be collected. These procedures will be carried out by the authorized administrations determined in the legislation regarding workplace opening and working licenses upon the notification of the highest local administrative supervisor.

– Audits and sanctions

The law stipulates the supervision of crypto asset service providers and the sanctions to be applied.

Accordingly, upon the request of the Board, personnel may be appointed from the relevant and related institutions and organizations affiliated to the ministries and other public institutions with the approval of these institutions and organizations in order to carry out audit activities together with the personnel of the Board for the audit of crypto asset service providers or to supervise those who carry out audit activities in a way that provides technical support to those who carry out audit activities as permitted by their own regulations, without the condition of being professional personnel.

The financial audit of crypto asset service providers and the independent audit of information systems will be carried out by independent audit institutions in the list announced by the Board. Additional procedures and principles regarding the audit of information systems will be determined by the Board in consultation with TÜBİTAK or other institutions and organizations deemed necessary. Board personnel and other assigned personnel will be able to accompany each stage of the information systems audits to be carried out by the authorized institutions within the framework of the program to be determined by the Board, as a spectator, without harming the principle of auditor independence. In this way, the participants in the audit will not bear any responsibility for the audit results reached by the independent audit institutions and will not be able to use the knowledge of the authorized institution to benefit themselves or another authorized institution.

Crypto asset service providers will be responsible for damages arising from the unlawful activities of crypto asset service providers and their failure to fulfill their cash payment or crypto asset delivery obligations.

Crypto asset service providers will be responsible for the loss of crypto assets arising from acts such as the operation of information systems, all kinds of cyber attacks, information security violations, or any behavior of the personnel within the scope of the relevant provision of the Turkish Code of Obligations. In the event that it is clear that the losses cannot or cannot be compensated from the crypto asset service providers, the members of the crypto asset service providers will be responsible for the losses to the extent that they can be charged with the losses according to their faults and the requirements of the situation, and the relevant provision of the regulation will be applied regarding personal liability. Damages arising from interruptions in the services provided without the fault of the service providers, in cases where orders cannot be transmitted for a temporary period or in cases where transactions and transfers cannot be made, and similar situations cannot be evaluated within this scope.

Administrative fines will be imposed on those who commit acts contrary to the regulations. Accordingly, “the crime of not providing information, documents, obstruction of the audit”, “the crime of irregularity in legal books, accounting records, financial reports”, “the crime of non-compliance with confidentiality obligations about the information requested in the audit” are also foreseen for crypto asset service providers. In case of sale or distribution in violation of the regulation and relevant regulations, sanctions within the scope of the relevant provisions will be applied.

All kinds of administrative and judicial requests regarding cash and crypto assets belonging to customers, such as measures, seizures and similar requests, will be fulfilled by crypto asset service providers.

In the event that the cash and crypto assets belonging to the customers are confiscated by the judicial authorities, all necessary procedures will be established by the judicial authorities for the preservation of the seized assets in the wallets created by the custodial service providers authorized by the Board.

Within the scope of the examinations and audits carried out within the scope of the provisions of the Law titled “market distorting actions”, “information abuse” and “market fraud”, the Board may decide to remove the content or block access to the broadcasts made via the internet, and the decision will be sent to the Access Providers Association for implementation.

According to the Law on the Amendment of the Capital Markets Law, which includes regulations on crypto assets, adopted by the General Assembly of the Grand National Assembly of Turkey, the financial statements to be taken into account in the detection of contradictions and the sanctions to be applied are determined; The Capital Markets Board is given the authority to regulate the procedures and principles regarding the determination of gross sales revenue and pre-tax profit, which will be taken as a basis in determining the penalty upper limit.

Considering that the expense items of the person concerned against whom an administrative fine will be imposed can be freely determined between the parties and that there is no causal link with the amount transferred as administrative fines or disguised earnings to be established, it is clarified that the expense items in question will not be taken into account in the benefit calculations and whether the profit is realized in the benefit account will not be considered. In this way, it is aimed to make it easier and faster to calculate the benefits related to the amount transferred as administrative fines or disguised earnings.

Real persons and officials of legal entities who are found to be operating as crypto asset service providers without permission will be punished with imprisonment from 3 to 5 years and a judicial fine from 5 thousand days to 10 thousand days.

– Embezzlement by crypto-asset service providers

The chairman and members of the board of directors and other members of the crypto asset service provider who embezzle the money or documents or bills, other goods or crypto assets that are entrusted to him or that he is obliged to protect, store and supervise due to his duty as a crypto asset service provider, will be punished with imprisonment from 8 to 14 years and a judicial fine of up to 5 thousand days; It will compensate the loss of the crypto asset service provider.

If the crime is committed with fraudulent behavior aimed at ensuring that the embezzlement is not revealed, the perpetrator will be sentenced to imprisonment from 14 to 20 years and a judicial fine of up to 20 thousand days. However, the amount of the judicial fine cannot be less than 3 times the damage incurred by the crypto asset service provider and its customers.

