Crypto Asset Regulation in Türkiye’s Digital Economy Transformation
Introduction
Crypto assets are assets that are secured through cryptographic methods on distributed ledger technology (DLT) and can be transferred over digital networks without being dependent on a central authority. This asset class, which has been rapidly expanding on a global scale, has given rise to a serious need for classification and regulation by regulatory authorities, as it does not fully conform to traditional legal categories.
Türkiye, as one of the countries with the highest rates of crypto asset transaction volume worldwide, needs to take significant steps in establishing a regulatory framework in this field. This briefing note addresses in detail the debates regarding the legal nature of crypto assets in Türkiye, the existing regulatory framework, the innovations introduced by Law No. 7518, the secondary regulations (communiqués) issued by the Capital Markets Board (“CMB”), the obligations under the Financial Crimes Investigation Board (“MASAK”), and the compliance processes of crypto asset service providers (“CASPs”).
Legal Nature and Classification Debates Regarding Crypto Assets
The determination of the legal nature of crypto assets directly affects the applicable legal regime, and this issue continues to be debated both in academic doctrine and in practice. The classification of crypto assets as “money,” “commodity,” “security,” or “intangible asset” leads to different outcomes in numerous areas such as taxation, attachment, inheritance, dispute resolution, and capital markets regulations.
The first normative definition regarding crypto assets in Turkish law was introduced by the “Regulation on the Non-Use of Crypto Assets in Payments” (“Regulation”), published in the Official Gazette No. 31456 dated 16 April 2021. Article 3 of the Regulation defines crypto assets as “intangible assets that are virtually created using distributed ledger technology or a similar technology and distributed over digital networks, but that are not qualified as fiat money, book money, electronic money, payment instruments, securities, or other capital market instruments.”
The definition added to Capital Markets Law No. 6362 (“CML”) through Law No. 7518 has broadened this approach by defining crypto assets as “intangible assets that are electronically created and stored using distributed ledger technology or a similar technology, distributed over digital networks, and that may represent value or rights.” This definition demonstrates that crypto assets constitute not merely a medium of exchange but also an asset category capable of representing certain rights.
Crypto assets are not accepted as legal tender under Turkish law, as they are not issued by the Central Bank of the Republic of Türkiye (“CBRT”) and lack legal guarantee. The CBRT, through the Regulation, has expressly prohibited the direct or indirect use of crypto assets as payment instruments and the provision of services for such use.
Securities are defined under the CML (Capital Market Law – SPK) as equity-like instruments and debt instruments. Since the vast majority of crypto assets do not possess the characteristics of partnership rights or debt instruments, they are not, as a general rule, classified as securities. However, a different assessment is required with respect to specific tokens that confer rights inherent to capital market instruments. Indeed, Article 35/B(6) of the CML has expressly established the CMB’s regulatory authority over such crypto assets.
At the international level, particularly in the United States, the Commodity Futures Trading Commission (CFTC) tends to treat Bitcoin as a commodity whose value is determined by supply and demand. Under Turkish law, if crypto assets were to be accepted as commodities, their taxation under the categories of commercial income or occasional income and the imposition of value-added tax (VAT) obligations could come into question. The current approach of the Revenue Administration is to evaluate crypto assets as “intangible assets.”
The prevailing view in doctrine is that crypto assets constitute a sui generis (unique) digital asset category.
Legal Framework in Türkiye
The Regulation published by the CBRT on 16 April 2021 constitutes the first comprehensive regulation regarding crypto assets. The Regulation prohibited payment service providers and electronic money institutions from intermediating fund transfers to or from platforms that offer purchase-sale, custody, transfer, or issuance services related to crypto assets. Furthermore, crypto asset service providers were brought within the scope of MASAK obligations under Law No. 5549 on the Prevention of Laundering of Proceeds of Crime.
