Audit In Turkey: Types, Process, Requirements & Compliance

Audit in Turkey play a crucial role in ensuring financial transparency and compliance with regulations. Companies operating in Turkey must adhere to specific audit requirements depending on their size, industry, and legal structure. This guide provides an overview of the audit system in Turkey, including types of audits, legal frameworks, and compliance requirements.

Legal Framework for Auditing in Turkey

Auditing in Turkey is governed by several laws and regulations, ensuring compliance with international and national financial reporting standards. The key legal framework includes:

1- Turkish Commercial Code (TCC) No. 6102

• Establishes the foundation for financial reporting and independent auditing requirements.
• Requires certain companies to have their financial statements audited by independent auditors.
• Defines the responsibilities and liabilities of auditors.

2- Capital Markets Law (CML) No. 6362

• Regulates publicly traded companies and entities operating in capital markets.
• Overseen by the Capital Markets Board (CMB), which sets auditing and financial reporting requirements.

3- Public Oversight, Accounting, and Auditing Standards Authority (KGK – Kamu Gözetimi Kurumu)

• The regulatory body responsible for setting auditing and accounting standards in Turkey.
• Adopts Turkish Financial Reporting Standards (TFRS), aligned with International Financial Reporting Standards (IFRS).
• Issues licenses for independent auditors and auditing firms.

4- Banking Law No. 5411

• Governs the auditing of financial institutions, including banks.
• Banking Regulation and Supervision Agency (BDDK) ensures compliance with banking regulations and international standards.

5- Tax Procedure Law No. 213

• Defines tax auditing principles conducted by the Revenue Administration (GİB) and Tax Inspection Board (VDK).
• Ensures companies comply with tax regulations, including VAT, corporate tax, and withholding tax obligations.

6- Social Security Law No. 5510

• Regulates social security contributions and employer liabilities.
• The Social Security Institution (SGK) may conduct audits to ensure compliance with labor and social security regulations.

Types of Audits in Turkey

Auditing in Turkey is categorized into various types depending on regulatory requirements, financial reporting needs, and risk management objectives. Below are the main types of audits conducted in Turkey:

1. Independent (Statutory) Audit

• Definition: Conducted by independent audit firms registered with the Public Oversight, Accounting, and Auditing Standards Authority (KGK).
• Scope: Ensures compliance with Turkish Financial Reporting Standards (TFRS), which align with International Financial Reporting Standards (IFRS).
• Applicable To:
  
  • Public interest entities (banks, insurance companies, publicly traded companies, etc.).
  • Large companies meeting specific thresholds set by the KGK.
  • Entities required by the Turkish Commercial Code (TCC) No. 6102 to undergo independent audits.
• Regulatory Body: KGK (Kamu Gözetimi Kurumu).

2. Internal Audit

• Definition: Conducted by internal audit departments within a company to assess financial and operational controls.
• Scope:
  
  • Evaluates risk management, internal controls, and governance processes.
  • Aims to improve business efficiency and fraud prevention.
• Applicable To: Large corporations, banks, and multinational companies.
• Regulatory Body: Not mandatory under Turkish law but encouraged for corporate governance best practices.

3. Tax Audit

• Definition: Conducted by tax authorities to ensure compliance with Turkish tax laws.
• Scope:
  
  • Reviews corporate tax, VAT, withholding tax, and transfer pricing.
  • Identifies tax evasion or misstatements in tax filings.
• Applicable To:
  
  • All companies and taxpayers operating in Turkey.
  • High-risk or randomly selected entities by the Tax Inspection Board (VDK).
• Regulatory Body:
  
  • Revenue Administration (GİB – Gelir İdaresi Başkanlığı).
  • Tax Inspection Board (VDK – Vergi Denetim Kurulu).

4. Regulatory Audit

• Definition: Conducted by government regulatory agencies to ensure compliance with sector-specific laws.
• Scope & Applicable Entities:
  
  • Banking Sector: Audited by the Banking Regulation and Supervision Agency (BDDK).
  • Capital Markets: Audited by the Capital Markets Board (CMB – SPK) for publicly traded companies.
  • Insurance Sector: Audited by the Insurance and Private Pension Regulation and Supervision Agency (SEDDK).
  • Energy Sector: Audited by the Energy Market Regulatory Authority (EPDK).
  • Competition Law Compliance: Audited by the Turkish Competition Authority (Rekabet Kurumu).

5. Social Security Audit

• Definition: Conducted by the Social Security Institution (SGK) to verify compliance with labor laws and social security regulations.
• Scope:
  
  • Ensures proper registration of employees and accurate payroll reporting.
  • Detects unregistered workers or fraudulent social security claims.
• Applicable To: All employers in Turkey.
• Regulatory Body: Social Security Institution (SGK – Sosyal Güvenlik Kurumu).

