Market Intelligence: Anti-Corruption - Turkey

Introduction

Altug Ozgun answers a series of questions that give his perspective on the evolving legal and regulatory landscape in Turkey with insights related to the current market conditions and developments in the law.

1. What are the key developments related to anti-corruption regulation and investigations in the past year in your jurisdiction, and what lessons can compliance professionals learn from them?

Turkey does not have a specific anti-corruption or bribery law with extraterritorial effect. Anti-corruption and bribery are generally regulated under the Turkish Criminal Code No. 5237, the Misdemeanours Law No. 5326, the Law on Declaration of Property and Combating Bribery and Corruption No. 3628, and the Regulation on the Ethical Principles and Application Procedures and Principles for Public Servants. Bribery, extortion, misconduct, abuse of trust, fraud, forgery of documents and bid rigging are regulated under the Turkish Criminal Code, and anti-money laundering is regulated under the Law on the Prevention of Laundering of Crime Revenues. The scope of the bribe under the Turkish Criminal Code does not cover private sector-to-private sector bribery, except some entities, such as public joint-stock companies’ representatives.

The recent and most important reform made in Turkey’s struggle with corruption is the amendment made to article 43/A of the Misdemeanours Law on 31 December 2020, regarding the administrative liability of legal persons. Under Turkish criminal law, only real persons have criminal responsibility; however, legal persons are not included in the scope of criminal liability. Legal persons can only be subject to security measures and administrative fines. However, with the amendment made to article 43/A of the Misdemeanours Law, the administrative liability of legal persons for several crimes, including bribery and fraud, is regulated. Article 43/A of the Misdemeanours Law regulates the administrative fines for legal persons provided that a real person entitled to represent the legal person committed a crime and the legal person received a monetary benefit for specific crimes, including fraud, bid-rigging, bribery and laundering the proceeds of crime. With the recent amendments made to article 43/A of the Misdemeanours Law, the list of crimes subject to the execution of administrative fines has been expanded. And the upper limit of administrative fines that can be imposed on legal persons has been increased. The upper limit of administrative fines has increased from 2 million to 50 million lira. The minimum fine limit remains at 10,000 lira; however, the amount of a fine cannot be less than twice the monetary gain of a crime. Administrative fines may be imposed on legal persons even without the prerequisite to complete an investigation or prosecution of real persons representing or acting on behalf of the legal persons. This amendment is expected to bring legal entities an awareness of the importance of anti-corruption compliance.

Besides the current amendments made in the legislative area, Turkey’s Judicial Reform Strategy for 2019–2023 addresses ‘protection and improvement of rights and freedoms, improving judicial independence, impartiality and transparency, ensuring access to justice, enhancing the efficiency of the criminal justice system, [and] improving the efficiency of civil and administrative trials’ as the main aim and focus of Turkey’s upcoming reforms, which shows that Turkey will keep taking concrete actions both in legislation, enforcement and executive areas to improve its power to combat corruption and bribery.

In terms of investigations in 2020, Turkey has a poor track record of investigation, prosecution and conviction in corruption cases that have media coverage, particularly in relation to high-level corruption cases that involve public officials.

When considering Turkey’s low Transparency International Corruption Perceptions Index score of 2021, compliance professionals, both those who work in Turkish subsidiaries of international entities, and also in international entities that work with Turkish entities, must be aware of the geographical risk of corruption and implement tailor-made third-party risk management programmes.

2. What are the key areas of anti-corruption compliance risk on which companies operating in your jurisdiction should focus?

The most important areas to focus on regarding anti-corruption compliance are tailor-made risk assessment, monitoring and third-party risk management. Besides other important elements of anti-corruption such as policymaking, whistle-blowing, training and communication, and senior management commitment, companies should embed risk management into their daily practices, monitor and define the scope of interactions with government officials, classify their third parties such as agents, consultants, clients, business partners, etc to make sure that all transaction-related payments are in accordance with the law and procedures and if any government official has been involved in the process companies must be aware of bribery.

Due to the cultural aspect and the lack of general compliance practices awareness, Turkish companies should also consider appropriately tailored and innovative training and communication plans. As underlined in the US Department of Justice’s ‘Evaluation of Corporate Compliance Programs’: companies are required to implement risk-based training, provide local language support and tailor-made content targeted to the audience, focus on training that addresses lessons learned from the company’s or industry’s prior practices, and communicate about misconduct and what resources are available for employees when they seek advice. It’s also of utmost important to localise training, give real-life examples, constantly provide ethics communication from senior and middle level managers and use adequate tools to assess the effectiveness of the training.

3. Do you expect the enforcement policies or priorities of anti-corruption authorities in your jurisdiction to change in the near future? If so, how do you think that might affect compliance efforts by companies or impact their business?

