Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
COMPLIANCE POLICY ON PREVENTION OF MONEY
LAUNDERING AND TERRORIST FINANCING
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 2/22
CONTENTS
1. PURPOSE AND SUBJECT MATTER ............................................................................................................. 3 2. ABBREVIATIONS AND DEFINITIONS ........................................................................................................... 5 3. DUTIES, POWERS AND RESPONSIBILITIES ................................................................................................. 7 3.1. DUTIES, POWERS AND RESPONSIBILITIES OF THE BOARD OF DIRECTORS ....................................................................... 7 3.2. SENIOR MANAGERS’ DUTIES, POWER AND RESPONSIBILITIES ........................................................................................ 8 3.3. DUTIES, POWERS AND RESPONSIBILITIES OF THE COMPLIANCE OFFICER AND COMPLIANCE UNIT ............................... 8 3.4. DUTIES, POWERS AND RESPONSIBILITIES OF THE EMPLOYEES OF THE BANK ................................................................. 9
4. KNOW YOUR CUSTOMER AND CUSTOMER IDENTIFICATION ................................................................... 10 4.1. GENERAL PRINCIPLES ON CUSTOMER ACCEPTANCE AND TRANSACTIONS ................................................................... 12 4.2. PROHIBITED ACCOUNTS AND REAL AND LEGAL PERSONS WHO CANNOT BE ACCEPTED AS A CUSTOMER .................. 12 4.3. RELATIONSHIP WITH PERSONS RESIDENT IN RISKY COUNTRIES .................................................................................... 13 4.4. TRANSACTIONS REQUIRING SPECIAL ATTENTION .......................................................................................................... 13 4.5. WIRE TRANSFERS ............................................................................................................................................................ 13 4.6. TAKING MEASURES AGAINST TECHNOLOGICAL RISKS ................................................................................................... 13 4.7. PRINCIPLE ON RELIANCE ON THIRD PARTIES IN CUSTOMER IDENTIFICATION .............................................................. 14
5. RISK MANAGEMENT ACTIVITIES ............................................................................................................ 14 5.1. CUSTOMERS WITH HIGH-RISK ........................................................................................................................................ 15 5.2. PRODUCTS AND SERVICES WITH HIGH”-RISK ................................................................................................................. 16 5.3. COUNTRIES, REGIONS WITH HIGH-RISK ......................................................................................................................... 16
6. MONITORING AND CONTROLLING ......................................................................................................... 16 6.1. MONITORING THE CUSTOMER AND CUSTOMER’S TRANSACTIONS .............................................................................. 17 6.2. DETERMINATION AND NOTIFICATION OF SUSPICIOUS TRANSACTIONS ........................................................................ 18 6.3. REJECTION OF TRANSACTION AND TERMINATION OF BUSINESS RELATIONSHIP .......................................................... 18
7. COMPLIANCE TRAININGS ...................................................................................................................... 19 7.1. TRAINING POLICY ........................................................................................................................................................... 19 7.2. TRAINING ACTIVITIES ..................................................................................................................................................... 19 7.3. TRAINING SUBJECTS ....................................................................................................................................................... 20 7.4. REPORTING OF TRAINING RESULTS ................................................................................................................................ 20
8. INTERNAL AUDIT ................................................................................................................................... 20 8.1. PURPOSE AND CONTENT OF INTERNAL AUDIT .............................................................................................................. 20 8.2. INTERNAL AUDIT ACTIVITIES AND REPORTING OF THE RESULTS ................................................................................... 21
9. OTHER PROVISIONS .............................................................................................................................. 21 9.1. COOPERATION WITH NATIONAL AND INTERNATIONAL INSTITUTIONS ......................................................................... 21 9.2. PROVISION OF INFORMATION AND DOCUMENTS, MAINTENANCE AND CONFIDENTIALITY OF THE RECORDS ............. 21 9.3. VIOLATION OF THE LIABILITIES ....................................................................................................................................... 22
10. ENFORCEMENT AND AMENDMENTS .................................................................................................... 22
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 3/22
1. PURPOSE AND SUBJECT MATTER
Given the banks occupy a crucial place in the operations of laundering of proceeds of international crimes (AML)
and terrorist financing (TF), both national states and international organizations have agreed that the banking
activities should be closely monitored. When the use of the national and international banking systems for the
purpose of laundering proceeds of crime can be obstructed, the laundering of proceeds of crime by the organized
crime groups can significantly be prevented. The basic methods used in the aforementioned purpose are the
imposition of certain liabilities for the banks to comply with so that they are not subject to such acts and actions,
the monitoring of the banking activities by the local administrative authorities and raising the awareness of the
banks’ employees with regard to this subject.
The most directing and compulsory measures have been developed by the international organizations (United
Nations, Council of Europe, IMF, World Bank, OECD, FATF). The efforts of the international organizations have
brought about the harmonization of the local legislations of the national states. In this respect, several legal
regulations have been issued under the leadership of the Financial Crimes Investigation Board (MASAK), which is
the regulatory authority on the matter mentioned herein.
Vakıf Katılım Bankası A.Ş. adopts combating money laundering and financing of terrorism as one of the most
important responsibilities, for purposes of compliance to laws and regulations as well as preserving its prestige
and its customer quality and it is determined to fight in that respect. The bank adopts:
International agreements, regulations and undertakings to which our country is a party to,
Laws promulgated in the scope of money laundering and terrorist financing, and regulations and
communiqués issued thereunder,
Approaches, methods and implementations generally accepted as a whole by international standards
and recommendations on money laundering and terrorist financing
as basis in constituting implementations regarding the fight against money laundering and terrorist financing.
The Bank has issued this “Compliance Policy on the Prevention of Money Laundering and Terrorist Financing”
under the consideration of the size of the enterprise, the work load and the quality of the operations executed or
to be probably executed, in order to comply with the Law No. 5549 on Prevention of Laundering Proceeds of
Crime and the regulations and communiqués promulgated thereunder. This policy document shall be referred to
as the “Compliance Policy”.
The Compliance Policy constitutes “VAKIF KATILIM BANKASI A.Ş. COMPLIANCE PROGRAM” (hereinafter referred
to as “Compliance Program”) created as per the “Regulation on Program of Compliance with Obligations of Anti-
Money Laundering and Combating the Financing of Terrorism” issued with reference to article 5 of the Law No.
