MATERIAL TOPICS DISCUSSED IN THIS SECTION
Digital Transformation and Automation |
Data Privacy and Security |
Customer Experience and Satisfaction |
Financial Inclusion |
The strong corporate governance integrated throughout its managerial structure, coupled with its expertise in providing participation banking products and services, and its robust digital competencies and IT infrastructure, are among the building blocks contributing to the success of Ziraat Participation.
- Ziraat Participation provides its customers with its financial products and services that are developed with the awareness of participation banking principles, ethical values, and social responsibility, under the execution and guidance of a robust and fully legally compliant corporate governance structure.
- The Bank's intellectual assets encompass its expertise in providing participation banking products and services, and its mission and vision contribute to its success in ensuring data privacy and security, which are currently emerging as significant areas of risk.
- Among the Bank's intellectual assets, there is also a robust portfolio consisting of applications that are widely recognized in the market and have raised awareness, such as Katılım Mobile and SME Participation Digital, led by the Ziraat brand, which represents a 160-year history. All these aspects, which form the cement of customer experience and satisfaction, play a significant role in the Bank's generation of shareable added value.
The Future Lies in Digital
As artificial intelligence becomes more prevalent in the business and life cycle, Ziraat Participation is placing a greater emphasis on the development of its technological infrastructure and digital product provisioning capabilities. The Bank establishes end-to-end digital processes to enhance the accessibility of financial products, position its products and services in various channels, and acquire a competitive edge, all in accordance with this objective. These studies also significantly contribute to financial inclusion by providing the user with access and timeless ease of use.
Digital opportunities also contribute significantly to financial literacy. The proliferation of digital channels, compared to traditional branch banking, allows a significantly larger population to learn about participation banking products and services, thereby raising awareness. Similarly, the dissemination of informative content on Ziraat Participation's social media platforms facilitates the most simple and comprehensible communication of concepts such as budget, profit share, sharing, and investment.
Ziraat Participation also conducts studies to enhance the processes that ensure the operation of the activity cycle, establish control points to be followed and implemented at every level on these processes, enhance the effectiveness of process controls, prevent potential risks, ensure customer satisfaction, and implement cost-saving measures.
Practices and detailed explanations of the products, services, and solutions implemented by Ziraat Participation regarding digital banking in 2023 are available in the Our Financial Assets section as well as on pages 36-47 of the 2023 Annual Report.
The corporate governance and risk management structure that is integrated into the entire operational infrastructure of the Bank ensures the proper and thorough execution of the tasks.
Ziraat Participation has a corporate governance structure that fully complies with the legislation governing the operation of the banking industry in Türkiye. This structure also ensures the framework, effectiveness, and level of achievement in terms of risk management.
With the contribution of the recently implemented ESRA system, Ziraat Participation's risk management structure will support the Bank to monitor all developments in the risk universe, including ESG risks, and to handle the limits and control over the total risk appetite via a more competitive and accurate approach.
Detailed information on risk management and other corporate governance practices at Ziraat Participation can be found in the A Responsible Corporate Citizen section of the report as well as on pages 66-71 of the 2023 Annual Report.
The presence and significance of the Advisory Committee
The Advisory Committee of Ziraat Participation carries out its activities under the Board of Directors in accordance with Article 4 of the Communiqué on Compliance with the Principles and Standards of Interest-Free Banking published on 14 September 2019. Acting in accordance with the principle of independence, the Advisory Committee monitors Ziraat Participation’s full compliance with the participation banking framework and its sustainability. Within this context, the Committee holds the responsibility for:
- Upholding and implementing the principles and standards of interest-free banking,
- Ensuring that the Bank’s internal regulations align with interest-free finance principles and standards,
- Reviewing and approving the Bank's standard contracts and annexes for its products and services, ensuring they align with interest-free banking principles and standards.
For detailed information on the activities of the Advisory Committee please refer to the pages 60-61 of the 2023 Annual Report.
Ensuring data privacy and security
Ziraat Participation is committed to maintaining a best-in-class cybersecurity infrastructure that is dedicated to identifying emerging risks and consistently improving the security of its systems in order to protect the privacy and security of customer and Bank data.
This approach encompasses a holistic information security management strategy that incorporates comprehensive security policies and standards, a robust security awareness and training program, and the deployment of advanced and layered defense mechanisms.
Ziraat Participation implements practices aimed at securing IT assets in order to ensure business continuity, maintain a strong focus on corporate goals, and enhance customer experience and satisfaction.
The Bank's steadfast goal and legal responsibility is to implement the most effective data privacy and security solutions by following new and cutting-edge security systems.
Ziraat Participation establishes its information security policy and standards in accordance with national and international legislation, standards, and best practices.
To ensure the identification of potential security risks, Ziraat Participation information security teams regularly conduct security vulnerability scanning, annual penetration testing, cyber drills, tabletop exercises, and information system process audits within the scope of BRSA legislation.
The role of human factor in ensuring data privacy and security
Ensuring security requires equal attention to both the human factor and the technical measures that need to be implemented. Ziraat Participation conducts training programs and awareness campaigns to disseminate the security culture and awareness throughout the Bank and ensure that all employees share the responsibility for security through the information security policy and standards it has established.
Within the scope of the Bank's goal of sustainability of data privacy and security, phishing emails are sent regularly through the information processing system, but on different topics, to a varying number of people.
Inspectors performing information systems audits received comprehensive training on network security, Windows security, and secure configuration. Additionally, they completed training to audit the ISO 27001 Information Security Management System, a crucial information security standard. Upon passing the exam at the end of the training, the inspectors earned the ISO 27001 Chief Auditor certificate. Furthermore, Ziraat Participation inspectors underwent training in SQL Server to enhance their ability to conduct audits using data analytics techniques.
