Compliance Program

Yapı Kredi makes effective use of corporate governance mechanisms in making progress towards its business objectives by fully complying with the relevant laws and regulations. Yapı Kredi acts in accordance with the principles of responsibility and accountability in all its operations and establishes transparent and effective stakeholder communication mechanisms. In this context, the Bank's Assistant General Manager in charge of the Compliance, Internal Control, and Risk Management reports at least annually to the Board of Directors regarding the activities under the Compliance Program.

Ethical Principles and Anti-Bribery and Anti-Corruption

Yapı Kredi has adopted the 10 Principles of the United Nations Global Compact which require institutions to implement and carry out their practices in accordance with high ethical standards. Yapı Kredi stands firmly against all forms of bribery and corruption and has established the Anti-Bribery and Anti-Corruption Policy with a determination to ensure compliance with all the applicable laws, regulations, and principles. The Bank also established the Code of Ethics and Business Conduct approved by the Board of Directors to operate to the highest standards of integrity and consistency.

Yapı Kredi receives written statements from all its employees, including new recruits, that they accept the Anti-Bribery and Anti-Corruption Policy and the Code of Ethics and Business Conduct. Yapı Kredi also includes the relevant policies among the documents shared during the recruitment process to raise awareness on these matters.

Yapı Kredi has shared its Anti-Bribery and Anti-Corruption Policy and the Code of Ethicsand Business Conduct with all its employees and has them readily available at all times through the internal communication channels (intranet and internal communication announcements). Yapı Kredi reminds all its employees of the rules concerned every month to raise employee awareness and to prevent and reduce non-conforming transactions and behaviors. The Bank also has shared these policies with its stakeholders and partners on its website.

Anti-Bribery and Anti-Corruption Program

Yapı Kredi implements the Anti-Bribery and Anti-Corruption Program with a series of measures which aim to identify and mitigate potential bribery and corruption risks in order to adhere to the commitments and principles specified in the Anti-Bribery and Anti-Corruption Policy.

The Anti-Bribery and Anti-Corruption Program, which is continuously reviewed in the face of changing conditions, and, more importantly, the varying and repetitive nature of corruption, includes the following main elements:

  • Yapı Kredi performs a regularly updated risk assessment, which offers a comprehensive evaluation on which aspects of its business are vulnerable to bribery and corruption. The risk assessment results are reviewed by the Audit Committee.
  • Yapı Kredi provides training to, and raises awareness in its employees on the relevant legal requirements in the context of its Anti-Corruption Program.
  • The Bank implements second order anti-corruption controls.
  • Yapı Kredi creates and executes policies, directives, and general principles regarding the Anti-Bribery and Anti-Corruption Policy and the regulations, policies, directives, and arrangements issued regarding the risks mentioned in the policy, together with the applicable laws and legislation.
  • Yapı Kredi executes its Notification and Reporting Channels, which are open to internal and external access, in compliance with the principle of confidentiality in the five main areas of internal audits: anti-bribery, anti-corruption, ethics, sanction violations, and conflict of interest. Anonymous notifications can be made via the notification and reporting channels.
  • The Senior Management provides guidance to maintain a culture of compliance in which bribery and corruption are strictly unacceptable.
  • The Bank informs its employees of the requirement to accurately record all transactions into official books and records.
  • The issues monitored in line with the anti-corruption program are reported to the Audit Committee and the Head of Anti-Bribery and Anti-Corruption in certain periods.

Yapı Kredi has identified risk areas in accordance with its efforts to identify and mitigate bribery and corruption risks. The Bank works with the relevant business units on the areas that may be perceived to be most prone to bribery and corruption. The purposes of the controls conducted in this respect are to support compliance with the applicable legislation, legal requirements and the code of conduct, prevent violations, preserve Yapı Kredi's reputation and efficiently carry out the necessary analysis, assessment, and decision-making mechanisms related to the risk areas identified in the Anti-Bribery and Anti-Corruption Policy.