5549, together with the documents of the Bank in the form of procedures, regulation, job definition which are
mentioned below and which shall be referred to in the related sections herein for the explanations and details.
- PLT.UYUM.0003 – The Compliance Policy on Prevention of Money Laundering and Terrorist Financing
- PRS.UYUM.0003 – Know Your Customer and Customer Acceptance Procedure
- PRS.UYUM.0002 – Customer/Transaction Monitoring and Suspicious Transactions Reporting Procedure
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 4/22
- PRS.UYUM.0004 – Customer Compliance Risk Classification Procedure
- PRS.BOSM.0001 – Customer Identification and Account Opening Procedure
- YNT.UYUM.0001 – Compliance Unit Regulation
- GRT.UYUM.0001 – Compliance Director (Compliance Officer) Job Description
The objectives of the Compliance Program are ensuring the fulfillment of the liabilities with respect to the
prevention of money laundering and terrorist financing, the designation of the strategies aiming to diminish or
eliminate the risks that the customers, their operations and services may be exposed to by evaluating them with
a risk-based approach, determination of the internal control of the Bank and the measures, the operation rules
and the responsibilities therein, and raising awareness of the employees with regard to these subjects. The
Compliance Program includes the following measures:
The creation of the Bank’s compliance policies and procedures,
The conduct of the risk management activities,
The conduct of the monitoring and control activities,
The appointment of a compliance officer and the foundation of a compliance unit,
The conduct of training activities,
The conduct of the internal audit activities.
The Compliance Program applies, in terms of their authorities and responsibilities with respect to the prevention
of money laundering and terrorist financing, to the Board of Directors of the Bank, the Senior Management of the
Bank, the Head Office units, branches, subsidiaries, and the branches and units abroad and their managers and
employees on at each level to the extent the laws and administrative authorities of the countries where they
operate permit.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 5/22
2. ABBREVIATIONS and DEFINITIONS
Ministry; means the Ministry of Finance,
MASAK means the Financial Crimes Investigation Board,
FATF (Financial Action Task Force) means the inter-governmental organization established in 1989 by the G7
countries (USA, Japan, Germany, France, England, Italy and Canada) before OECD, and the primary purpose of
which is to implement several standards in scope of the fight against proceeds of crime and to coordinate the
activities of the member-states,
Financial Institution means Banks, institutions having the authorization to issue bank cards or credit cards,
authorized establishments determined in foreign exchange legislations, loan institutions in scope of the legislation
in regards with loans, financing and factoring companies, capital markets intermediary institutions, intermediary
institutions for futures products and portfolio management companies, investment funds’ managers, investment
companies; insurance, reinsurance and pension companies and insurance and reinsurance brokers, financial
leasing companies, institutions providing settlement and custody services in scope of the capital markets
legislation and General Directorate of Turkish Post and Telegraph Administration to the extent limited with its
banking activities,
Law means the law no. 5549 and dated 11.10.2006 on the Prevention of the Laundering of Proceeds of Crime,
Bank means Vakıf Katılım Bankası A.Ş.,
Asset means money, all movables or immovable, all tangible and intangible rights that have monetary value, and
all legal documents or instruments certifying the rights upon them,
Proceed of Crime means money, any security replaceable with money and assets and all benefits obtained
because of committing the crimes with prison sentence of 6 months minimum under the Turkish Criminal Law
No.5237 dated 26.09.2004,
Money Laundering means transfer of any asset incoming from any crime with prison sentence of 6 months
minimum abroad, concealing the illegitimate source of such assets, put these assets through several transactions
so as they give the impression they have been gained in legitimate means,
Terrorism means actions made in order to terrorize a community or to force a government or an international
organization to execute or abstain from executing certain action. It includes the following actions made by using
force and violence with one of the methods of oppression, terrorizing, intimidation, suppression or threat;
Change the characteristics of the Republic, the political, legal, social, laic and economic order,
Disrupt the in integrity between the Country, the Nation and the State,
Endanger the existence of the State and the Republic,
Debilitate, break down or occupy the authority of the State,
Demolish fundamental rights and liberties,
Break the State’s domestic and foreign security,
The acts committed to disturb the public order or general health.
Crime of Terrorist Financing means the provision and collection of funds for a terrorist or terrorist organizations
for the execution or knowing and wanting the executions of the acts prohibited under Article 3 of the Law on
Prevention of the Financing of Terrorism no. 6415 and promulgated on 07.02.2013
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 6/22
Acts of willful murder or grievous injury with the intent of scaring or intimidating a community or to
force a government or an international organization to execute or abstain from executing certain
action,
The acts accepted as crime of terror under the Anti-terror Law no. 3713 dated 12.4.1991,
The acts defined as crime and prohibited under 9 Agreements and Protocols attached to the International
Agreement on Preventing Terrorist Financing dated 1999 and to which Turkey is a party,
Obliged Party means a person who operates in the field of banking, insurance, individual pension, capital markets,
money lending and other financial services, and postal service and transportation, lotteries and bets; those who
deal with exchange, real estate, precious stones and metals, jewelry, all kinds of transportation vehicles,
construction machines, historical artifacts, art works, antiques or intermediaries in these operations; notaries,
sport clubs and those operating in other fields determined by the Council of Ministers,
Risk means the financial loss or loss of reputation that our bank or our employees may be exposed to due to use
of our services for the purpose of money laundering and terrorist financing or not complying completely with the
obligations established through the Law or Regulations and Communiques issued in accordance with the Law,
Customer Risk means the fact that the Customer’s business line easily allows the intense use of cash, the purchase
and sale of the goods with high value or the international fund transfers; the risk of the abuse of the Bank because
of the Customer or the Customer’s representatives acting with the intention of laundering proceeds of crime and
terrorist financing,
Country Risk/Geographical Risk means the risk the Bank may be exposed to because of the business relations
and transactions entered into with the citizens, companies and financial institutions of the countries that are
announced by the Ministry of Finance out of those lacking appropriate money laundering and terrorist financing
laws and regulations, being non-cooperative in the right against these offenses or being identified by competent
international organizations as risky,
Service Risk means the risk the bank may be exposed to in scope of non-face-to-face transactions, the services
such as private or correspondent banking or new products to be offered by using developing technologies,
Politically Exposed Persons (PEP’s) mean any head of state or government who is vested with a high public
service, any high-level politics, government officers, judicial or military staff, political party representatives
