With the Amendments to the Regulation on Payment Services and Electronic Money Issuance and Payment Service Providers (“Amended Regulation”) published in the Official Gazette dated 28 February 2023 and numbered 32118, the final compliance date of fulfillment of the provisions, which are included in detailed information below, as stipulated in titled “Transitional Provisions” the Provisional Article 1 paragraph 1, 5, 9, 11, 17-18 of the Regulation on Payment Services and Electronic Money Issuance and Payment Service Providers (“Regulation”) have been revised from 28 February 2023 to 30 April 2023.
It must be ensured that compliance with the following provisions will have been fulfilled by 30 April 2023:
- Compliance with the provisions introduced with the Regulation, which have not been stated in (Repealed) Regulation on Payment Services and Electronic Money Issuance and Payment Institutions and Electronic Money Institutions published in the Official Gazette dated 27 June 2014 and numbered 29043, must be complied with.
- As per the Law on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions, legal entities, that provide services regarding pre-paid payment instruments that are excluded from the scope of the license, which can only be used for purchases from a limited store or store network, or in a limited-service network, must fulfil the relevant provisions of the Regulation.
- Payment service providers, that have payment accounts and are among the top ten participants regarding their total number of payment transactions made to the account in the payment systems of the Central Bank of the Republic of Turkey (“CBRT“) in 2020, have been required to fulfill the following:
- To be integrated with Bankalararası Kart Merkezi A.Ş. (Interbank Card Center of Turkey, aka BKM) as from the first six months of its operations,
- Provide the required infrastructure to all other authorized payment service providers that request it,
- Take necessary measures to prevent access to payment accounts by unauthorized persons.
- Data-sharing services for which technical requirements have been determined by the CBRT can also be provided using non-standard services.
- Compliance with the provisions of the Regulation and the regulations on the management and audit of information systems, the principles, and procedures of which are determined by the CBRT, must be ensured in the following cases:
- Obtaining an operating license before the entry into force of the Regulation, and
- Provision of activities excluded from the scope of the license regarding pre-paid instruments that can only be used for purchases to be made from a limited store or store network and in a limited-service network by another legal entity under the same group and transfer of these activities to persons who have applied to an operating license for these activities.
You can access the Amended Regulation in Turkish through this link.