The Draft Regulation on Remote Identification Methods and Establishment of Contractual Relations in Electronic Environment to be Used by Financial Leasing, Factoring, Financing and Saving Financing Companies, (“Draft Regulation”) has been drafted by the Banking Regulation and Supervision Agency (“Authority). The Draft Regulation has been published on the official website of the Authority on 07.05.2021. The Draft Regulation regulates the procedures and principles for the establishment of a contractual relationship over an informatics or electronic communication device, or as a replacement for the written form or at a distance, which is intended to be used in remote identification methods that may be used by Financial Leasing, Factoring, Financing and Saving Financing Companies to gain new customers and services to be offered after the identification of the customer, whether it is distant or not. The procedures and principles regulated via the Draft Regulation are as follows:
- General principles to be followed before the process is initiated
Remote identification takes place in the form of online video calls and communication with each other, without the need for the customer representative and the person to be physically in the same environment.
The process shall be initiated by the person, continued with the controls applied by information technologies, and completed with the approval and additional controls to be made by the customer representative.
The remote identification process shall be reviewed at least twice a year and updates should be made to improve the process when necessary.
- Customer representative for remote identification and working environment
The video call phase of remote identification will be carried out by a trained customer representative.
The customer representative is required to receive the necessary training, including the legislation on the protection of personal data, at least once a year after each update for remote identification methods.
In order to give assurance to the person, a suitable environment should be created to reflect that the customer representative is working on behalf of the company.
- General principles to be followed with the initiation of the process
In the remote identity verification process, before the video call starts, an application is received via a form that the person shall fill in electronically and through the company application where the remote identification process is operated.
Risk assessment is carried out regarding the person by using the data obtained with the form.
In the remote identification process to be applied within the scope of the Regulation, only biometric data can be used within the framework of the customer’s special categories of personal data.
It is possible to use the relevant data electronically by obtaining the explicit consent of the customer.
The entire remote identification process shall be recorded and stored in a way that includes all steps of the process and makes it auditable.
In the event of an objection in transactions that cause liability to individuals or a third party, the burden of proof lies with the company.
In order for the contract to be established, whether it is distant or not, all the terms of the contract must be conveyed to the customer through internet or mobile service channels in a way that the customer may read, the customer must receive the declaration of intention for the establishment of the contract and the customer must sign the contract conveyed to him/her.
In the event that the contract is established electronically or the customer’s declaration of intention to establish the contract is established at a distance following the identification during the video call phase, it is accepted that the written form requirement for contracts is fulfilled.
You may reach the full Turkish version of the Draft Regulation via the link below: