The Financial Crimes Investigation Board (MASAK) is Turkey's primary regulatory authority in the fight against money laundering. The vast majority of financial service companies carry MASAK obligations under Law No. 5549. In this article, we explain what an AML compliance programme is, which companies are required to have one, and how to implement it effectively.
AML stands for Anti-Money Laundering. MASAK supervises the compliance activities of obligated institutions under Law No. 5549 on the Prevention of Laundering Proceeds of Crime.
Note: Crypto asset platforms have been explicitly defined as MASAK obligees as of 2024, subject to obligations equivalent to those of banks.
AML and CTF risks are assessed based on the company's services, client profile and operating geographies. This forms the foundation of the programme.
Verification of customer and business identities, risk-based classification and ongoing monitoring, including PEP screening and sanctions list checks.
Where there is a suspicion of money laundering or terrorist financing, notification to MASAK is mandatory. Internal procedures must support this process.
Institutions above a certain threshold must appoint a qualified compliance officer responsible for operating the programme and reporting.
All employees must receive regular AML training.
MASAK's General Communiqué No. 30, effective 1 January 2026, introduced tiered declaration and monitoring requirements for EFT, remittance and high-value cash transactions. Financial institutions must now monitor customer cash flows more closely and apply enhanced scrutiny to transactions without a clear legal or economic purpose.
Contact Koru Legal for a company-specific risk assessment and AML compliance programme design. We also provide full support for MASAK notification and reporting processes.
Enquire →