The most fundamental change for the crypto asset ecosystem was realized through “Law No. 7518 on the Amendment of the Capital Markets Law,” which was adopted by the Grand National Assembly of Türkiye (GNAT) on 26 June 2024 and entered into force upon publication in the Official Gazette dated 2 July 2024. This Law introduced new provisions to the CML regarding crypto assets and CASPs. Türkiye’s compliance efforts in the process of being removed from the Financial Action Task Force (FATF) grey list also played a decisive role in the enactment of Law No. 7518.
Law No. 7518 added definitions of wallet, crypto asset, CASP, crypto asset custody service, and platform to the CML. The requirement to obtain authorization from the CMB for the establishment and commencement of operations of CASPs was made mandatory. Principles regarding the safe, accessible, and traceable custody of client assets were established. Unauthorized activities of platforms established abroad targeting persons resident in Türkiye were prohibited and made subject to criminal sanctions. Imprisonment of three to five years and a judicial fine of five thousand to ten thousand days were stipulated for those who engage in unauthorized CASP activities. It was regulated that conditional release provisions shall not apply to those convicted of embezzlement of crypto assets, as long as their debts to the Treasury remain unpaid.
The Capital Markets Board published the secondary regulations it prepared within the framework of the authority conferred by Law No. 7518 in the Official Gazette No. 32840 dated 13 March 2025. These regulations consist of two separate communiqués:
i) Communiqué No. III-35/B.1 on the Establishment and Operating Principles of Crypto Asset Service Providers
This Communiqué regulates the establishment, commencement of operations, activities, and suspension of activities of CASPs; their founders and shareholders and share transfers; their managers, personnel, and organizational structure; internal audit, internal control, and risk management systems; information systems and technological infrastructure; and record-keeping and audit principles.
ii) Communiqué No. III-35/B.2 on the Operating Procedures and Principles and Capital Adequacy of Crypto Asset Service Providers
This Communiqué regulates the services and activities that CASPs may offer, the trading environments for crypto assets, their custody and transfer, listing criteria on platforms, and the procedures and principles regarding capital adequacy.
Licensing Process and Establishment Requirements
Pursuant to Communiqué No. III-35/B.1, obtaining authorization from the CMB is mandatory for CASPs to be established and commence operations in Türkiye. Under Provisional Article 11 of the CML, CASPs that were already operating as of the date Law No. 7518 entered into force were required to either apply to the CMB within one month of the effective date or adopt a liquidation resolution within three months. The CMB publishes on its website the list of CASPs that have filed applications and the list of entities that have adopted liquidation resolutions.
Communiqué No. III-35/B.1 has regulated in detail the qualifications required of CASP founders and shareholders. Accordingly, founders and shareholders must not be bankrupt, must not have declared a composition with creditors, must not have been convicted of certain offenses (embezzlement, extortion, bribery, fraud, forgery, breach of trust, money laundering, etc.), and must not hold, directly or indirectly, a ten percent or greater share in financial institutions that have been subject to liquidation.
The board of directors is required to consist of a minimum of three members, and the majority of the members must hold a bachelor’s degree. The general manager must be exclusively employed for this position, resident in Türkiye, and appointed on a full-time basis. The general manager and deputy general managers must possess at least seven years of professional experience in the fields of financial markets, information processing, information technologies, or financial technologies. As of 30 June 2025, the approval of the CMB has been made mandatory for the appointment of general managers and deputy general managers.
With respect to the information systems and technological infrastructure of CASPs, the technical criteria prepared by TÜBİTAK BİLGEM (“TÜBİTAK Infrastructure Criteria”) are taken as the basis. Private keys and their backups must be stored in Türkiye, and even where they are fragmented through mechanisms such as multi-party threshold cryptography, each fragment and the control of key fragments must remain with the CASP (Communiqué No. III-35/B.1, Art. 27). Security standards regarding the use of cold wallets and hot wallets have been separately established.
Capital Adequacy and Operating Principles
The capital adequacy provisions set forth in the seventh chapter of Communiqué No. III-35/B.2 aim to ensure the financial soundness of CASPs. Existing CASPs are required to achieve compliance with these provisions by 30 June 2025 at the latest. Position risk and exchange rate risk calculations must be performed within specified ratios.