occupying important positions and senior managers in public institutions in Turkey or in any foreign country, their
families and the persons they have close relationships with,
Permanent Business Relationship means a business relationship between the Bank and the customer established
through services such as opening a bank account, extension of a loan or issuance of a credit card, safe-deposit
box rent, financing, factoring, financial lease, life insurance or personal pension and that is, in nature, a permanent
relationship,
Transient Business Relationship means a random relationship established upon an act and/or transaction, with
persons or institutions that do not have any relationship with the bank such as an account or any relation which
would define them as a Customer,
Suspicious Transaction means any situation where there is an information, a doubt or a reason that would raise
a doubt with respect to the asset subject to the transaction made or intended to be made before or by the
intermediary of the Bank, in terms of its unlawful provision, its usage by unlawful means, its use in scope of
terrorist attacks or made by terrorist organizations, terrorists or people financing terrorism, or such transaction
is concerns them or is connected to them.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 7/22
Complex and unusual transactions mean during the evaluation pertaining to risk profile or fund sources, any
transaction giving the impression that there is a disproportion between the customer’s financial ability and the
transactions he/she made or the business is not compatible with the transaction’s economic, commercial or legal
aims, and transactions with high volume, in scope of the information about the customer and additional
information received during the request of transaction,
Regulation on Measures means the Regulation on Measures Regarding Prevention of Laundering Proceeds of
Crime and Financing of Terrorism,
Regulation on Compliance Program means the Regulation on Program on Compliance with Obligations of Anti-
Money Laundering and Combating the Financing of Terrorism,
Compliance Program means the set of measures intended for the prevention of money laundering and terrorist
financing and created under the related legislation within the Bank and the Bank’s Compliance Policy,
Compliance Officer means the officer who is employed for the purpose of ensuring the compliance with
obligations established under the Law on the Prevention of Proceeds of Crime and the legislation issued as per
the Law and who is entrusted with the provision of the Bank’s compliance with the liabilities in the
aforementioned legislation,
Compliance Unit means the unit which is directly attached to the Compliance Officer and composed by taking
into account the Bank’s business size, business volume, number of branch or staff, or the size of the risks it may
encounter, in order to provide the Compliance Officer fulfills his/her duties and responsibilities effectively in scope
of the laundering of proceeds of crime and terrorist financing legislation and who is charged with the conduct of
the compliance program.
3. DUTIES, POWERS AND RESPONSIBILITIES
Every manager and employee in any level of the Bank is liable with knowing completely his/her local and
international legal and administrative obligations and responsibilities on combating money laundering and
terrorist financing, with recognizing the regulatory and supervisory authorities involved in this combat. The
competent and supervisory authority in Turkey on the prevention of money laundering and terrorist financing is
the Financial Crimes Investigation Board (MASAK).
3.1. Duties, Powers and Responsibilities of the Board of Directors
The Board of Directors is ultimately responsible for carrying out the whole compliance Program in scope of the
“Regulation on Compliance Program” efficiently. Under the scope of related regulation, the Board of Directors is
authorized and responsible for;
Assigning a compliance officer,
Explicitly determining in written form the authorities and responsibilities of the compliance officer and
the compliance unit,
Approving Bank’s policies, annual training programs and amendments to be made in accordance with
developments,
Assessing the results of risk management, monitoring, control and internal audit activities carried out
under the Compliance Program,
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 8/22
Taking necessary measures for timely elimination of the detected errors and deficiencies,
Ensuring an efficient and coordinated performance of all the activities carried out under the scope of the
Compliance Program.
In scope of the Regulation on Compliance Program, the powers stated under Article 6, paragraph 2 of the
Regulation shall be performed by the Audit Committee by using the opportunity provided in Article 6, paragraph
3 of the same Regulation. This kind of power assignment shall not remove the power of the Board of Directors in
the related fields. The Board of Directors may annul such empowerment at any time it deems appropriate. Audit
Committee shall inform the Board of Directors on important issues regarding the compliance such as the
appointment of the Compliance Officer, the amendments made in compliance policies. On the other hand, the
Audit Committee has the discretion not to use the power attached to itself and to submit the subject to the Board
of Director’s approval.
3.2. Senior Managers’ Duties, Power and Responsibilities
The Senior Management of the Bank is responsible towards the Board of Directors for the expedient and effective
implementation of this policy, related procedures and connected documents and this Compliance Program in the
Head Office of the Bank and in the branches, by all employees, and to provide measures for the Bank is not
exposed to the risks relating to money laundering and counter terrorist financing shall be taken.
3.3. Duties, Powers and Responsibilities of the Compliance Officer and Compliance Unit
A Compliance Officer has been appointed and a Compliance Unit has been established to implement the standards
on national and international level regarding the AML/CTF in the Bank’s Head Office and branches, to follow-up
the legal amendments, to perform the necessary works to ensure the full compliance to the liabilities in the
legislation in the Bank’s operations, hence to arrange training programs on laundering of proceeds of crime and
terrorist financing and provide the Bank and the employees shall be informed.
The Compliance Officer shall carry out its activities by reporting to the Audit Committee to which the Board of
Directors assigned its powers in scope of the related legislation, provided that the ultimate responsibility remains
with the Compliance Officer.
In this respect, the duties and responsibilities of the Compliance Officer are as follows:
To perform necessary works to ensure that the Bank complies with the Law and the regulations issued
pursuant to the Law and to provide the necessary communication and coordination with MASAK,
To develop bank’s policies and procedures and to submit institutional policies for the approval of the
Board of Directors,
To develop risk management policy,
To develop monitoring and controlling policies and to carry out activities related to it,
To submit its works regarding training program on the prevention of money laundering and terrorist
financing to the approval of the Audit Committee and to ensure the effective implementation of the
approved training program,
To evaluate the information and findings obtained through researches that she/he carried out to the
extent of his/her power and the possibilities regarding eventual suspicious transactions which were
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 9/22
forwarded or detected by his/her initiative and to report the transactions which he/she considered to be
suspicious to MASAK,
To take necessary measure for ensuring the confidentiality of reports and other relevant matters,
To regularly keep information and statistics on internal audit and training activities and to send them to
MASAK within the periods specified in the Regulation.
