Technological advancements affecting the financial system through various channels have led to changes in the functioning of activities conducted through centralized systems. The use of Distributed Ledger Technology (DLT), which enables the operation and use of distributed ledgers -information repositories where records of transactions are kept by all parties in a distributed manner rather than centrally, and shared and synchronized among network nodes using a consensus mechanism- has become widespread. In this context, crypto assets created using DLT or similar technology have emerged as a new asset group. Crypto assets differ significantly from assets in the current financial system due to the lack of a central authority for asset transfers and similar transactions, coupled with the opportunities afforded by technologies such as blockchain and encryption.
Many countries lack clear regulations regarding crypto assets, and international institutions continue to work to establish a uniform set of practices. The uncertainty surrounding the definition and classification that this situation created has begun to disappear over time, albeit not completely, thanks to studies by international umbrella organizations[1] and implementations in other countries.
Developments regarding crypto assets have been closely followed by Turkey at every stage. Particularly during the global pandemic, individuals’ interest in this field has increased worldwide, and the use of cryptoasset platforms by individuals with a high risk appetite has become widespread. It is known that approximately 10 million people in Turkey have opened accounts on cryptoasset platforms.
The regulatory efforts took into account the benefits of using blockchain technology in finance and other fields, and avoided any approach that would hinder the development of this innovative ecosystem. In other words, the Capital Markets Law aims to regulate not blockchain technology itself, but rather the trading activities of crypto assets based on this technology.
In this concept, the “Law Proposal Amending the Capital Markets Law” was submitted to the Grand National Assembly of Turkey (TBMM) on May 17, 2024. The proposal was then presented to the TBMM General Assembly and, upon approval by the General Assembly on June 26, 2024, became law as Law No. 7518[2].
The aforementioned law introduced the concepts of “wallet, cryptoasset, cryptoasset service provider, cryptoasset custody service, and platform.” The legal definitions of these concepts are provided below: –
- Wallet: Software, hardware, systems, or applications that enable the transfer of cryptoassets and the online or offline storage of these assets or their private and public keys.
- Cryptoasset: Intangible assets that can be created and stored electronically using distributed ledger technology or similar technology, distributed over digital networks, and have the capacity to represent value or rights.
- Cryptoasset service provider: Platforms, cryptoasset custody organizations, and other organizations designated to provide services related to cryptoassets, including the initial sale or distribution of cryptoassets, in regulations to be made pursuant to this Law.
- Cryptoasset custody services refer to the storage and management of Platform customers’ crypto assets or private keys that grant the right to transfer these assets from the wallet, or other custody services as determined by the Capital Markets Board (CMB).
- Platforms refer to institutions that perform one or more of the following transactions: crypto asset purchase and sale, initial sale or distribution, exchange, transfer, the storage required for these, and other transactions, that may be determined.
The legal nature of crypto assets under Turkish law has now been clarified. Accordingly, crypto assets are legally considered “intangible assets.”[3]
Within this framework, the aforementioned Law regulates crypto asset service providers, the activities of crypto asset platforms, the storage of crypto assets, and the crypto asset purchase, sale, and transfer transactions that Turkish residents can conduct on crypto asset platforms. It also stipulates that crypto asset service providers must obtain a permit from the CMB for their establishment and operation.
According to this Law, crypto assets other than those that confer rights specific to capital market instruments and those to be traded on the Platforms or initially sold or distributed will not be subject to the provisions of the said Law. Furthermore, Service Providers will not be subject to the provisions of the said Law, except for those provisions explicitly referenced.
This Law stipulates that the CMB may permit the issuance of capital market instruments as crypto assets. In this case, the issued capital market instruments will be recorded not at the Central Registry Agency but in the electronic environments provided by the Service Providers where they were created and stored.
Principles Governing Platforms, Storage Services and Service Providers
One of the most important provisions of the Law is granting the Capital Markets Board (CMB) the authority to establish principles for the sale and distribution of crypto assets that meet specific conditions through platforms, without being subject to the provisions of Capital Markets Law No. 6362 (“CML” or Law) regarding capital market instruments. In this context, the conditions required to be met are as follows:
- The crypto asset to be sold and distributed must develop Distributed Ledger Technology (DLT) or a similar technological infrastructure.