A comprehensive prohibition regime for CASPs has been established under the communiqués. CASPs may not engage in industrial or agricultural activities outside the scope of the authorization granted by the CMB, may not make return commitments, may not conduct unauthorized transactions, may not create fictitious accounts or records, may not carry out transactions by obtaining broad powers of attorney from their clients, and may not engage in foreign exchange trading or outward foreign exchange transfers. Crypto assets listed on platforms may not be subject to leveraged transactions, derivative contracts, margin trading, short selling, or lending transactions. As of 30 June 2025, platforms will not be permitted to intermediate in the initial sale or distribution of crypto assets that do not meet the minimum listing criteria.
CASPs may provide investment advisory services only to clients whose current value of crypto asset holdings on the platform meets the minimum requirements set forth in Article 15 of Communiqué No. III-35/B.2. This regulation reflects an approach that is parallel to the concept of qualified investor protection.
MASAK Obligations
Fundamental changes regarding the crypto asset ecosystem were introduced to the MASAK legislation through the regulations published in the Official Gazette No. 32763 dated 25 December 2024. With these amendments, CASPs were accorded the status of “financial institution” within the scope of the MASAK legislation.
Under the regulation introduced by Article 24/A added to the Measures Regulation, which entered into force as of 25 February 2025, the collection, verification, and transmission of identification information relating to the sender and receiver (name-surname, wallet address, place/date of birth, citizenship number, tax identification number, etc.) has been made mandatory for crypto asset transfers above the current minimum threshold determined by the legislation that are intermediated by CASPs. In the event of missing information, the deficiency must be requested to be remedied; if it is not remedied, the crypto asset transfer must be returned. This regulation has been shaped in accordance with FATF Recommendation 16.
CASPs are required to bring the identity verification of their clients into compliance with the face-to-face procedures pursuant to the Measures Regulation or with the remote identity verification procedures pursuant to MASAK Communiqué Serial No. 19. CASPs that intermediate in the purchase-sale or custody of privacy-based crypto assets are prohibited from conducting remote identity verification.
CASPs are required to establish a compliance program encompassing the formulation of institutional policies and procedures, risk management, monitoring and control activities, the appointment of a compliance officer, and training and internal audit activities.
CASPs, in their capacity as MASAK obligors, are under the obligation to file suspicious transaction reports, to maintain transaction records, and to transmit them to MASAK when required. This obligation is of critical importance in the fight against money laundering and the financing of terrorism.
Comparison with the EU MICA Regulation
The European Union’s Markets in Crypto-Assets Regulation (MICA) constitutes the most comprehensive regulatory framework at the international level. MICA categorizes crypto assets as e-money tokens, asset-referenced tokens, and other tokens, and introduces licensing, transparency, capital requirements, and consumer protection standards for issuers and service providers. The regulatory framework established by Türkiye through Law No. 7518 and the associated communiqués exhibits an approach that is parallel to MICA in many respects. Both regulatory frameworks prescribe similar standards in terms of licensing, capital adequacy, segregated custody of client assets, and information systems security. However, the absolute prohibition on the use of crypto assets as payment instruments under the Turkish regulations constitutes a significant point of divergence from MICA.
Conclusion
While the crypto asset regulatory framework in Türkiye has recorded certain significant advancements, legal uncertainties persist in some areas. Through Law No. 7518 and the secondary regulations issued by the CMB, Türkiye has established a comprehensive regulatory framework for the crypto asset ecosystem.
A specific statutory regulation on the taxation of crypto asset gains does not yet exist. Under the current circumstances, while it is possible for the gains obtained to be assessed within the scope of income tax or corporate tax depending on the nature of the income, uncertainties persist in practice.
Private law matters such as the establishment of ownership rights over crypto assets, the creation of limited real rights, and whether they may be subject to intellectual and industrial property rights have not yet attained clarity at the legislative level.
When licensing, capital adequacy, custody obligations, information systems security, and MASAK compliance requirements are considered as a whole, it is evident that Türkiye’s regulatory approach in this field is substantially in alignment with international standards.