The Compliance Officer and Compliance Unit staff is entitled to require any document and information they need
to fulfill their obligations, to examine them, to research and request additional explanation from the Bank’s staff
pertaining to the duty and consult with the Bank’s staff, and also to warn related management levels so that they
take necessary measures.
The Compliance Unit shall perform the operations pertaining to its liabilities of managing risks, monitoring and
control regarding the combating the laundering of proceeds of crime or terrorist financing, and training liabilities.
The duties and responsibilities of the Compliance Unit are set out in detail in its job description based on the
position.
3.4. Duties, Powers and Responsibilities of the Employees of the Bank
The employees of the Bank are obliged to
Prevent the Bank being used in money laundering and terrorist financing activities,
Take necessary actions when they encounter a suspicious transaction and report to Compliance Unit and
Compliance Officer,
Comply with the applicable legislation pertaining to money laundering and terrorist financing.
This policy is delivered to the Bank’s employees against their due signature and/or it is ensured they read it from
the main electronic banking system (EBS) and this fact is tracked over electronic records. The subsequent
amendments to this policy shall be deemed delivered to the relevant staff when notified by the system or by
other electronic means and media, or by other means deemed appropriate.
Employees of the Bank shall not provide any banking services, consultancy or any other assistance to the
persons and/or institutions intending to violate or avoid the legislation on the anti-money laundering and
terrorist financing and the methods and principles set out in this Policy. The said legislation shall not only apply
to the criminal who intend to launder unlawful proceeds, but also to the financial institutions and their employees
who are related to the mentioned transactions even though they are aware that the asset subject to the financial
transaction(s) constitutes a crime factor. In this respect, “information” or “to know” includes the concepts of
“intentional blindness” and “intentionally avoiding the information”. An employee of a financial institution who
notices suspicious transaction(s) but who intentionally does not perform necessary research and inquiry and/or
who prefers to be indifferent to the situation is deemed to have the necessary “information”.
The employees of the Bank who do not comply with this Policy shall incur disciplinary punishment including
dismissal. The violation of the legislation on the combating laundering of proceeds of crime and terrorist financing
may cause the Bank’s employees get prison sentence and that their money and assets are seized together with
the Bank, additionally they may be exposed to another set of sentences.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 10/22
The employees of the Bank shall not abstain from asking questions about any suspicious transaction or reporting
the relevant event. Should an employee of the Bank is aware that she/he believes he/she or the Bank is used for
the laundering of proceeds of crime and/or terrorist financing, when she/he feels pressure on that subject or
she/he has to compromise his/her judgment values, he/she shall be responsible for notifying such event or
situation to the Compliance Officer or the Compliance Unit. It is obvious that such employee shall not be punished,
dismissed or receive a negative reaction when he/she asks any question or mentions about any event regarding
these responsibilities and obligations.
4. KNOW YOUR CUSTOMER AND CUSTOMER IDENTIFICATION
“Know Your Customer” principle shall consist of the Bank having sufficient knowledge about the customers and
customers’ activities and the development of policies and procedures before the Bank to obtain such information.
By the execution of this principle a relationship based on mutual trust by providing a disclosure in customer’s
transactions and information shall be established and maintained, the determination if a transaction i is suspicious
or not shall be possible and the minimization of the risks of the Bank shall be ensured. In scope of “Know Your
Customer”, during the establishment of the permanent business relationship and execution of the requested
transactions, necessary measures are taken under the legislation and Bank’s Compliance Policy and procedures
with respect to;
Identification,
Determination if the customer is acting vicariously or on his/her own behalf,
Detection of the beneficial owner,
Provision of sufficient information about the requested transaction and its content,
Monitoring the customer’s situation and transactions throughout the customer relationship duration,
Customers, activities and transactions requiring special attention.
As per the banking regulatory and supervisory authorities the “Know Your Customer” principle goes beyond the
opening of a bank account with a simple identification and address and with a simple registration, this principle
requires being informed in respect with;
The consistency of the information and documents received from the customer,
Customer’s aim in preferring the Bank and opening an account,
Customer’s profession, main business branch providing an income, the principles of his/her work,
his/her commercial past and the business in which he/she carries out activities, his/her experience in
his/her branch, business volume and his/her education,
The sources where the funds subject to the opened accounts or activities come from or go to.
The essential point in money laundering and terrorist financing is the customer. Therefore, the customer’s
identification is crucial in combating the proceeds of these unlawful activities. During the establishment of
permanent business relationship with customers and the execution of the requested transactions, the essential
condition precedent is the correct, complete and timely determination of customer's identity. The identification
is performed by the provision, detection, control and confirmation of the information regarding the customer’s
identity. In this scope the identification is done;
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 11/22
Without taking into consideration any amount during the establishment of a permanent business
relationship,
Without taking into consideration any amount if any doubt arises regarding the sufficiency and
accuracy of the previously received customer’s identity,
Without taking into consideration any amount in situations where the suspicious transaction shall be
notified,
When the amount of the transaction or the total amount of several transactions connected to each
other exceed the amount set out in the legislation.
By taking information regarding the identity of the customers and people acting on customers’ behalf and by
confirming the accuracy of this information. In permanent business relationship, information regarding the aim
of the business relationship and its content shall be taken.
As a general rule, the business relationship shall absolutely not be established and the transactions required by
related persons shall absolutely not be executed unless and until the potential customer’s identity is duly
determined or sufficient information on the objective of the business relationship is received. Similarly, when the
identification and identity confirmation which should have been done in case of any doubt about the sufficiency
and accuracy of previously obtained customer’s identity information is not done, the business relationship shall
be ended.
The inadequacy in implementation of the “Know Your Customer” may cause loss in reputation and
trustworthiness for the banks towards national and international regulatory and supervisory banking authorities,
their customers, their shareholders, their foreign correspondences, and may give rise to fraud and serious
customer, transaction and credit risks such as legal and condensation risk.