Currently, there is no specific authority established for anti-corruption except MASAK (the Financial Crimes Investigation Board), which mostly deals with the financing of terrorism and laundering of proceeds of crimes. However, when considering Turkey’s low Transparency International Corruption Perceptions Index score of 2021, and its commitments as a party of the OECD’s Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, GRECO and G20, it is expected that Turkey will establish a specific independent enforcement body for anti-corruption and specialised prosecution services that particularly deal with financial crimes of corporate entities.

In addition, with the increased foreign investment into Turkey, compliance management has seen a rising trend of the Turkish subsidiaries of international entities and local entities doing business with international entities. Following the trend especially in publicly held joint-stock companies and in regulated industries such as healthcare and energy, it is expected that Turkey will adopt new regulations to ensure that entities – especially those that operate in more risky environments – fulfil their compliance responsibilities.

Turkish law does not specifically define and oblige corporations to adopt compliance programmes or a compliance management system to manage or mitigate the risks, except for the requirements set out in the Regulation on Compliance Programmes Regarding Obligations on Laundering the Proceeds of Crime and Prevention of Financing of Terrorism, which requires particular entities to apply a compliance programme covering policies and procedures, risk management activities, monitoring and controlling activities, a dedicated compliance officer and compliance department, training, and internal controls. While the obligors of these principles are currently limited to: (1) banks (except for the Central Bank of the Republic of Turkey and development and investment banks); (2) capital markets intermediary institutions; (3) insurance and pension companies; (4) the General Directorate of Post and Telegraph Organisation (limited to banking operations); (5) group A authorised institutions defined in the exchange regulations; (6) financing, factoring and financial leasing firms; (7) portfolio management firms; (8) precious metals intermediary institutions; (9) electronic money institutions; and (10) payment institutions (except those that only provide intermediary services for bill payments, initiating order of payment and providing information regarding payment accounts), it is expected that these compliance requirements will be widened and regulated to include other industries.

In accordance with these expectations and reforms both on the regulative and enforcement side of compliance, entities must establish a tailor-made compliance programme and empower their compliance functions. There are particular examples in the history of Turkish entities and subsidiaries regarding how their high-level directors were involved in corrupt activities, and how this had harmed the entities’ both material and moral values. There are specific points in all industries that can be accepted by everyone as more risky environments and may require stronger risk control mechanisms. Compliance mechanisms to prevent corruption must be implemented and applied effectively in such a manner that any lack in these compliance functions would not be deemed as wilful ignorance.

4. Have you seen evidence of increasing cooperation by the enforcement authorities in your jurisdiction with authorities in other countries? If so, how has that affected the implementation or outcomes of their investigations?

Yes. Almost all high-profile investigations and prosecutions involve extensive cooperation and exchange of information and evidence with foreign authorities. According to article 3 of the Financial Action Task Force Recommendations, authorities must establish all necessary connections with foreign and domestic authorities to avoid money laundering and may request all necessary documents related to such crimes. As a rule, the authorities contact the foreign public and private institutions through letters related to international anti-corruption cases, asking to freeze the perpetrator’s assets.

Turkey is a party of the Council of Europe Criminal Law Convention on Corruption (article 26), the United Nations Convention Against Corruption and the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions. Therefore, for crimes related to corruption including bribery and bribery of foreign public officials (as regulated under the Turkish Criminal Code article 252), in addition to the legal assistance agreements or reciprocity principle, if the relevant country is a party to the named agreements, the terms and principles of these agreements shall also be applied. Turkey continues to take actions to improve anti-corruption cooperation both in regulatory and enforcement terms.

5. Have you seen any recent changes in how the enforcement authorities handle the potential culpability of individuals versus the treatment of corporate entities? How has this affected your advice to compliance professionals managing corruption risks?

Under Turkish criminal law, only real persons have criminal responsibility; legal persons are not included in the scope of criminal liability. Legal persons can only be subject to security measures and administrative fines where it is regulated under particular crimes. However, as explained previously, with the amendment made to article 43/A of the Misdemeanours Law, the administrative fines have been increased, which apply to legal persons provided that a real person entitled to represent the legal person committed a crime and the legal person received a monetary benefit for specific crimes, including fraud, bid-rigging, bribery and laundering the proceeds of crime. Also, it is regulated that administrative fines can be imposed on legal persons even without the prerequisite to complete an investigation or prosecution of real persons representing or acting on behalf of the legal persons. Therefore, it can be said that the enforcement authorities will hold separate the culpability of corporate entities and the involvement and culpability of individuals.

6. Has there been any new guidance from enforcement authorities in your jurisdiction regarding how they assess the effectiveness of corporate anti-corruption compliance programmes?

Turkish law does not stipulate anti-corruption compliance programmes. However, according to the Regulation on Compliance Programmes Regarding Obligations on Laundering the Proceeds of Crime and Prevention of Financing of Terrorism, a compliance programme shall cover policies and procedures, risk management activities, monitoring and controlling activities, a dedicated compliance officer and compliance department, training, and internal controls.