The controls performed under the said efforts include the assessment of the following:

  • Sufficiency of the Senior Management's support for developing a culture where bribery and corruption are strictly unacceptable
  • The training activities mentioning all the risk areas concerning bribery and corruption
  • Whether written policies and regulations are in place regarding anti-bribery and anti-corruption and whether such policies comply with the regulations
  • Whether the Whistleblowing Policy and the process thereunder cover the topics of bribery and corruption
  • Compliance with the anti-bribery and anti-corruption principles with the practices related to mergers, acquisitions, and important investments
  • Not using gifts and hospitality unduly to mitigate job acquisition and retention risk; compliance with the relevant gift and hospitality procedures
  • Conducting risk assessment before establishing business relationship with third parties
  • Not using donations or sponsorships for undue job acquisition or retention; compliance with the applicable donation and sponsorship procedures
  • Implementation of the controls related to job offers and mitigation of bribery-corruption risks

Training

Yapı Kredi provides regular in-class and remote training to all its employees regarding Anti-Bribery and Anti-Corruption and the Code of Ethics and Business Conduct. This training is mandatory and an exam must be passed to complete the training successfully.

Yapı Kredi also provides Anti-Bribery and Anti-Corruption training to the subcontractors working in its corporate buildings and to third parties acting as a proxy on behalf of the bank.

Third-Party Relations

Yapı Kredi encourages the third parties it engages to implement its anti-bribery and anti-corruption program in accordance with the applicable laws and regulations. Third parties acting as a proxy of Yapı Kredi are required to agree to comply with the regulations and all the applicable anti-bribery and anti-corruption laws.

As part of its Anti-Corruption Program, Yapı Kredi requires the third parties it engages to comply with the relevant Yapı Kredi policies and their employees to adopt the principles set out in these policies and carry out their activities in compliance with such principles. To this end, the contracts signed by the Bank incorporate an Anti-Bribery and Anti-Corruption clause.

With the “General Principles on Anti-Bribery and Anti-Corruption” document, Yapı Kredi also performs detailed and sufficient bribery and corruption risk assessment (due diligence) before establishing relations with third parties.

Yapı Kredi follows up on the black-listed persons and companies based on information received from international data providers and social media sources in order to ensure compliance in all its activities with the domestic/international regulations and the Bank's own rules. The Bank uses the information obtained from such sources to identify third parties known or suspected to give bribes.

Yapı Kredi employs certain criteria in appointing and setting the fees of suppliers and subcontractors and performs regular performance assessments.

Responsibility

The Anti-Bribery and Anti-Corruption Policy and the Code of Ethics and Business Conduct are internally executed by the Compliance, Internal Control, and Risk Department. The Compliance, Internal Control, and Risk Department is responsible for regulations and internal control activities regarding banking and capital markets regulations, foreign exchange regimes, anti-laundering, internal and external fraud-detection systems, data protection, conflicts of interest, malpractice and malfeasance, querying outside the area of responsibility, unauthorized access to confidential information, anti-bribery and anti-corruption, ethical rules and code of conduct, and the Turkish Code of Obligations.

Monitoring

The Bank has very strong systems and structures in place against anti-bribery and anti-corruption, in accordance with the applicable regulations and international practices, overseen by the “Internal Audit” and “Compliance, Internal Control, and Risk Management” departments. These departments, who report directly to the Audit Committee within the Board of Directors, ensure that the Bank's activities are performed in compliance with the applicable laws, legislation, corporate policies and procedures, the Code of Ethics and Business Conduct, the Anti-Bribery and Anti-Corruption Policy, and the Policy on Preventing the Laundering of Proceeds of Crime and Financing of Terrorism.

Yapı Kredi performs routine, periodic, and spot controls in the context of compliance with its Code of Ethics and Business Conduct. If, as a result of such controls, an incident is identified that violates the Code of Ethics and Business Conduct or the Disciplinary Regulations and/or the same violation is repeated during the effective term, the said incident can be directly escalated by the Ethics Unit to the Disciplinary Committee. Depending on the nature of the incident, disciplinary penalties that can even lead to the termination of the employment contract may be taken into consideration.

In this respect, the concerned administrations perform control and audit activities in addition to monitoring and reporting risks. In addition, the concerned administrations submit (monthly, quarterly, and annual) reports to the Audit Committee and the Board of Directors. The Audit Committee is responsible for evaluating the bank's ethical environment and for controlling the effectiveness of processes in terms of ethical compliance.