6. Special Purpose Audit

• Definition: An investigative audit conducted to detect fraud, corruption, financial misconduct, or legal violations.
• Scope:
  
  • Identifies fraudulent financial transactions and accounting irregularities.
  • Often used in legal proceedings and corporate fraud investigations.
• Applicable To: Companies under investigation or involved in legal disputes.
• Regulatory Body: Conducted by independent auditors and certified public accountant

Who is Required to Undergo an Audit in Turkey?

In Turkey, certain businesses and entities are legally required to undergo audits based on their size, industry, and regulatory requirements. The main entities subject to auditing obligations are outlined below:

1. Companies Subject to Independent Audit (Statutory Audit)

Under Turkish Commercial Code (TCC) No. 6102, companies meeting specific criteria must have their financial statements audited by an independent auditor registered with the Public Oversight, Accounting, and Auditing Standards Authority (KGK – Kamu Gözetimi Kurumu).

A company is required to undergo an independent audit if it meets at least two of the following three conditions for two consecutive years:

• Total Assets: Exceed 150 million TRY
• Annual Revenue: Exceed 300 million TRY
• Number of Employees: Exceed 150

These thresholds are revised periodically by the government.

2. Companies Subject to Tax Audits

All companies and businesses in Turkey are subject to tax audits by the Revenue Administration (GİB – Gelir İdaresi Başkanlığı) and the Tax Inspection Board (VDK – Vergi Denetim Kurulu).
Tax audits can be triggered by:

• Random selection by tax authorities.
• Significant discrepancies in tax declarations.
• Transfer pricing and related-party transactions.
• Claims of tax evasion or fraud.

3. Companies Subject to Internal Audit

While not legally mandatory for all companies, many large corporations and multinational companies conduct internal audits to ensure:

• Compliance with internal financial controls and policies.
• Risk management and fraud prevention.
• Operational efficiency.

4. Social Security and Labor Audits

Companies with employees in Turkey are subject to audits by the Social Security Institution (SGK – Sosyal Güvenlik Kurumu) to verify compliance with labor laws, including:

• Accurate employee registration and payroll reporting.
• Proper calculation and payment of social security premiums.
• Prevention of unregistered employment ("off-the-books" labor).

5. Sector-Specific Regulatory Audits

• Banking and Financial Sector Audits
  • Conducted by the Banking Regulation and Supervision Agency (BDDK) for banks, factoring companies, and leasing firms.
• Capital Markets and Public Companies
  • Audited by the Capital Markets Board (SPK) for compliance with investor protection and financial disclosure requirements.
• Energy Companies
  • Companies operating under the Energy Market Regulatory Authority (EPDK) are subject to audits related to pricing, market regulations, and environmental impact.
• Insurance and Pension Companies
  • Regulated and audited by the Insurance and Private Pension Regulation and Supervision Agency (SEDDK).

6. Public Institutions and Non-Governmental Organizations (NGOs)

• Public institutions and government-owned enterprises are subject to audits by the Turkish Court of Accounts (Sayıştay).
• Non-profit organizations (NGOs) receiving government funding or foreign donations may be audited by relevant authorities, including the Ministry of Interior.

Audit Process in Turkey

Audit processes play a crucial role in ensuring financial transparency and compliance with regulations in Turkey. Companies operating in Turkey must adhere to specific audit requirements depending on their size, industry, and legal structure. This guide provides an overview of the audit system in Turkey, including types of audits, legal frameworks, and compliance requirements.

A. Audit Planning

1. Understanding the Entity – The auditor gathers information about the company, including its structure, financial performance, and internal controls.
2. Risk Assessment – Identification of financial, operational, and compliance risks.
3. Defining Audit Scope – Determining the areas of financial statements or operations to be reviewed.
4. Selecting the Audit Team – Assigning auditors based on expertise and industry knowledge.

B. Execution of the Audit

1. Data Collection – Gathering financial statements, tax records, and other relevant documents.
2. Testing and Evaluation – Reviewing accounting records, invoices, contracts, and transactions for accuracy and compliance.
3. Internal Control Assessment – Evaluating internal processes to ensure fraud prevention and regulatory compliance.
4. Interviews and Inquiries – Discussing financial matters with management and key personnel.

C. Reporting and Findings

1. Audit Report Preparation – The auditor compiles findings, highlights discrepancies, and provides recommendations.
2. Management Discussion – Auditors discuss preliminary findings with the company's management.
3. Final Audit Report Submission – Official submission of the audit report to relevant authorities or shareholders.