Anti-corruption compliance liability is also addressed under the Capital Markets Law and its secondary regulations. According to the Communique on Corporate Governance No. II. 17-1 of the Capital Markets Board dated 2014, listed companies are bound to establish corporate governance principles. The Communique’s ‘Corporate Governance Principles’ address the standards for compliance management and categorise the principles as transparency, equality, accountability and responsibility. The principle on ‘ethical rules and social responsibility’ states that ‘the company is sensitive to its social responsibilities; the company complies with the ethical rules on environment, consumer and public health. The company supports and respects international human rights. The company combats any kind of corruption including extortion and bribery.’

Also, according to article 378 of the Turkish Criminal Code, the board and senior management have the liability for mitigating risks, and the board of directors has an obligation to establish a committee that detects risks early.

7. How have developments in laws governing data privacy in your jurisdiction affected companies’ abilities to investigate and deter potential corrupt activities or cooperate with government inquiries?

There is a high number of corruption cases that have been performed through the use of electronic communication systems. Doubts on these corrupt activities can arise upon a whistle-blower tip, or the perpetrator’s suspicious activities itself. When this is the case, email and electronic device inspections become an inseparable and critical part of internal investigations in order to gather evidence and resolve the case.

Examining email addresses and electronic devices of employees and relying on the evidence gathered during these inspections before the court has become a disputable issue in terms of the rules of protection of personal data. A Constitutional Court decision dated 17 October 2020 stated that the applicant’s right to protection of personal data and privacy of communication had been violated when the employer inspected the applicant’s corporate email and electronic devices without his prior knowledge and terminated the employment contract based on the misconduct detected as part of the inspection. The decision of the Constitutional Court is based on the fact that the employer had not explicitly informed its employees that the communications on their corporate email accounts could be monitored and reviewed when necessary, when such necessity arises, and the underlying reasons for inspecting corporate emails. It must be noted that in a previous decision of the Constitutional Court dated 2 March 2016 regarding another application on the same issue, the Court decided that there was no violation of the right to privacy and privacy of communication, due to the fact that the employer had previously made notifications and warnings to its employees regarding the fact that their corporate emails and devices could be inspected in particular necessary situations, and therefore the employer could examine its employees’ corporate email accounts and rely on the obtained evidence before the court.

Giving prior notice and receiving consent for such inspections is not only necessary to be able to ground the employer’s rightful termination claims and compensation claims against the employer within the scope of Turkish Labor Law No. 4857 in a case where the employee files a lawsuit arguing that the inspections are unlawful, but it is also a legal obligation not to breach any rules of the Law on the Protection of Personal Data No. 6698 and to be exposed to any administrative fine arising from any breach of the Data Protection Law since the employer is considered as data controller.

Compliance professionals must be careful about the necessities arising from the data protection and privacy regulations. By relying on the principle of ‘the fruit of the poison tree is poisonous as well’, collecting only legal evidence is a sine qua non requirement of any investigation process. Any breach of these privacy regulations during investigations may deem the means of collecting this evidence illegal, and harm the evidential value of gathered information regarding corrupt activities

The Inside Track

What are the critical abilities or experience for an adviser in the anti-corruption area in your jurisdiction?

An ideal compliance adviser should consider compliance not only as a field of law but a separate multi-disciplined practice and should focus on legal, financial, governance, leadership and culture aspects.

Helping clients to build or strengthen compliance programmes that are tailor-made for their organisation by providing proactive and reactive services to foster sustainable growth and protect their reputation.

What issues in your jurisdiction make advising on anti-corruption compliance challenging or unique?

Lack of awareness on the binding extraterritorial anti-corruption regulations, lack of adequate anti-corruption local legislation and enforcement, tick-the-box approach compliance programmes, cultural difficulties in building up effective whistle-blower programmes, a lack of compliance professionals and external advice in strategic decision-making actions. Turkey’s declining score on Transparency International’s Corruption Perception Index and workplace practices depending on verbal customs rather than policies are areas with room for improvement.

What have been the most interesting or challenging anti-corruption matters you have handled recently?

From the third-party risk management perspective, Turkish companies that are acting as a third party to multinationals are reluctant to accept anti-corruption requirements with an extraterritorial effect and may insist on only adhering to local requirements. Especially when exercising right-to-audit clauses, third parties may refrain from cooperation and the compliance adviser’s strategic communication skills are needed.

From the investigations perspective, during the pandemic conducting digital investigations and interviews have different dynamics than on-site inspection. Recently we have experienced effective use of data analytics, evidence gathering and supported our client to uncover significant financial misconduct while the whistle-blowing was triggered for a separate HR issue.

This article was first published on Lexology GTDT (Market Intelligence) in October 2021. See our Lexology content here.