Executive summary
This page provides an overview of crypto-asset transfer regulation and Travel Rule requirements in Turkey. It is intended for crypto-asset service providers, financial institutions, and compliance teams operating in or interacting with the Turkish market.
Turkey has rapidly transitioned from a largely unregulated crypto environment to a tightly supervised regime. Under Law No. 7518, crypto-asset service providers (CASPs) are formally integrated into the national AML/CFT framework and treated as financial institutions. As of February 2026, Travel Rule obligations are fully operational, with enhanced transaction-monitoring and identity-verification expectations enforced by national authorities.
This content is provided for informational purposes only and does not constitute legal advice.
Regulatory landscape overview
Turkey’s crypto-asset framework is characterised by strong central oversight and a convergence of financial, technical, and enforcement authorities. Rather than relying solely on financial regulators, the regime incorporates national security, technology, and scientific institutions.
Key characteristics of the Turkish approach include:
Mandatory licensing and asset-listing approval
Low transaction thresholds for Travel Rule applicability
Broad real-time monitoring and data-collection powers
Strong restrictions on foreign and unlicensed platforms
The framework aligns with Financial Action Task Force (FATF) standards, while adopting additional domestic controls reflecting Turkey’s risk posture.
Supervisory and regulatory authorities
Travel Rule compliance in Turkey is overseen through a multi-authority structure:
Capital Markets Board of Turkey (SPK / CMB): Primary licensing and supervisory authority for CASPs
Financial Crimes Investigation Board (MASAK): AML/CFT enforcement authority responsible for Travel Rule implementation
Scientific and Technological Research Council of Turkey (TÜBİTAK): Sets mandatory technical and custody-security standards
Central Bank of the Republic of Turkey (CBRT): Maintains restrictions on the use of crypto assets as a means of payment
CASPs must comply with requirements across all relevant authorities.
Travel Rule status in Turkey
The Travel Rule is fully implemented and enforced under MASAK regulations.
Under the Turkish framework:
Travel Rule obligations apply to all licensed CASPs
Enhanced verification requirements apply at relatively low transaction values
Authorities have broad powers to monitor and intervene in transaction flows
Compliance is assessed both as a licensing condition and as part of ongoing supervision.
Timeline and key milestones
July 2024: Law No. 7518 enters into force, defining CASPs and licensing requirements
March 2025: Secondary SPK regulations introduce capital and operational standards
February 2026: MASAK begins enforcement of enhanced monitoring and verification powers
30 June 2026: Final deadline for all operating platforms to obtain a full SPK licence
Thresholds and scope
Turkey applies a low, fixed local-currency threshold for Travel Rule obligations.
Threshold: TRY 15,000 (approximately USD 420–450)
Verification: Full identity verification is required at or above the threshold
Scope: Applies to all crypto-asset transfers facilitated by licensed CASPs
This model reflects Turkey’s emphasis on early intervention and transaction traceability.
Required data elements (high-level)
For in-scope transfers, Turkish regulations generally require information relating to:
The originator, including full name, identifying number, and wallet or transaction reference
The beneficiary, including full name and wallet or transaction reference
Additional identifying information may be required depending on transaction value and risk profile. Specific requirements are defined in MASAK communiqués and SPK regulations.
Local nuances and interpretive considerations
Several features of the Turkish framework are particularly relevant for compliance teams:
Low thresholds: Travel Rule obligations apply at values significantly below global averages
Cooling-off measures: Withdrawal delays may apply in certain scenarios
Technical mandates: Custody infrastructure must meet nationally defined security standards
Market controls: Listing, pricing, and market-surveillance obligations are integrated into compliance expectations
These elements reflect a high-control regulatory philosophy.
Self-custodied (unhosted) wallet considerations
Turkey applies a declaration-based, risk-tiered approach to transfers involving self-custodied wallets.
Customers are expected to declare counterparty information for unhosted wallet transfers
Transfers involving unhosted wallets are treated as higher-risk and may trigger enhanced due diligence
Additional safeguards apply to custody and asset-storage arrangements
This approach combines formal declarations with supervisory discretion.
Cross-border and interoperability considerations
Turkey places the burden of compliance primarily on locally licensed CASPs.
Key considerations include:
Holding and reviewing inbound transfers lacking required data
Restrictions on interacting with foreign platforms unable to meet minimum data standards
Strict enforcement against unlicensed foreign platforms targeting Turkish users
Cross-border operations therefore require careful jurisdictional assessment.
Indicative compliance readiness checklist
The following considerations are illustrative and non-exhaustive:
Active SPK licensing or inclusion on the official operating list
Ability to apply TRY-based thresholds and verification logic
Processes for handling unhosted wallet declarations
Technical compliance with TÜBİTAK security standards
Record-keeping aligned with Turkish AML retention requirements