Notification and Reporting

Yapı Kredi has developed a corporate culture that encourages the following of ethical principles and ensures full communication at all levels. In this respect, the Bank is aware of the importance of arrangements that allow its employees and third parties to notify and report.

Accordingly, Yapı Kredi established the "Whistleblowing Policy" setting the principles for reporting the behaviors of employees and third parties who are considered by its corporate policies to be engaging in "unacceptable behavior." Furthermore, Yapı Kredi established the "Reporting Process for Notification and Reporting Channels" document that sets out the management of, and responsibilities related to, the processes of reporting notifications and reports. The Bank also defined communication channels for the reports under the policy.

The communication channels through which the Bank's employees and third parties can send notifications and reports can be accessed from the Whistleblowing Policy. The Notification and Reporting Policy has been translated into the local languages of the countries where Yapı Kredi operates.

Unacceptable behaviors are those that are illegal, unfair, or unethical, or lead to the violation of laws and regulations or the internal rules. Such behaviors include any action and/or neglected fulfillment that takes place during working activities or may negatively affect said working activities, leading to the violation of the Bank's operating rules, and causes harm or fosters negative perceptions about Yapı Kredi and/or its employees.

Employees and third parties may also report unacceptable behavior anonymously through the communication channels. Notifications and reports delivered via these channels are kept strictly confidential and the identity of the notifying or reporting person also remains confidential unless he/she requests disclosure. Yapı Kredi employees are not subject to any change in seniority/title or any similar negative situation (disciplinary penalty, dismissal, assigning low performance, etc.), direct or indirect retaliation or disadvantage due to refusing to participate in unacceptable behaviors, making notifications or reports, conveying their concerns, and/or getting involved in the examination/investigation processes.

Also, the Notification and Reporting Policy describes the responsibilities regarding the notification and reporting of unacceptable behavior in the Bank and the management of the concerned process.

Yapı Kredi issues reminders of its notification and reporting channels to its employees at certain intervals in order to raise employee awareness.

Dialogue with Stakeholders

In line with its principles of transparency and accountability, Yapı Kredi is intent on going the extra mile by establishing practices to prevent risky activities related to bribery and corruption. In this respect, Yapı Kredi has become a member of the Association for Ethics and Reputation (TEID). With its innovative efforts and initiatives in ethics, bribery, and corruption-related issues, the TEID has provided support and guidance to Yapı Kredi.

Accordingly, Yapı Kredi is loyal to its cooperation with the TEID, of which it is a member, in the framework of the exchange of ideas and principles on ethics, anti-bribery, and anti-corruption, which are among the factors that significantly affect the Bank’s performance in the fields of sustainability and corporate governance.

For further information, click here for the Yapı Kredi Anti-Bribery and Anti-Corruption Policy, here for the Code of Ethics and Business Conduct, and here for the Whistleblowing Policy.

Conflict of Interest

The Conflict of Interest Policy describes the principles and rules that will guide employees in identifying and managing potential conflicts of interest. It also provides general information about the measures taken by Yapı Kredi to identify, manage, and record conflicts of interest particularly related to the following:

  • Conflicts arising from the personal interests of the employees
  • Conflicts related to investment services and activities
  • Conflicts related to banking services and activities
  • Organizational and corporate conflicts

In offering a broad range of products and services to its customers, Yapı Kredi acts fairly and with integrity in consideration of their interests and the integrity of the market. Accordingly, in the context of its relations with its customers, the Bank prevents and takes the necessary measures against potential conflicts of interests:

  • between its customers and its shareholders, employees, managers, and persons directly or indirectly related thereto
  • among its customers.

The Conflict of Interest Policy describes the practices and procedures that help to identify and manage conflicts of interest. It also includes information barriers (“Chinese Wall”) and practices for preventing the spread and monitoring of confidential and internal information. It also enables the management of actual or potential conflicts of interest and provides general information to the Bank's employees on measures taken to identify, manage, and record conflicts of interest. Click here for further information on the Yapı Kredi Conflict of Interest Policy.