- The value of the crypto asset must be indistinguishable from the technology it developed.
The CMB may request technical reports from the Scientific and Technological Research Council of Turkey (“TUBİTAK”) and other public institutions and organizations during the determination of the crypto assets subject to these principles.
Furthermore, individuals and legal entities signing any information documents regarding the sale or distribution of these crypto assets will be jointly and severally liable for any damages arising from inaccurate, misleading, or incomplete information contained in these documents.
According to the law, Service Providers will be required to obtain permission from the CMB in order to be established and start operating.
Platforms will pay an annual fee of 1% of all revenue, excluding interest, to the CMB and TUBİTAK. Records regarding wallets used for customer crypto asset transfers and bank accounts used for cash transfers will be kept securely, accessible, and traceable by Service Providers.
Customers’ cash and crypto assets will be separate from the Service Providers’ assets, and these assets will not be subject to seizure, lien, or injunction due to the Service Providers’ debts, nor will they be included in the bankruptcy estate. Agreements regarding the purchase and sale of crypto assets between Service Providers and customers may be established in writing, by distance, or through methods the CMB determines are acceptable substitutes for written form, executed via an information or electronic communication device, and allowing for customer identity verification.
One of the most important provisions of the CML is that contractual provisions between Service Providers and their customers that eliminate the Service Providers’ liability to their customers are deemed invalid.
The law provides a broad liability regime aimed at protecting investors. Accordingly, Service Providers will be primarily liable for losses incurred as a result of their unlawful activities, defaults in delivery obligations, cyberattacks, technical malfunctions, operational errors, or misconduct by Service Providers’ employees. If Service Providers are unable to obtain compensation, Service Providers’ employees will be held liable for losses to the extent attributable to them. Individuals held liable for losses may be declared bankrupt upon the CMB’s request. However, crypto assets will not benefit from the investor compensation provisions of the CML.
Measures and Sanctions Against Irregular Transactions and Unauthorized Activities
The Capital Markets Law (“CML” or “Law”) also introduces principles regarding the independent auditing of service providers. Accordingly, the financial auditing and independent auditing of information systems of service providers will be conducted by independent auditing firms.
According to the CML, individuals and legal entities operating as Service Providers without obtaining a permit will be punished with imprisonment of three to five years and a judicial fine of up to one million Turkish lira. Platforms located abroad engaging in activities and promotions directed at Turkish residents will be considered unauthorized crypto asset service provision. Accordingly, platforms located abroad will be required to obtain permission from the Capital Markets Board (CMB) in accordance with the provisions of the law to engage in activities directed at Turkish residents. If platforms located abroad establish a business in Turkey, create a Turkish website, or engage in promotional and marketing activities related to crypto asset services offered directly and/or through individuals or institutions located in Turkey, the activities will be deemed to be directed at Turkish residents.
The CMB is authorized to request the strengthening of the financial structures of Service Providers it determines are failing to fulfill their payment and crypto asset delivery obligations or whose financial strength is weakened, or to temporarily suspend their operations or revoke their operating licenses, and to restrict and suspend the signing authority of responsible managers and employees.
The law stipulates a specific crime of embezzlement for members of the Service Providers’ boards of directors and other members, as well as individual partners who have legally or de facto managed or controlled a Service Provider whose operating license has been revoked. Those who commit this crime may face imprisonment of eight to twenty-two years and a judicial fine of up to twenty thousand days, depending on the elements of the crime.
Final Thoughts
The new regulations place significant obligations and responsibilities on all parties operating in the cryptoasset sector. It is crucial for companies in this sector to take the necessary steps to comply with these regulations.
Yavuz Akbulak is a Senior Expert at the Capital Markets Board of Turkey
* The opinions expressed in this article belong to the author and do not bind the institution he/she works for, and cannot be used to establish a relationship with the institution or position of the author. All errors, flaws, deficiencies and shortcomings in the article belong to the author.
