“The Regulation on Remote Identification Methods and Establishment of Contractual Relations in Electronic Environment to be Used by Banks”, (“Regulation“) has been drafted by the Banking Regulation and Supervision Agency (“BRSA”) and has been published in the Official Gazette dated 01.04.2021 and numbered 31441. The Regulation, which will enter into force as of 01.05.2021 regulates the procedures and principles for the establishment of a contractual relationship over an informatics or electronic communication device, or as a replacement for the written form or at a distance, which is intended to be used in remote identification methods that may be used by banks to gain new customers and banking services to be offered after the identification of the customer, whether it is distant or not. The procedures and principles regulated by the Regulation are as follows:
1- Things to Do Before Remote Identification Process
Remote identification takes place in the form of online video calls and communication with each other, without the need for the customer representative and the person to be physically in the same environment.
In the video call method to be used in remote identification, adequate security measures shall be taken by considering possible technological, operational and similar risks.
The remote identification process shall be reviewed at least twice a year and updates should be made to improve the process when necessary.
2- Customer representative and working environment for remote identification
The video call phase of remote identification will be carried out by a trained customer representative.
The Customer representative is required to receive the necessary training, including the legislation on the protection of personal data, at least once a year after each update for remote identification methods and banking services to be offered upon determination of the customer identity.
3- General principles to be followed with the initiation of the process
In the remote identity verification process, before the video call starts, an application is received via a form that the person shall fill in electronically and through the bank application where the remote identification process is operated.
Risk assessment is carried out regarding the person by using the data obtained with the form.
In the remote identification process to be applied within the scope of the Regulation, only biometric data can be used within the framework of the customer’s special categories of personal data. It is possible to use the relevant data electronically by obtaining the explicit consent of the customer.
In summary, following the remote identification or face-to-face identification of the customer through branches, customers whose any of the channels such as internet banking or mobile banking are open to use, declarations of intention to establish a contractual relationship are required.
In order for the contract to be established, whether it is distant or not, all the terms of the contract must be conveyed to the customer through internet banking or mobile banking channels in a way that the customer may read, the customer must receive the declaration of intention for the establishment of the contract and the customer must sign the contract conveyed to him/her.
In the event that the contract is established electronically or the customer’s declaration of intention to establish the contract is established at a distance following the identification during the video call phase, it is accepted that the written form requirement for contracts is fulfilled.
You may reach the full Turkish version of the Regulation via the link below: