Anti-Bribery and Corruption Policy

1. Purpose and Scope

The purpose of Anti-Bribery and Corruption Policy (“Policy”) of Türkiye Vakıflar Bankası T.A.O. (VakıfBank) is to ensure compliance of bank employees with the then-current legal regulations against bribery and corruption in all countries VakıfBank operates as well as to the ethical principles and other international standards. As VakıfBank we take a zero-tolerance approach to bribery and corruption.

Anti-Bribery and Corruption Policy of VakıfBank applies to;

- All Bank employees including the Board of Directors,
- All subsidiaries and affiliates of VakıfBank and their employees,
- VakıfBank’s outsourcing companies and their business partners and employees.

The Policy is an integral part of the Bank’s Corporate Governance Principles, Ethical Principles, Personnel Regulations, Collective Labor Agreement, Trading and Tendering Regulations and Bank legislation and legal regulations.

The Anti-Bribery and Corruption Policy was reviewed in 2015 and extended to make the necessary updates.

2. Definitions

Corruption is demanding, offering, giving or accepting any kinds of bribe or illegal benefits that would cause deviations in the lawful performance of duties or necessary actions by a person, who directly or indirectly acquires the illegal benefit or bribe.

Bribery is a person’s gaining benefit within the framework of an agreement entered into with a third party so that such person acts in breach of the requirements of his/her duty by performing or not performing a work, speeding up or slowing down thereof, etc.

Bribery and corruption may occur in various different ways and fields, such as:

 Gifts
 Political Donations
 Hospitality
 Outsourcing Companies and Business Partners
 Facilitation Payments

3. Duties and Responsibilities

The Anti-Bribery and Corruption Policy has been approved by the Board of Directors. The implementation and updating of the Policy shall be ensured through assignments made by the Board of Directors.

Within the scope of the Anti-Bribery and Corruption Policy, the processes, systems and organizational structures required to comply with the legal regulations and ethical principles have been established and related duties and responsibilities have been written down. Accordingly;

• Regulating and amending the ethical principles is under the authority of VakıfBank Board of Directors and disciplinary sanction is implemented in case of violation of these principles by an employee. Disciplinary Board is authorized to examine such cases with the assignment of the Board of Directors.

• Throughout the year, continuous internal audits are performed by the Audit Board at the Bank affiliates and outsourcing firms and the results of the audits and any report related to violations are submitted to the Audit Committee. The Audit Committee which directly reports to the Board of Directors and meets periodically, reviews the reports and presents its feedback when necessary to the Board of Directors.

• The Audit Board conducts necessary audits in order to ensure the compliance of the banking operations to the related regulations and policies and as a result of the independent reporting, makes notifications to the related departments for the improvement of the Policy.

• The managers of all departments of VakıfBank are responsible from taking measures within the scope of their duties for assessing the potential risks and to ensure the compliance of employees, outsourcing companies and business partners with the Policy principles.

• VakıfBank’s employees are responsible from adhering to the policies determined by the top management, to carry out their duties determined by the legislations and the Bank’s relevant regulations within their authorities and from working in compliance.

4. Bribery and Corruption

VakıfBank is against all kinds of bribery and corruption and also is determined to comply with the relevant laws, regulations and principles. Receiving bribes or bribing can never be accepted regardless of its purpose.

It is essential that the business relationships shall not be continued with third parties (outsourcing companies and business partners) who wish to get service from VakıfBank via bribery.

5. MAJOR RISK AREAS OF CORRUPTION

In VakıfBank, in order to ensure efficient fight against bribery and corruption, possible risks are identified beforehand by related units, services and operations are separated into categories and necessary analyses are carried out. According to the results of the analysis studies and within a risk-based approach, necessary measures are taken by considering the possible risks. The measures taken at this stage are determined taking into account the risk-exposure level of the positions of the existing employees and their level of access within their roles.

a) Gifts

A gift is a product generally given by customers or persons being in a business relationship with the Bank as a means of appreciation or commercial courtesy and which does not require a financial payment.

All kinds of gifts given to third parties by the Bank are offered publicly and with goodwill. The same principles are applied for accepting a gift and under no circumstances may a gift is accepted unless it is a low priced symbolic one given not to the person but his/her company in accordance with these principles.

