ARTICLES OF THE BANKING LAW PERTAINING TO RISK CENTER
(Added to the Banking Law by the Law no. 6111 published in the Official Gazette edition 27857 (bis) on 25 February 2011) Risk Center
SUPPLEMENTARY ARTICLE 1 – (Revised on 03/04/2013) Risk Center is established as a part of the Banks Association of Turkey, in order to gather risk information about customers of crediting institutions and other financial institutions to be deemed fit by the Banking Regulation and Supervision Board (“Board”), and to share such information with the said institutions and with natural persons or legal entities themselves or subject to prior consent thereof, with natural persons and private law legal entities.
Crediting institutions and other financial institutions deemed fit by the Board are under obligation to enroll in the Risk Center as members. Member institutions are obliged to give all kinds of information about their customers as and when requested by the Risk Center. The Risk Center is authorized to stop and suspend the flow of information to those who fail to fulfill such obligation.
Risk Center will be managed by a Risk Center Management comprising of nine members, also including one member to be designated by the Banking Regulation and Supervision Authority (“Authority”) from among its own staff, and one member to be designated by the Turkish Central Bank from among its own staff. Members of Risk Center Management are elected for a term of office of three years.
Risk Center Management is authorized to request information from private law legal entities and public administrations and entities and professional organizations considered as public entities and their upper organizations in line with its foundation purposes, and to sign agreements for exchange of information with the said entities and institutions in reliance upon a prior assent of the Board. Private law legal entities and public administrations and entities and professional organizations considered as public entities and their upper organizations are obliged to give all information requested by the Risk Center Management. Risk information of the customers of crediting institutions and other financial institutions deemed fit by the Board, which will, subject to prior consent of the relevant customers, be disclosed and given to private law legal entities and public administrations and entities and professional organizations considered as public entities and their upper organizations being a party to an information exchange agreement with the Risk Center, will be considered and treated under fourth paragraph of Article 73 of the Law.
Procedures and principles relating to foundation, activities and operations of the Risk Center, and composition, meeting and decision making of management of the Risk Center, and scope, format and contents of and sharing of information provided to the Risk Center, and scope and contents of information to be shared, and charging thereof, and determination of subscription fees payable by the members will be determined by the Banks Association of Turkey and published in the Official Gazette in due consultation with the Participation Banks Association of Turkey and with the professional organizations where financial institutions determined by the Board are members, and with prior assents of the Board and the Central Bank. Subscriptions and commissions unpaid by members in a timely fashion will be recovered and collected by the Banks Association of Turkey through legal actions and proceedings.
The Authority, if and whenever deemed necessary, audits the Risk Center, and procedures and principles of audit are also determined by the Authority.
(Revised on 03/04/2013) The Risk Center is liable to provide all kinds of information gathered by it to the Authority and the Central Bank in the requested format and within the requested time. Furthermore, if and when natural persons or legal entities file a written and reasoned demand for disclosure and provision of risk information to them or it is proven that they have consented to disclosure and provision of such risk information to a natural person or a legal entity other than crediting institutions and financial institutions deemed fit and eligible by the Board, such information will also be disclosed and given against a certain fee to be paid by the demanding party.
All transactions and records of the Risk Center are confidential. Only if and when the owner of confidential information gives open consent on disclosure of its information, the risk information is disclosed and given to the designated person. Procedures and principles relating to delivery and disclosure of information in reliance upon such consent will be determined by the Banks Association of Turkey and published in the Official Gazette in due consultation with the Participation Banks Association of Turkey and with the organizations and institutions to be determined by the Board, and with prior assents of the Board and the Central Bank.
Any person who discloses the secrets and confidential information held with the Risk Center to third parties, other than the legally authorized persons or entities, or uses, disseminates, gives, discloses, transmits or acquires the same unlawfully in his own interests or in interests of others shall be subject to the provisions of article 159 of the Law. Should the offences described in this paragraph be committed within the frame of activities of a legal entity, the relevant legal entity will be subject to security measures pertaining to legal entities as envisaged by the Turkish Criminal Code.
The Risk Center may further handle and realize all kinds of information exchange through companies founded by at least five banks pursuant to fourth paragraph of Article 73 hereof and within the frame of agreements to be signed with such companies.
TEMPORARY ARTICLE 28- – Operating procedures and principles of the Risk Center will be determined by the Banks Association of Turkey within the frame of procedures defined in fifth and ninth paragraphs of Supplementary Article 1 within no later than one year following the date of publication of this article.
Until the Risk Center stipulated by this Law is established and commissioned, the existing Risk Center affiliated to the Central Bank will continue its operations and activities pursuant to provisions of Article 44, repealed, of the Turkish Central Bank Law, no. 1211, dated 14/01/1970.
Information held in the existing Risk Center affiliated to the Central Bank will be transferred to the Risk Center to be founded pursuant to this Law.