Privacy Policy

01Introduction & General Commitment

ANKASOFT is committed to the highest standards of integrity, transparency, and legal compliance. This consolidated policy framework outlines our approach to Anti-Money Laundering (AML), Anti-Corruption, Sanctions Compliance, and Tax Compliance. These policies apply universally to all ANKASOFT employees, directors, officers, contractors, and third-party service providers worldwide.

02Policy Statement

ANKASOFT is unconditionally committed to preventing the use of its services for moneylaundering or terrorist financing. We comply with Turkish Law No. 5549, EU AML Regulation(202/162/EU),nd FATF Recommendaations.

03AML Compliance Program Pillars.

Our program is built on six essential pillars:

Policies & Procedures: Enterprise-wide framework for all operations.

-KYC / Customer Due Diligence (CDD): Risk-based identification and verification.

-Transaction Monitoring: Real-time and periodic review of financial activities.

-Training & Awareness: Mandatory and annual training for all personnel.

-Record Retention: Maintaining all AML-related data for a minimum of 8 years.

-Reporting & Governance: Intelligence Units

04Know Your Customer (KYC) & Risk Classification

All customers are assigned a risk rating upon boarding:

Low Risk: Established domestic entities and regulated institutions using Simplified CDD (SDD), reviewed every 36 months.

Standard Risk: Commercial relationships with no adverse indicators using Standard CDD, reviewed every 24 months.

High Risk: PEPs, high-risk jurisdictions, and complex ownership using Enhanced Due Diligence (EDD), reviewed every 12 months.

Prohibited: Sanctioned entities, shell companies, and anonymous clients are refused; review is not applicable.

05Suspicious Activity Reporting

Any employee who identifies a "red flag" must submit an internal suspicious Activity Report (SAR) to the AMLCO. Confirmed suspicions are reported to MASAK as a Suspicious Transaction Report (STR) within 10 business days.

06Zero Tolerance Commitment

ANKASOFT maintains a zero-tolerance approach to bribery and corruption. We conduct all business with honesty and integrity, strictly following the UN Convention Against Corruption and the OECD Anti-Bribery Convention.

07Prohibited Conduct

The following actions are strictly prohibited:

-Offering, promising, or giving a bribe to any person (public or private).

-Requesting, agreeing to receive, or accepting a bribe.

-Making or receiving faciltation payments (speed money).

-Creating false or misleading financial records to conceal improper payments.

-Retaliating against whistleblowers who report concerns in good faith.

08Gifts, Hospit ality & Entert ainment

-Permitted: Nonimal gifts (below USD 50) that are infrequent and transparent.

-Prohibited: Cash or cash equivalents, gifts during active tenders, or any gift to a public official without prior written approval.

-Gifts Register: All gifts given or received above USD 25 must be recorded in the Gifts & Hospitality Register within 5 business days.

09Third-Party Due Diligence

We apply a risk-based due diligence process to all third parties:

-Tier 1 (Standard): Low-risk, domestic. Requires anti-corruption declaration.

-Tier 2 (Enhanced): International, contracts > USD 250K. Requires beneficial owner verification.

-Tier 3 (FULL EDD): High-risk jurisdictions, PEP involvement. Requires senior management sign-off and independent integrity reports.

10Global Compliance

ANKASOFT complies with all financial sanctions and trade embargoes imposed by:

-The Republic of Turkey (MASAK)

-The United Nations (UNSC)

-The European Union (EU)

-The United States (OFAC)

-The United Kingdom (HM Treasury)

11Mandatory Screening Categories

-Screening is conducted at onboarding and on an ongoing basis (weekly automated batch screening)

-Employees & Workforce: Pre-employment and annual re-screening.

-Customers & Counterparties: During KYC and weekly automated re-screening.

-Financial Transactions: Real-time screening for all transfers > USD 1,000.

-Third Parties: Suppliers, vendors, agents, and intermediaries.

12Confirmed Sanctions Match Response

-Immediate Freeze: All assets and funds belonging to a Designated Person are frozen immediately.

-Relationship Suspension: All dealings are suspended; no new transactions or contracts are permitted.

-Regulatory Notification: MASAK (Turkey) is notified immediately; OFAC (US) and OFSI (UK) are notified within their respective prescribed timelines (typically 10-14 days).

13Tax Integrity

ANKASOFT is committed to full compliance with tax laws and regulations in all jurisdictions. We aim for transparency and honesty in all dealings with tax authorities, including the Turkish Revenue Administration (GIB) and EU tax bodies.

14Key Compliance Provisions

-Corporate Tax: Adherence to Turkish Corporate Tax Law No.5520 and EU ATAD directives.

-Transfer Pricing: All intra-group transactions are conducted at "arm's length" in accordance with OECD guidelines.

-VAT Compliance: Strict adherence to VAT filing and payment obligations.

-Transparency: Mandatory disclosure of cross-border arrangements (DAC6) and Country-by-Country Reporting (CbCR) where applicable.

15Prohibited Tax Conduct

-Knowingly under-declaring or concealing income or taxable transactions.

-Falsifying, destroying, or concealing tax-relevant records.

-Structuring transactions to conceal their true nature without commercial justification.

-Facilitating tax evasion for any client or counterparty.

16Retention Schedule

ANKASOFT maintains a centralized, secure record-keeping system. Minimum retention periods are as follows:

-AML/KYC Records: Retained for 8 years from the end of the relationship, based on Turkish Law No. 5549 and EU AML Reg.

-Transaction Records: Retained for 8 years from the transaction date, based on Turkish Law No. 5549 Art. 8.

-Tax Records (VUK): Retained for 5 - 7 years (jurisdiction dependent), based on Turkish VUK and EU VAT Directive.

-Sanctions Screening: Retained for 8 years from the screening date, based on MASAK and EU Sanctions Reg.

-Training Records: Retained for 5 years from the training date, based on Regulatory Compliance requirements.

-Board Minutes: Permanent or a minimum of 10 years, based on the Turkish Commercial Code.

17Data Security & Disposal

-Security: Records are stored in access-controlled systems with full audit trails.

-Disposal: Electronic records are destroyed via cryptographic erasure; physical records via cross-cut shredding.

-Legal Hold: Retention periods are suspended for any records subject to ongoing investigation or legal proceedings.

18 Consequences of Non-Compliance

Breach of any policy within this framework is treated as a serious disciplinary matter. Consequences include:

-Immediate disciplinary action up to and including summary dismissal.

-Termination of contractor or third-party agreements without compensation.

-Referral to law enforcement and regulatory authorities (MASAK, GIB, Prosecutors).

-Civil and criminal liability for individuals involved.

19 Policy Review & Approval

This consolidated Legal & Privacy Policy is reviewed at least annually by the Compliance Department and approved by the CEO and Management.

Approved By: ANKASOFT