Even if it complies with the Policy, no gift must be offered or accepted in situations which could cause any conflict of interest or perceived as such.

b) Political Donations

It is essential that the Bank does not make any corporate or individual payment, give any gift, provide financial aid or donation to any government official or political party candidate in order to influence any decision at the service procurement or rendering stage likely to be related to the continuity of banking operations or for the benefit of the Bank.

The principles for donations and aid are laid down in the Donation and Aid Policy of VakıfBank. According to the principles of Donation and Aid Policy as well as the banking regulations it is subjected to and other related regulations, all donations and aid within an accounting period are submitted as a separate agenda item for information of the stakeholders and shareholders at the General Meeting of that year and declared to the public within the annual report.

c) Hospitality

Hospitality may be offered to third parties for developing commercial relationships and for establishing a normal commercial communication network. Among such third parties, customers, consultants, lawyers, auditors and other companies who have business relationship with the Bank can be mentioned. Hospitality offered by VakıfBank shall be publicly, unconditionally and with good will.

Even if it complies with the Policy, hospitality must not be offered or accepted in situations which could cause any conflict of interest or perceived as such.

d) Outsourcing Companies and Business Partners

Outsourcing companies and business partners including those from which support services are obtained must comply with the principles of the Policy and other relevant regulations. For this reason, in all agreements and contracts with the outsourcing companies and business partners, the requirement of compliance with the Bank’s policies and understanding and implementing of these issues by the company’s and its business partners’ employees is included. With these principles, potential risks are eliminated. The Bank terminates its relations with the persons or institutions failing to comply with the Anti-Bribery and Corruption Policy.

Under no circumstances the Bank works with any company or its business partners having a negative intelligence and which is included in a monitoring list in this field. Due diligence is conducted beforehand. In the selection of outsourcing companies and their business partners, besides usual technical criteria, having a positive background and policies equivalent to the Bank’s policies and ethical principles are paid regard to. In addition, it is verified if the payments are appropriate and legitimate for the purchased service.

All related units involved in the purchase of an outsourced service are subjected to the Bank’s internal audit and compliance with the abovementioned principles is evaluated during audits.

Also, because VakıfBank is a state bank, in addition to the audits conducted for private banks and financial institutes, it is also continuously audited by the commissioner of audits, its data, documentation and business processes are audited and in this framework, an annual audit report is issued by the Turkish Court of Accounts.

e) Facilitation Payments

The Bank does not allow the persons and institutions within the context of this Policy to offer facilitation payments in order to guarantee or accelerate a routine transaction or process with government agencies.

6. Correct Recordkeeping

The principles about the accounting and recordkeeping system which must be complied with by the Bank are laid down within the legal regulations, ethical principles and banking legislation. In this context, all kinds of accounts, invoices or other documents related to dealings with third parties (customers, suppliers, etc.) should be recorded and kept completely, accurately and reliably. Any falsification of commercial or similar records and any false representation should be avoided.

7. Training

The Anti-Bribery and Corruption Policy has been communicated with all employees and is always and easily accessible within the intranet environment.

For the purpose of ensuring that employees adopt the principles of the Policy and works in compliance with these principles, continuous trainings are delivered. In this context, considering legal obligations and regulations, employees are regularly provided with trainings regarding “Suppression of Money Laundering and Terrorist Financing”, “Competition Law” and “Fraud”.

8. Reporting the Cases and Conducts Contrary to the Policy

The Bank employees and the persons acting on behalf of the Bank are obliged to promptly and directly report to the Audit Board any person or institute acting contrary to the rules of this Policy or any case in violation of the rules. The notifications are kept strictly confidential. During inspections and investigations after the notification, the rules of confidentiality are observed with great care and avoidance of harm to the notifying employee is taken as a priority.

9. Supporting and Protecting the Employees Who Comply with the Policy

The Bank promises to the employees who comply with the rules related to the prevention of bribery and corruption that there will be no retaliation against them because of acting in accordance with that rules, that it will protect the employees who acts in accordance with the policies in any circumstances and that relevant notifications to the Audit Board shall be kept confidential.

10. Sanction

Any violation of Anti-Bribery and Corruption Policy may lead to disciplinary action, which could result in termination of contract. The cases violating this Policy are inspected by the Audit Board and if any conduct not complying with the legislation is determined, necessary sanctions are applied in accordance with the legislation.

Furthermore, those who do not comply with the legislation are liable to possible criminal sanctions.