The Law on the Protection of Personal Data is one of the most discussed and debated issues recently. This issue is so much popular that, it is as if this law is the only regulation that companies should comply with! However, that is not the case.
22 December, 2019
Companies are obliged to comply with all relevant laws, regulations and internal rules. This is simply the obligation to act in accordance with the law.
In a wider interpretation of the compliance obligation, in addition to compliance with laws and regulations, compliance with ethical rules, corporate governance principles, and contracts to which a company is a party to, could also be considered in this scope.
Nowadays compliance is gaining more importance, as there are countless laws and regulations, compliance with certain regulations is monitored through regulatory and supervisory authorities, and high fines and other deterrent administrative sanctions are applied in case of failure to comply with these regulations. In fact, the ideal approach is to comply with the rules without any threat of punishment. The most sustainable way of doing this is to create a culture of compliance. This culture of compliance should first be formed at the board of directors’ level and then extended to the managers and employees.
The key international regulations that need to be considered in terms of compliance can be summarized as follows:
|International Regulation||Contracting States/|
Jurisdiction in General
Bribery of Foreign Public
Officials in International
|OECD states, Argentina, Brazil, Bulgaria, Colombia, Costa Rica, Peru, Russia and South Africa|
|US Foreign Corrupt|
|Natural and legal persons of US nationality, persons residing in the US, companies whose securities are listed in the US, certain foreign securities issuers, foreign companies and persons who directly or through their representatives cause such corruption to occur in the US territory|
|UK Bribery Act||Natural and legal persons of UK nationality, persons residing in the UK, foreign legal persons doing business in the UK or conducting part of their business in the UK|
|International sanctions||Each specific sanction program should be examined separately|
These regulations are of close concern to Turkish companies engaged in investments and businesses abroad.
As far as Turkish law is concerned, key regulations that need to be considered in terms of compliance are as follows:
- The Law on the Prevention of Laundering the Proceeds of Crime,
- The Law on the Prevention of Financing of Terrorism,
- Other criminal laws and regulations,
- Tax laws and regulations,
- Laws and regulations on the protection of the value of Turkish Lira,
- Turkish Commercial Code and associated regulations,
- Laws and regulations on the protection of competition,
- Environmental laws and regulations,
- Intellectual property laws and regulations,
- Labor laws and regulations, and
- Laws and regulations on the protection of personal data.
As per these and other industry-specific regulations, the major authorities that can impose administrative sanctions are as follows:
- The Competition Authority,
- The Capital Markets Board,
- The Banking Regulation and Supervision Agency,
- The Energy Market Regulatory Authority,
- The Information and Communication Technologies Authority,
- The Radio and Television Supreme Council,
- The Public Procurement Authority, and
- The Personal Data Protection Authority.
Risks, Rewards and Savings
In addition to the risk of criminal and administrative sanctions, there are legal risks that companies may face as a result of violating their compliance obligations. Examples of legal risks are lawsuits of compensation, termination of contracts, loss of reputation, loss of credit rating, depreciation of the value of shares, departure of respectful employees from the company, etc.
On the other hand, if companies respect their compliance obligations, damages as a result of potential fines, compensation judgments, commercial losses, etc., and administrative sanctions such as cancellation of licenses or prohibition to attend public tenders could be prevented. The time to deal with criminal or administrative proceedings could be saved, as well as potential legal expenses and attorneys’ fees. Furthermore, the value of shares could rise and opportunities for doing business with reputable investors and customers could increase.
Compliance should be considered holistically; a special compliance program should be initiated taking into account the industries in which the company is active, not for the concern of fulfilling some specific provisions of a certain law that must be completed by a specified date, systems should be developed for early detection of risks, the management should take the lead in compliance efforts, employees should be trained, communication between the management and employees should be strengthened, and to increase the effectiveness of the compliance function, a compliance officer or advisor should directly report to the board of directors.
- Law No. 6698 published in the Official Gazette dated 07.04.2016 and numbered 29677.
- Signature and Ratification Status, UN Convention against Corruption, 26 June 2018, https://www.unodc.org/unodc/en/corruption/ratification-status.html (Accessed 14 December 2019).
- UN Convention against Corruption, 2004, https://www.unodc.org/documents/treaties/UNCAC/Publications/Convention/08-50026_E.pdf (Accessed 14 December 2019).
- Signatory Countries, OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, http://www.oecd.org/corruption/oecdantibriberyconvention.htm (Accessed 14 December 2019).
- Ratification Status, OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, May 2018, http://www.oecd.org/daf/anti-bribery/WGBRatificationStatus.pdf (Accessed 14 December 2019).
- OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, 2011, http://www.oecd.org/daf/anti-bribery/ConvCombatBribery_ENG.pdf (Accessed 14 December 2019).
- Foreign Corrupt Practices Act, 03 February 2017, https://www.justice.gov/criminal-fraud/foreign-corrupt-practices-act (Accessed 14 December 2019).
- UK Bribery Act, https://www.ganintegrity.com/portal/anti-corruption-legislation/uk-bribery-act/ (Accessed 14 December 2019).
- The Extraterritorial Reach of the FCPA and the UK Bribery Act: Implications for International Business, March 2012, https://files.arnoldporter.com/advisory%20extraterritorial_reach_fcpa_and_uk_bribery%20act_implications_international_business.pdf (Accessed 14 December 2019).
- Law No. 5549 published in the Official Gazette dated 18.10.2006 and numbered 26323.
- Law No. 6415 published in the Official Gazette dated 16.02.2013 and numbered 28561.
- Law No. 6102 published in the Official Gazette dated 14.02.2011 and numbered 27846.
- Pasl?, Ali: “Compliance” Kavram?n?n Anonim Ortakl?klar Hukukundaki Anlam? ve Sorumluluk Sistemine Etkisi, ?stanbul Üniversitesi Hukuk Fakültesi Mecmuas? 2013, V. LXXI, I. 2, p. 317-334.
- Ya?ar, Tu?çe Nimet: ?irketler Hukuku aç?s?ndan “Compliance” Kavram? ve Borsaya Kay?tl? ?irketlerde Uygulamas?, Ankara Üniversitesi Sosyal Bilimler Enstitüsü 2018, https://tez.yok.gov.tr/UlusalTezMerkezi/ (Accessed 14 December 2019) (Unpublished Ph.D. dissertation).