A crypto-asset service provider whose operating license has been revoked; It will be considered embezzlement for real person partners, who have legally or actually held management or control, to cause damage to the crypto asset service provider or its customers by using the resources of the crypto asset service provider or its customers directly or indirectly for their own or others’ interests in a way that endangers the safe operation of the crypto asset service provider in any way. Those who commit these acts will be sentenced to imprisonment from 12 to 22 years and a judicial fine of up to 20 thousand days; However, the amount of the judicial fine cannot be less than three times the damage incurred by the crypto asset service provider and its customers. In addition, it will be decided to pay the damage severally.

Two-thirds of the penalty will be reduced if the embezzled money or documents or bills, other goods or crypto assets are returned in kind or the damage suffered is fully compensated before the investigation begins.

Before the start of the prosecution, half of the penalty will be reduced if the embezzled money or documents or bills in lieu of money, other goods or crypto assets are voluntarily returned in kind or the damage suffered is fully compensated. If this happens before sentencing, one-third of the sentence will be reduced.

The penalty to be imposed will be reduced from one-third to one-half due to the low value of the money or documents or bills or other goods or crypto assets that are the subject of the embezzlement crime on the date of the crime.

– Personal liability for crypto assets

In order to ensure that the chairman and members of the board of directors, other members, and real person partners who have legally or actually held the management or control of the crypto asset service provider, who are found to have carried out decisions and transactions deemed to be embezzlement, are covered by the court directly upon the request of the Board, by taking their personal responsibilities in order to ensure that they are covered with priority from the amount determined to have been embezzled, limited to the damage they have caused to the customers. can be given.

If these decisions and transactions are made for the purpose of providing benefits to third parties, they will also be applied to the persons who provide benefits on the basis of the benefits they provide.

Cash from the assets of those who have been declared personal bankrupt will be used directly and those that are not will be used to pay the losses of the customers by converting them into money. First of all, customer losses will be paid from the assets. If the customer damages cannot be covered in full, a payment will be made by guarantee. After the customer losses are fully covered, the remaining part will be returned to those who have been granted a personal bankruptcy decision.

– Special investigation procedure for embezzlement of crypto assets

Investigations and prosecutions will be carried out by the public prosecutors upon the written notification of the Board or ex officio in cases where delay is deemed inconvenient, and the Board will be informed. In the event that a public lawsuit is filed upon the application, a copy of the indictment will be notified to the Board upon its acceptance, and the Board will also gain the title of “participant”.

If it is decided that there is no room for prosecution, this decision will be communicated to the Board and the parties to the investigation. The Board and the interested parties will be authorized to appeal against these decisions in accordance with the Code of Criminal Procedure.

The cases related to the defined embezzlement crime will be heard in the heavy criminal courts numbered 1, which is named after the province to which the place where the act was committed is affiliated. Where deemed necessary, upon the proposal of the Ministry of Justice, the Council of Judges and Prosecutors may appoint other heavy criminal courts in those places to deal with such crimes. As long as those convicted of these crimes do not pay the debts and compensations owed to the Treasury or these debts and compensations cannot be collected from their assets, the conditional release provisions will not apply to them.

Every year, one percent of all revenues of the platforms, excluding the interest income of the previous year, will be paid to the Capital Markets Board and one percent will be paid to the TÜBİTAK budget until the end of May of the relevant year to be used in the development of blockchain and related information technologies. Accordingly, other principles regarding the accruals and payments to be made will be determined by the CMB.

– Transitional provisions for crypto-asset service providers

On the date of entry into force of the Law, those who carry out crypto asset service provider activities will have to submit a statement that they will apply to the Board with the documents to be determined by the Board within one month from the effective date, that they will make the necessary applications to obtain an operating license by meeting the conditions stipulated in the secondary regulations, or that they will take a liquidation decision within three months without harming the rights and interests of the customers and that they will not accept new customers during the liquidation process.

Those who want to start their activities after the enactment of the Law will apply to the Board before starting their activities and declare that they will make the necessary applications to obtain an operating license by meeting the conditions stipulated in the secondary regulations.

Failure to fulfill the transfer requests of customers who prefer to go into liquidation or who have accounts in organizations that do not apply to the Board within the specified period will constitute the crime of unauthorized service provider activity.

Crypto asset service providers residing abroad will terminate their activities for persons residing in Turkey within three months following the effective date of the Law.

The activities of ATMs and similar electronic transaction devices located in Turkey, which allow customers to convert crypto assets into cash or cash into crypto assets and to transfer crypto assets, will be terminated within three months following the effective date of the Law; ATMs that do not terminate their activities will be closed by the authorized administrations determined in the legislation on business opening and working licenses upon the notification of the highest local administrative authority.

The practice of recording income in the CMB and TÜBİTAK budget will be implemented in 2025 over 2024 revenues.

Secondary regulations will be issued within 6 months from the effective date of the Law.



Yazar: Avukat Devrim Bozkurt
Avukat Devrim Bozkurt 1998 yılında İstanbul Üniversitesi Hukuk Fakültesinden mezun oldu. 2000 yılından bu yana İstanbul Barosuna 23961 sicil numarası ile kayıtlı serbest avukat olarak çalışmaktadır. Avukatlık mesleğine kendisine ait DB Hukuk Bürosunda gerçek ve tüzel kişilere yasal danışmanlık ve dava takibi gibi hukuk hizmetleri vererek devam etmektedir.