D. Compliance and Follow-Up

1. Implementation of Recommendations – Companies address any compliance issues or suggested improvements.
2. Regulatory Filing – Submission of audited financials to regulatory bodies like KGK or SPK (Capital Markets Board).
3. Ongoing Monitoring – Businesses may undergo periodic reviews or additional audits if necessary.

Benefits of Conducting Audits in Turkey

Conducting audits in Turkey provides numerous advantages for businesses, ranging from legal compliance to operational efficiency and financial transparency. Whether the audit is statutory, tax-related, or internal, companies & institutions benefit in various ways.

1. Ensuring Legal and Regulatory Compliance

• Audits help businesses comply with Turkish Commercial Code (TCC), Tax Procedure Law (VUK), and Public Oversight Authority (KGK) regulations.
• Compliance with independent audit requirements prevents penalties and legal issues.
• Ensures adherence to sector-specific regulations in industries such as banking (BDDK), capital markets (SPK), and energy (EPDK).

2. Enhancing Financial Transparency and Accuracy

• Verifies the accuracy of financial statements and ensures proper accounting practices.
• Reduces risks of fraud, misstatements, and financial irregularities.
• Increases investor confidence and credibility with shareholders, partners, and financial institutions.

3. Strengthening Internal Controls and Risk Management

• Identifies weaknesses in internal processes and financial reporting systems.
• Helps detect and prevent fraud, errors, and inefficiencies.
• Improves corporate governance and accountability by promoting best practices.

4. Improving Tax Compliance and Reducing Financial Risks

• Ensures accurate tax reporting and minimizes the risk of disputes with tax authorities.
• Helps businesses prepare for tax audits and inspections, reducing the likelihood of unexpected liabilities.
• Optimizes tax planning and benefits from legal tax deductions and incentives.

5. Attracting Investors and Business Partnerships

• A transparent and well-audited financial system enhances a company's market reputation.
• Facilitates foreign direct investment (FDI) by meeting international audit standards.
• Builds trust with banks, lenders, and potential business partners by showcasing financial stability.

6. Supporting Business Growth and Strategic Decision-Making

• Provides valuable insights into financial performance, profitability, and operational efficiency.
• Helps businesses identify cost-saving opportunities and areas for improvement.
• Assists in making informed business decisions regarding expansion, mergers, or acquisitions.

7. Enabling Compliance with International Standards

• Adopting IFRS (International Financial Reporting Standards) makes it easier to conduct business globally.
• Increases credibility with international stakeholders, including multinational corporations, investors, and regulatory bodies.
• Aligns with requirements for global trade, exports, and cross-border transactions.

Consequences of Audit Non-Compliance in Turkey

Failing to comply with audit requirements in Turkey can result in legal, financial, and reputational consequences for businesses. The Turkish Commercial Code (TCC), Tax Procedure Law (VUK), and Public Oversight Authority (KGK) impose strict regulations on financial reporting and auditing. Below are the key consequences of non-compliance.

1. Legal Penalties and Fines

• Administrative Fines – Companies that fail to conduct mandatory audits may face substantial fines imposed by regulatory bodies.
• Criminal Liability – Intentional misrepresentation, fraud, or concealment of financial data can lead to criminal charges, including imprisonment for responsible executives.
• License Revocation – Companies operating in regulated industries (e.g., banking, insurance, energy) risk losing their business licenses for non-compliance.

2. Tax Penalties and Increased Scrutiny

• Additional Tax Liabilities – Businesses that fail to submit audited financial statements may be subject to tax reassessments and additional liabilities.
• Tax Evasion Charges – Deliberate misreporting or failure to comply with tax audits can result in accusations of tax evasion, leading to severe penalties.
• Interest and Late Payment Fees – Companies may face accumulated interest and surcharges on unpaid taxes due to non-compliance.

3. Financial and Operational Risks

• Restricted Access to Credit and Funding – Banks and financial institutions may refuse loans or financing to companies without properly audited financial statements.
• Investor Confidence Loss – Non-compliance damages a company's credibility, making it difficult to attract foreign and domestic investors.
• Supply Chain and Partnership Risks – Business partners may avoid working with non-compliant companies due to trust and risk concerns.

4. Reputational Damage

• Public Trust Erosion – Companies that fail audits or face legal actions may suffer significant reputational harm.
• Negative Market Perception – Publicly traded companies may see a decline in stock value and loss of shareholder trust.
• Customer Loss – Non-compliance can deter customers, especially in industries where transparency and ethical business practices are critical.

5. Regulatory and Business Restrictions

• Banned from Public Tenders – Government and public institutions often disqualify non-compliant companies from bidding on contracts.
• Suspension of Business Activities – Authorities may impose temporary or permanent shutdowns on companies that fail to meet audit requirements.
• Mandatory Corrective Measures – Businesses may be forced to undergo intensive regulatory monitoring and submit corrective reports.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.