The following measures set out in section 3 entitled “Principles Regarding Know Your Customer” in the
Regulations on Measures;
- Identification,
- Identification of natural persons’ identity,
- Identification of legal entities registered to the trade registry,
- Identification of associations and foundations,
- Identification of trade unions and confederations,
- Identification of political parties,
- Identification of non-resident legal persons,
- Identification of unincorporated organizations,
- Identification of public institutions,
- Identification of persons acting on behalf of others,
- Identification of the ultimate beneficial owner,
- Control of the authenticity of documents subject to verification,
- Identification in subsequent transactions,
- Simplified measures,
- The details of the procedures and principles to be executed regarding enhanced measures and about the
matters mentioned herein
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 12/22
are set out in the below documents that are complementary to this Policy and the elements of the Bank’s
Compliance Program that are
- PRS.UYUM.0003 – Know Your Customer and Customer Acceptance Procedure
- PRS.BOSM.0001 – Customer Identification and Account Opening Procedure
- PRS.UYUM.0002 – Customer/Transaction Monitoring and Suspicious Transactions Reporting Procedure
4.1. General Principles on Customer Acceptance and Transactions
The provision of
The real identity and address of the customer,
The consistency between the information and the documents received,
Customer’s aim in preferring the Bank and opening an account,
Customer’s profession, main business branch generating income, the principles of his/her work,
Sufficient information on the transaction profile and capacity of the customer, his/her work place or
activity location
has the utmost importance in establishing a relationship between the bank and the customer based on
transparency and trust.
Additionally, the utmost care and attention shall be paid on the followings:
When there is a doubt about the legitimacy of the acquisition of a person’s or institutions’ funds or wealth
they shall not be accepted as customer,
When a third person cannot clearly certify that he/she has been authorized by the customer, his/her
request to open bank accounts for more than one person shall not be met,
When there is not any notary approval on the proxies, no transaction shall be effectuated.
During a new customer acquisition to the bank (opening an account and similar transactions where customer
relationship is permanent), the authorized personnel of the branches and customer representatives are
responsible for the identification of the customer and his/her address, the provision and confirmation of all
information and documents envisaged under the related legal and administrative legislation and set out in our
Bank’s internal regulations and implementations.
4.2. Prohibited Accounts and Real and Legal Persons who Cannot be Accepted as a Customer
In the Bank;
Those who abstain from giving information or providing any record,
Those who want to open an account with a pseudonym or an anonymous name,
Those who do not want to provide satisfactory information about the source of his/her money and his/her
transactions,
Those whose name match with the lists announced by the government agency and who are
unobjectionable, and qualified as such by the Compliance Department.
The banks which do not have any physical presence in any country (shell banks),
Enterprises of which the owner cannot be identified
shall not be accepted as customer and the transactions requested by them may not be performed.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 13/22
The related branch or unit shall communicate such situation to the Compliance Unit or Compliance Officer so that
the business relationship established with the persons or institutions realized to be in the abovementioned
situation shall immediately be terminated and that necessary operations shall be executed.
4.3. Relationship with Persons Resident in Risky Countries
The Bank shall pay particular attention to its relationships and transactions with real and legal persons, with
unincorporated organizations resident in risky countries and with citizens of those countries, shall gather as much
information as possible with respect to the purpose and content of the transactions that seemingly does not have
any reasonable legitimate and economic purpose and shall register them.
4.4. Transactions Requiring Special Attention
The Bank shall be required to pay special attention to complex and unusually large transactions and the ones with
no apparent reasonable legitimate economic purpose, which are against “the nature of things” or “the ordinary
course of life”, to take necessary measures in order to obtain adequate information on the purpose of the
requested transaction and to keep information, documents and records obtained in this scope in order to submit
upon request of authorities.
4.5. Wire Transfers
In national or international wire transfers of TRY 2,000.00 or more, the below information shall be included in the
message;
a) Name and surname, title of the legal entity registered to the trade registry, full name of the other legal
persons and unincorporated organizations,
b) Account number, or reference number of the transaction where no account number exists,
c) The address or birth of place and date at least one of the numbers such as TR-ID number, passport
number, tax ID number for identifying the originator.
The transfers carried out between banks on behalf of themselves or for their own benefit and the transfers carried
out by using credit or bank cards provided that card numbers are included in the messages shall be out of the
scope of the above paragraph. In the event the Bank receives a wire transfer message not including the
information specified in subparagraphs (a), (b) and (c), either it shall return the said wire transfer message or it
shall complete short-coming information through the financial institution who sent the message. In the event that
the messages sent include short-coming information permanently and they are not completed despite the
request, either the wire transfer received from originator financial institution may be refused or transactions
carried out with related financial institution may be restricted or business relationship with related financial
institution may be ceased.
4.6. Taking Measures against Technological Risks
The Bank shall, in order to prevent the risk of using facilities introduced by new and developing technologies for
money laundering and terrorist financing and shall take appropriate measures including creating secure
transaction webs for non-face-to-face transactions executed in electronic media, using passwords to identify and
verify the identity of the person requiring the transaction or giving an order for its prevention. The Bank is required
to take appropriate and effective measures including paying special attention to operations such as depositing,
withdrawing and wire transfers which are carried out by using systems enabling the institutions to conduct non-
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 14/22
face-to-face transactions, closely monitoring the transactions that are not consistent with financial profile or
activities of the customer or do not have connection with his/her activities, and establishing a limit to amounts
and number of transactions.
4.7. Principle on Reliance on Third Parties in Customer Identification
The Bank can establish business relationships or carry out transactions by relying on measures taken with respect
to the customer by another financial institution on identification of the customer, the person acting on behalf of
customer and ultimate beneficial owner, and on obtaining of information regarding the purpose of business
relationship or transaction.
Reliance on third parties shall be possible only if;
The required measures are taken for meeting the requirements of identification, record keeping and know
your customer,
The third parties are also subject to regulations and supervision in combating money laundering and
terrorist financing in accordance with international standards if the third parties are resident abroad,
The relying party is sure that certified copies of documents relating to customer identification can
immediately be provided from the third party when requested. The customer’s identification are
immediately taken from the third party when the Bank established a business relationship by relying on
a third party.
The transactions which the banks conduct between themselves on behalf of customers and relationships between
financial institution and its agents, similar units or outsourcing entities are not within the scope of the principle
of reliance on third parties”. The principle of “reliance on third parties” may not be applied to the cases where
the third party is resident in a risky country.
5. RISK MANAGEMENT ACTIVITIES
An approach with risk focus is an effective method to diminish the risks of the laundering of proceeds of crime
and terrorist financing with the stages of defining, grading, monitoring, evaluation and managing the risks.
