The adoption of blockchain technology and asset tokenization is advancing at a rapid pace, but the real engine driving its global development is the existence of a clear, consistent and innovation-friendly legal framework.
Some countries have already established themselves as regulatory benchmarks, establishing specific rules for cryptoassets, DLT infrastructures and token issuance with legal backing. In this article we show you relevant information about blockchain regulation in Turkey, which you can use as a guide if you are looking to operate internationally or evaluate different strategic locations.
Current legislation on blockchain and virtual assets in Turkey
Capital Markets Law No. 6362
Amended by Law No. 7518 in 2024, it establishes the comprehensive framework for CASP regulation in Turkey, under the supervision of the Capital Markets Board (SPK). It requires mandatory licensing, capital requirements, governance, transparency and investor protection, and introduces criminal penalties for unauthorized trading and fraud.
Regulation on the Prohibition of the Use of Cryptoassets in Payments (No. 31456)
Published by the Central Bank and in force since 2021, this regulation expressly prohibits the use of cryptoassets as a means of payment. It prevents cryptocurrencies from being used directly or indirectly for the acquisition of goods and services, and prohibits payment and electronic money institutions from intermediating transfers from or to cryptoasset platforms. It does not prohibit holding or exchange, but eliminates its function as a payment instrument.
MASAK AML/CFT requirements
MASAK requires all virtual asset service providers (CASPs) to register and comply with customer identification obligations (KYC), transaction monitoring, suspicious transaction reporting and internal audits.
CASP Licensing and Operation Regulations
Specific regulations for obtaining and maintaining CASP licenses, including exchanges, custodians and wallet providers, were published in March 2025. The framework covers technology infrastructure, risk management, withdrawal and transfer limits, and periodic reporting, in addition to requiring AML/KYC compliance and technology auditing by TÜBİTAK.
Comprehensive regulatory framework for digital assets
Turkey now has a comprehensive legal framework in place for digital assets, built in two phases. In July 2024, Law 7518 made Turkey the first country in its vicinity to establish a mandatory licensing regime for all companies operating cryptoassets, placing oversight under the Capital Markets Board (SPK). In March 2025, implementing regulations completed that framework with specific requirements for capital, internal governance, technology infrastructure and reserve adequacy.
As a result, any exchange, custody or crypto services platform that wants to operate legally in Turkey must obtain a license from the SPK, segregate clients’ assets from its own and undergo regular audits. As of May 2025, all licensed platforms are integrated into a centralized registry of operators, allowing investors to easily verify whether a platform is operating with legal backing.
SPK regulatory framework for security tokens
The SPK supervises digital assets that may qualify as securities under the Capital Markets Law No. 6362. Although Law 7518 and the 2025 regulations do not establish a distinct category of security tokens, their issuance is not expressly prohibited and would be subject to general capital market requirements: prior authorization, custody by regulated entities and compliance with applicable transparency rules. The SPK plans to develop additional specific regulations for the issuance of security tokens in later stages of the regulatory framework.
Regulatory sandbox blockchain and DLT (pending implementation)
The Annual Presidential Program 2025 envisages the creation of a regulatory sandbox for blockchain, DLT and fintech applications at the Istanbul Financial Center (IFC). However, as of today the sandbox has not been formally deployed nor is it operational. The detailed regulatory framework, admission criteria and supervisory body for the sandbox have not yet been published.
Tokenization makes it possible to digitally represent real-world assets through blockchain, but for it to have legal value, a regulatory framework recognizing this operation is essential. Turkey adopts its own approach, establishing specific rules for the issuance, custody or trading of tokens. In this block we explain how asset tokenization is regulated from a legal point of view, taking an advanced jurisdiction such as Turkey as an example.
Regulation of asset tokenization in Turkey
Turkey allows tokenization of financial and non-financial assets under the new regulatory framework of the Capital Markets Law No. 6362 and its implementing regulations. The issuance, custody and trading of tokens representing securities, commodities or economic rights requires prior authorization from the SPK and compliance with governance, transparency and investor protection requirements, bringing operations on par with those of traditional markets.
Tokens that do not constitute financial instruments are subject to registration, traceability and AML/KYC compliance obligations, with particular attention to identity verification and transfer monitoring.
The National Blockchain Strategy allows solutions to be validated prior to commercial deployment. In addition, Turkey is exploring the tokenization of strategic assets such as boron, with proposals to create digital exchange platforms in Istanbul.
Regulatory agencies and authorities for digital assets in Turkey
Capital Markets Board of Turkey (SPK)
The SPK is the main authority in charge of regulating and supervising the digital asset sector in Turkey. It has exclusive powers to grant licenses, supervise exchanges, custodians and other CASPs. In addition, it sets capital requirements, verifies the suitability of directors and shareholders, and sanctions non-compliance.
Scientific and Technological Research Council of Turkey (TÜBİTAK)
TÜBİTAK collaborates with SPK in the technical supervision and auditing of the crypto sector. Its main role is to establish guidelines for CASP audits, as well as to receive and manage a portion of the annual regulatory fees paid by the platforms. It strengthens the technological infrastructure and cybersecurity of the ecosystem, in line with international best practices.
Financial Crimes Investigation Unit (MASAK)
MASAK the national financial intelligence unit responsible for the prevention of money laundering and terrorist financing in Turkey. It monitors CASPs’ compliance with AML/CFT obligations, receives suspicious transaction reports and coordinates international cooperation on financial crimes related to digital assets.
Central Bank of Turkey
Regulates monetary and financial policy, including the development of the digital lira. Although it bans the use of cryptoassets as a means of payment from 2021, it monitors their macroeconomic impact and participates in regulatory initiatives alongside the SPK. It leads the CBDC pilot project and sets guidelines for the interaction of digital assets with national systems.
Launching a business based on digital assets requires more than just technology: it is also necessary to comply with legal requirements such as licensing, registration and regulatory obligations. These conditions ensure that the business model is viable and sustainable over time, and that it meets transparency and fraud prevention standards. In this section we explore what licenses are typically required and what compliance criteria blockchain companies operating in Turkey must follow.
What licenses and requirements are needed to trade cryptoassets in Turkey?
CASP License
Any company wishing to operate as an exchange, custodian or crypto service provider in Turkey must obtain a license issued by the SPK. Requirements include minimum capital, incorporation as a joint stock company, transparency in shareholding structure, suitability of directors and compliance with strict operational and security standards. Foreign companies must also meet these requirements to operate in the country.
AML/CFT compliance
CASPs are required to implement comprehensive money laundering and terrorist financing prevention procedures, including identity verification for transactions over 15,000 Turkish Lira, transaction monitoring, suspicious transaction reporting to MASAK and risk management on unregistered wallets. Failure to comply may result in sanctions, suspension of operations or license revocation.
Other regulatory requirements
Platforms must have robust governance structures, risk management policies, cybersecurity systems and regular audits, in accordance with TÜBİTAK guidelines. They are required to maintain detailed records of all transactions, apply limits and controls to stablecoin transfers and comply with withdrawal waiting periods, especially for new accounts.
Are you exploring developing your blockchain project in Turkey?
At Metlabs we help companies like yours and offer comprehensive accompaniment in the development of blockchain projects and tokenization of assets such as real estate, carbon credits, commodities, intellectual property, financial instruments, franchises and more, fully aligned with blockchain regulation in Turkey and international regulatory standards.
Contact us and find out how we can help you meeting all your business model needs, from technical validation and structuring to design, development and implementation of custom blockchain solutions, ready to scale from day one.