You can refer to the following resources regarding regulations of different countries regarding crypto assets:
- The GENIUS Act of 2025: Stablecoin Legislation Adopted in the US, Latham & Watkins LLP, July 24, 2025, < https://www.lw.com/en/insights/the-genius-act-of-2025-stablecoin-legislation-adopted-in-the-us#:~:text=The%20GENIUS%20Act%20provides%20that,federal%20or%20state%20banking%20regulators. > Access on Aug 26, 2025.
- The European Union cryptocurrency regulations, known as the Markets in Crypto-Assets Regulation (MiCA), < https://www.esma.europa.eu/esmas-activities/digital-finance-and-innovation/markets-crypto-assets-regulation-mica > Access on Aug 26, 2025.
- For information on cryptocurrency regulations in the EU, Japan, China, South Korea, the United Kingdom, India, and Brazil, refer to the article “Cryptocurrency regulations are changing across the globe. Here’s what you need to know”, from the World Economic Forum, dated May 2, 2024, < https://www.weforum.org/stories/2024/05/global-cryptocurrency-regulations-changing/ > Access on Aug 26, 2025. See also: for Japan: < https://asia.nikkei.com/spotlight/cryptocurrencies/japan-crypto-exchanges-hit-with-tougher-money-laundering-curbs > Access on Aug 26, 2025; for China: < https://cointelegraph.com/learn/articles/an-overview-of-the-cryptocurrency-regulations-in-asia > Access on Aug 26, 2025; for India: < https://www.forbes.com/advisor/in/investing/cryptocurrency/crypto-bill/ > Access on Aug 26, 2025; for Brazil: < https://cms.law/en/int/expert-guides/cms-expert-guide-to-crypto-regulation/brazil > Access on Aug 26, 2025; for Britain: < https://www.reuters.com/world/uk/britain-push-ahead-with-rules-cryptoassets-2023-10-30/ > Access on Aug 26, 2025.
By the way, the International Organization of Securities Commissions (IOSCO) has outlined its 18 recommendations for global regulations on managing crypto and digital assets, visit their official website, < https://www.iosco.org/library/pubdocs/pdf/IOSCOPD747.pdf > Access on Aug 26, 2025.
[1] These organizations are: Financial Stability Board, Financial Action Task Force, International Organization of Securities Commissions (IOSCO), International Monetary Fund, Organisation for Economic Co-operation and Development, Bank for International Settlements, and European Union.
[2] Other regulations in this context are as follows: (i) Communiqué Regarding Principles on the Establishment and Operation of Crypto Asset Service Providers [III-35/B.1 (Published in the Official Gazette edition 32840 on 13.03.2025)]: The purpose of this Communiqué is to establish the procedures and principles for the establishment, operation, activities, and suspension of activities, of crypto asset service providers. (ii) Communiqué Regarding Operating Procedures and Principles and Capital Adequacy of Crypto Asset Service Providers [III-35/B.2 (Published in the Official Gazette edition 32840 on 13.03.2025)]: The purpose of this Communiqué is to regulate the services and activities that may be provided by crypto asset service providers, as well as the principles related to those services and principles regarding their capital adequacy.
[3] Here are some examples from various countries on this subject. Australian authorities have determined that digital currency is a commodity, not a currency. Digital currencies are not included in the legal definition of a “financial product,” and digital currency trading does not fall under the financial services category. The Governor of the Bank of Canada stated that they are not currencies or assets but can technically be classified as securities. Russia has no clear government position on the legal nature and status of cryptocurrencies. The United Kingdom, on the other hand, considers digital assets to be digital representations of value that can be traded digitally and serve as a medium of exchange, a unit of account, and/or a store of value, but do not have legal tender status in any jurisdiction. See. O S Bolotaeva, A A Stepanova, S S Alekseeva, The Legal Nature of Cryptocurrency, IOP Conference Series: Earth and Environmental Science, < https://iopscience.iop.org/article/10.1088/1755-1315/272/3/032166/pdf > Access on Aug 26, 2025. See also: Gregorio Damia Patiño, The Legal Nature of Cryptoassets and their Protection under Property Law, < https://repositori-api.upf.edu/api/core/bitstreams/f8101419-1e24-4d78-bc0c-90f9f3c22635/content > Access on Aug 26, 2025.