The Bank defines notions such as customer risk, service risk and country risk through policies and procedures on
the laundering of proceeds of crime and terrorist financing risks, and it grades and classifies the services provided
to customers, the transactions and the Customers according to the risks. As the result of this classification, the
Bank develops procedures with respect to the monitoring of the transactions and the customers on the next step,
provides additional information and document regarding the asset subject to the transaction as much as it can,
in scope of know your customer.
The principles and procedures pertaining to the risk management policy, risk management activities and
additional measures aimed for the risky groups with high risk mentioned under Section 3 titled “Risk
Management” of the Regulation on Compliance Program, and the details of the implementations mentioned in
this section are set out in the below documents which are the complements of this Bank and the Bank’s
Compliance Program;
- PRS.UYUM.0003 – Know Your Customer and Customer Acceptance Procedure
- PRS.BOSM.0001 – Customer Identification and Account Opening Procedure
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 15/22
- PRS.UYUM.0002 – Customer/Operation Examination and Reporting of Suspicious Transactions Procedure
- PRS.UYUM.0004 – Customer Compliance Risk Classification Procedure
Risk management activities carried out by the Bank in the scope of the Risk Management Policy cover at least:
Improving risk defining, rating, classifying and assessing methods based on customer risk, service risk and
country risk,
Rating and classifying services, transactions and customers depending on the risks,
Developing proper operational and control rules for ensuring monitoring and controlling risky customers,
transactions or services; reporting in a way that warns related units; developing proper operational and
control rules so that the transaction is carried out in accordance with the superior’s approval and is
audited when necessary,
Questioning retrospectively the coherency and effectiveness of risk defining and assessing methods and
risk rating and classifying methods depending upon sample events or previous transactions, reassessing
and updating them according to achieved results and new conditions,
Carrying out required development works through pursuing recommendations, principles, standards and
guidelines established by national legislation and international organizations related to issues under the
scope of risk,
Reporting risk monitoring and assessing results regularly to the board of directors.
The risks relating to money laundering and terrorist financing the Bank may be exposed to due to its customers,
activities and transactions are classified under three main titles:
Customer risk
Service risk
Country risk
In the scope of the monitoring and controlling activities the Bank rates the risks in terms of its customers, services
and transactions as LOW, MIDDLE and HIGH risk and the customers with low, middle and high risks are determined
in terms of money laundering and terrorist financing according to their professions, professional past, activities,
economic situation, accounts and transactions and the country where the customer resides/carries out activities
and similar up-to-date information and the customers are monitored according to their risk profiles.
During the process of the identification of high-risk customers Branch Manager’s and, as the case may be,
Compliance Unit’s approval shall be needed. In such event the Branch Manager and/or Compliance Unit controls
and confirms information and documents they deem necessary, completes necessary examination and research
in regards with the real/legal person requesting account opening and gives and accepts or rejects the account
opening request. If necessary, he/she can consult the higher management’s view and decision.
5.1. Customers with High-Risk
The customers with the risk of the laundering of proceeds of crime and terrorist financing are accepted by their
nature as customers with risk. In the Bank, the below customers are considered risky by their nature and defined
as with “high-risk”:
Non-governmental, non-profit organizations (Associations and Foundations etc.),
Politically Exposed Persons – PEP’s,
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 16/22
Institutions such as Political Party Organizations,
Embassies and consulates,
Unions and Trade Unions,
Correspondent Banks,
Competent establishments (exchange offices),
Jewelers, those who trade valuable stones and metals such as gold and diamond,
Those who operate in lines of work where there is an intense use of cash.
5.2. Products and Services with High-Risk
In general cash transactions, instruments to bearer and customers’ funds deriving from electronic fund transfers
and transactions of which the reason of activity is unknown and which cannot be related to the customer’s field
of activity are monitored with empowered procedures. The below products are deemed to be high-risk
products/service by the Bank:
Wire Transfers
Collection of the Personal Checks Drawn to Foreign Banks,
Systems that can make non-face-to-face transactions,
Private banking products and services.
5.3. Countries, Regions with High-Risk
The following countries and regions and the customers residing in or in connection with these countries and
regions are closely monitored since they are considered being in high-risk category in terms of the country risk:
Countries in the list of “Non-Cooperative Countries” announced by the Bank,
Countries in the list of “Risky Countries” announced by related Ministry,
Countries sanctioned by the United Nations Security Council, European Union or OFAC (Office of Foreign
Assets Control linked to USA Ministry of Treasury) due to their policies and implementations pertaining
to the laundering of proceeds of crime and terrorist financing.
Cross-border Centers, Free Zones and Financial Centers,
Regions called as tax heaven,
Countries deemed to be risky according to international legislation in terms of the laundering of proceeds
of crime and terrorist financing.
6. MONITORING AND CONTROLLING
The purpose of monitoring and controlling is to protect the Bank against risks and to permanently monitor and
control whether their operations are carried out in accordance with the Law and regulations and communiques
issued under the Law, and the Bank’s policies and procedure. Monitoring and controls are established with a
risk-based approach. Within this scope, monitoring and control programs are developed according to the
quality and levels of the risks with respect to the customers, transactions and services of the Bank and they are
implemented effectively. Moreover, the Bank takes appropriate measures to monitor the transactions made
out of the permanent business relationship and creates a risk management system within this purpose.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 17/22
Monitoring and controlling activities carried out in the Bank shall at least include the following activities;
Monitoring and controlling the customers and transactions in the high-risk group,
Monitoring and controlling transactions conducted with risky countries,
Monitoring and controlling complex and unusual transactions,
Control of the institution, through sampling method, of whether the transactions exceeding the amount
that the Bank will determine according to the risk policy are consistent with the customer profile,
Monitoring and controlling linked transactions which, when handled together, exceed the amount
requiring customer identification,
Control of customer related information and documents which are required to be kept in electronic
environment or in written form and the information required to be placed in wire transfer messages,
completing the issuing information regarding business, risk profile and fund resources of the customer,
During the business relationship, ongoing monitoring whether the transaction conducted by the customer
is consistent with information regarding business, risk profile and fund resources of the customer,
Control of the transactions carried out through using systems enabling the performance of non-face-to-
face transactions,
Risk based control of services that may become prone to misuse due to newly introduced products and
technological developments.
