A New Guideline Issued by the Central Bank of the Republic of Türkiye on Administrative Monetary Fines Applicable to Payment and Electronic Money Institutions

The Central Bank of the Republic of Türkiye (“CBRT”) has published, in February 2026, an explanatory guideline (“Guideline”) setting out the methodology for the calculation of administrative monetary fines (“AMF”) to be imposed under the “Law No. 6493 on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions” (“Law No. 6493”).With the issuance of this Guideline, the calculation of administrative monetary fines to be imposed on payment institutions and electronic money institutions has been structured under a clear and systematic framework.

Pursuant to Article 27 of Law No. 6493, the CBRT is authorized to impose administrative monetary fines on institutions in the event of non-compliance with the Law and secondary legislation. The statutory fine amount ranges between TRY 40,000 and TRY 900,000. However, where a benefit has been obtained or a loss has occurred as a result of the violation, the fine to be imposed may amount to at least twice such benefit or loss. Furthermore, in the event that the same violation is committed more than once, the fine may be increased. This framework is explained in detail within the Guideline.

The most significant innovation introduced by the Guideline is the adoption of a revenue-based model for the calculation of fines. “Revenue” refers to the annual income amount reported by the institutions in the financial reports submitted to the CBRT. If the revenue for the year in which the violation occurred can be determined, that year shall serve as the basis for calculation; if it cannot be determined, the revenue of the preceding year shall be taken into account. For calculations relating to periods prior to 2024, “net sales revenue” shall be used as the basis.

The fine calculation is essentially carried out on the basis of three elements: the institution’s revenue, the rate determined according to the type of violation, and the scaling multiplier applied according to the size of the institution. These three elements are multiplied to calculate the fine amount; if the resulting amount falls below the statutory minimum, the minimum amount shall apply, and if it exceeds the statutory maximum, the maximum amount shall apply. This system may result in administrative monetary fines reaching substantial levels, particularly for institutions with high revenues.

According to the table set out in the Guideline, certain violations carry a higher fine rate risk. In particular, the provision of payment services outside the scope of the operating license, comprehensive deficiencies in internal control and risk management systems, inadequacies in the monitoring of suspicious transactions, breaches of information security obligations, and deficiencies in business continuity systems are listed among the violations subject to higher-rate fines. This further underscores the importance of technical and operational compliance processes.

In addition, the CBRT applies an additional multiplier based on the institution’s annual revenue size. As annual revenue increases, the applicable multiplier rises; for institutions with annual revenue of TRY 500 million and above, the fine amount may be doubled. Accordingly, the financial risk exposure has significantly increased, particularly for medium- and large-scale payment and electronic money institutions.

Nevertheless, the calculation method set out in the Guideline is not binding nor entirely automatic. The CBRT Management Committee has stated that it may decide to impose a lower or higher fine, or not to impose a fine at all, by taking into consideration the nature of the violation, its impact on the institution’s activities, its sectoral implications, and the principle of proportionality.