Regulation Amending the Regulation on Audit Activities of the Information and Communication Technologies Authority
AI-generated summary for informational purposes only. Not legal advice. See the original source for the authoritative text.
This 2026 amendment updates the regulatory framework for monitoring and auditing by Turkey's BTK (Information and Communication Technologies Authority). It expands definitions to include remote auditing using technological tools, clarifies powers and obligations of the Sectoral Audit Department, relevant units, auditors, and audited parties. The regulation strengthens BTK's ability to conduct on-site and remote inspections of electronic communications, electronic signatures, postal services, and product safety. It introduces clearer procedures for monitoring, examination, and investigation, including mandatory 30-day written defense periods and possible oral defenses. Temporary restrictions or suspensions of activities for up to six months can be imposed by the Board or its President in urgent cases.
AI-generated summary. May contain errors. Refer to official sources for legal decisions.
Key Changes
- Introduces detailed definition and procedures for 'uzaktan denetim' (remote auditing) using technological tools for all or part of audits
- Expands auditor powers to enter premises, inspect electronic infrastructure, devices, software and request any documents or data
- Requires audited parties to provide full access to systems for remote auditing and maintain them operational during audits
+ 3 more changes with Pro
Obligations
What this law requires
Audited parties must provide all requested information and documents in written and/or verbal form within specified methods and timeframes, without claiming confidentiality exemptions, and must not provide misleading statements
Audited parties must keep management personnel and authorized representatives available during the audit period and provide auditors with a suitable working environment and all necessary facilities
Audited parties must provide access to management locations, buildings, annexes, devices, systems, software and hardware for inspection, including online and offline access, and maintain systems in working order throughout the audit period
Audited parties must provide all necessary infrastructure to enable remote auditing to be conducted properly via technological tools and information technology systems
Audited parties have the right to submit a written defense within 30 days and may request an oral defense opportunity in response to audit findings