Risk based monitoring and controlling activities are developed and carried out under the supervision and
coordination of the Compliance Officer in scope of the Regulation on Compliance Program and these Policies,
before the Compliance Unit. The Bank benefits from technological facilities in monitoring the customers and
transactions and in the detection of the suspicious transactions in scope of the central monitoring and controlling
activities carried out by the Compliance Unit.
In the scope of the monitoring and controlling activities, the deficiencies detected as a result of the controls
related with the compliance with the liabilities established under the Law are reported to necessary units so that
required measures are taken, and the results thereof are followed up. The effectiveness of the Compliance
Program under the applicable legislation, the effectiveness of the related implementations under the Bank’s
Policy and procedures, and the supervision and compliance inspection on the transactions are carried out by the
internal audit and internal control departments. The deficiencies detected as the result of these controls carried
out for the purpose of compliance with the liabilities are notified to the Compliance Officer. The data containing
information regarding the works carried out in this scope are notified to MASAK by the Compliance Officer.
Monitoring and controlling activities are determined in the scope of article 15 of the Regulation on Compliance
Program at minimum and the activities to be implemented are set out by a procedure, process or a dependent
document. The Bank created PRS.UYUM.0002-Customer/Transaction Examination and Reporting of Suspicious
Transaction Procedure to be applied in this purpose. Bank’s employees are liable with monitoring, controlling and
reporting to related units and authorities its customers and any of their transactions in necessary situations as
per the procedures and principles set out in this procedure.
6.1. Monitoring the Customer and Customer’s Transactions
The Bank continually monitors if the transactions executed by the customer are consistent with the information
regarding customer’s profession, commercial activities, professional past, economic situation, risk profile and
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 18/22
fund resources in scope of the permanent business relationship and keep any information, document and records
about the customer updated. In addition, the accuracy of customer’s telephone and fax number and electronic
mail address taken for the identification of the customer are confirmed by communicating with the related person
when necessary by using these means within a risk-based approach.
6.2. Determination and Notification of Suspicious Transactions
In any situation where there is an information, a doubt or a reason that would raise a doubt with respect to the
asset subject to the transaction which is made or intended to be made before or by the intermediary of the Bank,
in terms of its unlawful provision, its usage by unlawful means, its use in scope of terrorist attacks or made by
terrorist organizations, terrorists or people financing terrorism, or such transaction concerns them or is connected
to them, providing that necessary investigations are carried out to the extent it is possible, the transactions
deemed to be suspicious are notified by the Compliance Officer to MASAK within the durations and principles set
forth in the legislation. Suspicious transactions shall be reported to MASAK within ten business days starting from
the date when the doubt occurred.
When the Bank’s branches and Head Office Units encounter a transaction deemed to be suspicious, they shall
report it immediately to the Compliance Officer by an e-mail or by other means, in written, by filling in a Suspicious
Transaction Reporting Form (STRF). The customer and transactions decided to be reported as suspicious by the
Compliance Officer upon additional investigation and assessment are sent to MASAK together with additional
information and documents.
During the reporting process of the suspicious transaction, the decision on maintaining the relationship with the
customer, maintaining the relationship with the customer by cautiously monitoring the transactions or closing
the customer’s accounts and termination of the relationship with customer notwithstanding the notification of
the subject or the request as a suspicious transaction by the Compliance Officer to MASAK is given by the
Compliance Officer or the senior officer to whom the matter has been notified by the Compliance Officer (General
Director or Deputy General Director).
All persons involved with and having knowledge about the suspicious transaction and its reporting shall show
maximum care and skill under the legislation with respect to the confidentiality and protection of the reporting
of suspicious transactions and internal reports made accordingly in the Bank, and with respect to the protection
of those who are a party to the reports. Detailed procedures and principles pertaining to the suspicious
transactions that may be encountered in the Bank and their reporting when deemed necessary are applied as set
forth in the document titled as PRS.UYUM.0002 – Procedures on Customer/Transaction Examination and
Reporting of Suspicious Transaction.
6.3. Rejection of Transaction and Termination of Business Relationship
In cases where customer identification or gathering of information on the purpose of the business relationship
cannot be achieved, the business relationship shall not be established and the transaction for which they are
requested shall not be executed. In such a circumstance, they cannot open an anonymous account or account in
a fictitious name.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 19/22
When the identification and verification which should have been conducted in case of any suspicion about the
adequacy and accuracy of previously obtained customer identification information is not carried out, the business
relationship shall be terminated.
The Bank also assesses if the situation specified above is a suspicious transaction or not. For the matters
mentioned in this sub-section PRS.UYUM.0002 – Procedures on Customer/Transaction Examination and
Reporting of Suspicious Transaction shall be applied.
7. COMPLIANCE TRAININGS
7.1. Training Policy
The aim of the training policy is to ensure compliance with the obligations imposed by Law on the Laundering
of Proceeds of Crime and Terrorist Financing and the regulation and communiques issued in accordance with
Law, creating an institution culture by increasing the sense of responsibility of staff on the compliance policy
and procedures of the Bank and on risk-based approach and updating of staff information.
The employees are trained by the Compliance Officer or the Compliance Unit or with the support of an
institution outside the Bank providing such training services, in the scope of national and international
legislation with respect to the Anti-Money laundering and terrorist financing, and the internal regulations and
standards of the Bank. Employees of the Bank shall attend these training programs in case they are invited and
they shall read the documents distributed for the training and show due care and diligence.
7.2. Training Activities
The training activities shall be conducted under the supervision and coordination of the Compliance Officer.
The training program shall be prepared by the Compliance Officer and participation of the relevant units. The
effective implementation of training program shall be observed by the Compliance Officer.
The training activities shall be carried out so as to cover the subjects, details of which are given under
the title Training Subjects and following a certain training program.
The training program is prepared yearly and approved by the Board of Directors.
Training activities are reviewed with the participation of the related units as per the results of
assessment and evaluation and are repeated on regular basis according to the needs.
The Bank benefits from training methods such as organizing seminars and panels, creating study groups,
using audio-visual materials during training activities, using computer-based training programs working
on internet, intranet or extranet etc. so as it is ensured that the training activities are expanded
throughout the institution.
The trainings are organized by Training Department in accordance with the request of the Compliance
Officer.
The training activities in the classrooms are executed with the support of the Compliance Officer, staff
of the Compliance Unit or employees of the Bank who are competent in that subject or institutions
providing services in that area from outside.
The training programs may be organized as on-line seminars as well as in classrooms where the
employees of the Bank are gathered.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 20/22
The content of the training may be altered expediently by taking into consideration the term of office, title and
duties of the staff in the Bank and it is ensured that each employee shall periodically have the appropriate training
accordingly. Necessary updates in the content of the training are done in accordance with the amendments in the
legislation and other developments with respect to the subject. The trainings to be given to the staff shall at least
cover the subjects set forth in the applicable legislation. Functioning of the training activities, determination of
the participants to the training activities, determination and educating the trainer, training methods, periods of
the trainings and training subjects are set forth by procedures, process or a linked document.
7.3. Training Subjects
The trainings to be given to the staff by the Bank shall at least cover the following subjects:
Concepts of money laundering and terrorist financing,
The stages, methods of money laundering and case studies on this subject,
Legislation regarding prevention of money laundering and terrorist financing,
Risk areas,
Institutional policies and procedures
In the framework of Law and related legislation;
- Principles with respect to know your customer,
- Principles relating to the reporting of a suspicious transaction,
- Obligation of data keeping and submitting,
- Obligation of providing information and documents,
- Sanctions to be implemented in case of violation of obligations,
- International regulation on combating money laundering and terrorist financing.
7.4. Reporting of Training Results
The staff to attend the training activity shall cover all of the Bank’s staff (including the staff in the head office and
branches) who are responsible for the operation rules as per the institution’s procedures, who execute, certify,
reports, monitors the transactions. The Bank shall operate the training activities by using methods such as face-
to-face training, internet (e-learning) or intranet so as the training activities expand throughout the institution.
The Bank pays particular attention for the choice of the trainers who will give the trainings and to due training of
the trainers.
The Bank’s Compliance Officer, relating to the training activities to be implemented, shall report the information
and the statistics regarding training dates, the territory or provinces where training is given, training method, total
training hour, number of staff to whom training is given and the ratio of the staff trained to the total number of
staff, distribution of staff training given according to their unit and title, content of training, title and area of
expertise of trainers to MASAK up to the end of March of every year.
8. INTERNAL AUDIT
8.1. Purpose and Content of Internal Audit
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 21/22
The purpose of the internal audit reviews is to ensure security for the Board of Directors of the efficiency and
sufficiency of the Compliance Program of the Bank issued under the legislation on the Prevention of Money
laundering and terrorist financing.
The Bank shall ensure, annually and on a risk-based approach, examination and controlling of Bank’s policy and
procedures, risk management, monitoring and controlling activities and whether the training activities are
sufficient and efficient, sufficiency and efficiency of risk policy of the Bank, whether the transactions are carried
out in compliance with Law and Regulations and Communiques issues under the Law.
8.2. Internal Audit Activities and Reporting of the Results
The internal audit activities in the scope of the Compliance Program, related implementation and the principles
and methods of reporting are set out and implemented by internal audit unit appointed by the Board of Directors
under this Policy. These activities carried out by the internal audit unit of the Bank comprise of the following
matters:
The deficiencies, mistakes and abuses determined as the result of internal audit and control reviews
and the opinions and proposals for prevention of reappearance of them shall be reported to the Board
of Directors.
While the scope of the audit is determined, the faults detected during the monitoring and controlling
works and risky customers, services and transactions shall be included in the scope of the audit.
While determining the units/branches and transactions to be reviewed, the business size and business
volumes of the Bank shall be taken into consideration. In this scope, it is ensured that units/branches
and transactions in the quantity and characteristics of which may represent all of the transactions
carried out by the Bank are audited.
With respect to the works carried out in the scope of internal audit activities, the statistics containing information
regarding the annual business volume of the Bank, the total number of staff and total number of branches, agency
and similar affiliated units, the number of branches, agency and similar affiliated units which were controlled,
total control period, the number of staff employed during controls and the number of transactions controlled
shall be reported to MASAK by Compliance Officer up to the end of March of every year.
9. OTHER PROVISIONS
9.1. Cooperation with National and International Institutions
It is essential to be in cooperation with any institution and establishment with respect to combating money
laundering and terrorist financing provided that it is conform with the laws and the policies of the Bank. In this
scope, the examination requests coming from competent authorities are performed, the findings are duly
reported to the related authority. All requests with legal foundation such as freezing the accounts, blocking,
reporting the accounts are performed within the determined period.
9.2. Provision of Information and Documents, Maintenance and Confidentiality of the Records
All information, documents and records related to the customers and transactions to be obtained and kept as per
the Law No. 5549 and applicable legislation under the Law are diligently kept and shall be available when
necessary in scope of the principles and durations set forth in legislation.
Document No : PLT.UYUM.0003.02
Revision No : 2
Effective Date : 14.06.2017
Revision Date : 17.01.2018
Page No : 22/22
The requests made in the scope of information and documents provision and permanent information provision
liabilities are fulfilled with maximum care and diligence. The confidentiality of information, documents and
records pertaining to the customers and transactions shall be maintained. The activities regarding maintaining
information, document and records in scope of the Law No. 5549 are set out by procedures, process or linked
documents.
9.3. Violation of the Liabilities
The administrative and penal sanctions to be exposed to in case of violation of the liabilities set forth in the Law
and under the Regulation and Communiques issued as per the Law are regulated in the Law, and the content and
amount of the sanctions are in the procedures, processes or linked documents.
As already mentioned above (in 3.4, Duties, Powers and Responsibilities of the Employees of the Bank), any
employee of the Bank causing weakness with respect to the compliance with liabilities explained in this Policy are
sanctioned including being dismissed. The violation of the legislation on the combating laundering of proceeds of
crime and terrorist financing may cause the Bank’s employees are sentenced with prison and that their money
and assets are seized together with the Bank and they may be exposed to another set of sentences.
10. ENFORCEMENT AND AMENDMENTS
This Compliance Policy on prevention of money laundering and terrorist financing constituting the frame of the
Compliance Program of Vakıf Katılım Bankası A.Ş. is effective as of its approval after being submitted by the
Compliance Officer of the Bank to the Board of Directors and it is published throughout the Bank.
Bank staff shall always abide by any internal regulation prepared or to be prepared in this scope by the Bank,
under the leadership and monitoring of the Senior Management.