EBRU ÖZPOLAT
Crypto & FinTech Executive | Compliance, Risk & Governance | Licensing Strategy
Istanbul
Summary
Dynamic and results-driven executive specializing in Governance, Risk, and Compliance (GRC) within the cryptocurrency sector, with over 16 years of extensive experience across global crypto exchanges, fintechs, and Tier-1 Turkish banks. Expertise includes CEX licensing, AML/CTF compliance, enterprise risk management, and the development of robust regulatory governance frameworks tailored for KVHS platforms. Recent leadership roles include General Manager at Bitbns Turkey and Deputy General Manager/Chief Compliance Officer at EXZi, overseeing licensing roadmaps and cross-functional teams. Recognized for fostering collaboration and driving operational excellence in fast-paced environments while adeptly navigating complex challenges and optimizing processes to enhance organizational performance.
Overview
18
18
years of professional experience
5
5
Certificates
Work History
General Manager
Bitbns Turkey
08.2025 - 11.2025
- Led the exchange’s overall licensing, governance and compliance strategy for the Turkish market as General Manager of a KVHS crypto platform.
- Directed Risk, Compliance, Operations and Business Development functions, aligning them with SPK III-35/B.1, MASAK AML/CTF and FATF expectations.
- Served as the primary point of contact for regulators, banks, service providers and strategic partners during the licensing and go-to-market process.
- Oversaw the design of Internal Systems (Risk Management, Compliance, Internal Control) and prepared the organisation for Proof of Reserves (PoR), financial and IT audits.
Board Member & Deputy General Manager
EXZi
03.2025 - 06.2025
- Served as Board Member and Deputy General Manager for a KVHS crypto exchange, with Internal Audit, Internal Control and Compliance functions reporting directly to the role.
- Acted as the 2nd and 3rd line of defence executive owner, giving the Board an integrated view of key risks, control gaps and audit findings.
- Oversaw governance and Internal Systems required for SPK III-35/B.1 readiness, coordinating with the CCO, legal counsel and external advisors.
- Strengthened cross-functional coordination between risk, compliance, operations and technology to support licensing and operational resilience.
Chief Compliance Officer (CCO)
EXZi
04.2024 - 04.2025
- Designed and implemented a MASAK-aligned AML/CTF programme, including risk assessment, policies, procedures and ongoing monitoring.
- Built the Compliance and Internal Control function from scratch, defining roles, workflows and reporting lines.
- Implemented sanctions screening, transaction monitoring and customer risk rating processes tailored to a CEX environment, leveraging crypto analytics and traditional AML tools.
- Advised business, product and technology teams on the regulatory impact of new products and services, enabling licensed and scalable growth.
- Supported the Lithuanian/EU team on a MiCA licensing application, helping to interpret MiCA requirements and align local controls with EU standards.
Compliance Officer (MLRO)
Rain Turkey
12.2023 - 04.2024
- Acted as the local MLRO for the Turkish entity of a global crypto exchange, overseeing day-to-day AML/CTF controls and escalations.
- Implemented a Turkey-specific AML/CTF risk framework and STR/SAR workflows in line with MASAK and group expectations.
- Handled alert review and transaction monitoring, including blockchain analytics using Chainalysis, conducting investigations and preparing case files for escalation.
- Supported the ADGM-based compliance team on cross-border AML/CTF and sanctions standards, ensuring alignment with group frameworks.
- Contributed to the remediation of audit and regulatory findings, closing key gaps in AML, sanctions and governance controls.
Compliance Manager (MLRO)
iyzico
11.2022 - 05.2023
- Acted as local MLRO for a leading payments/fintech company in Türkiye, overseeing AML/CTF and compliance activities.
- Managed a team of three compliance professionals, coordinating workload, priorities and development of the local function.
- Served as the single point of contact (SPOC) for Türkiye, reporting directly to the Global Head of Chief Compliance & Ethics on local risks, issues and initiatives.
- Advised on new products and services from a compliance perspective, ensuring regulatory requirements and risk appetite were reflected in design and go-live decisions.
- Managed the compliance control framework, conducting risk assessments and control testing, and reporting key issues and trends to senior management and audit.
- Member of the local Risk Committee, bringing a compliance and AML/CTF view into risk assessments, incident reviews and remediation actions.
- Represented iyzico in local industry institutions, including TÖDEB, and led AML and compliance training follow-up for the Turkish team.
Senior Compliance Associate
Rain Turkey
11.2021 - 09.2022
- Contributed to AML, sanctions, regulatory and market abuse programmes for the Turkish operations of a global crypto exchange.
- Performed WorldCheck/Refinitiv, OFAC, SDN, PEP, MASAK and CMB screening, primarily for higher-risk alerts and cases escalated from Operations.
- Executed fiat and blockchain transaction monitoring, escalating suspicious activity and supporting investigations and STR/SAR preparation.
- Helped draft and update AML, sanctions and compliance policies and procedures, aligning them with group standards and local regulatory requirements.
- Conducted gap analyses between MASAK/CMB requirements, group frameworks and local practices, proposing remediation and process improvements.
- Worked closely with Operations, Risk, Legal and Product teams to embed compliance requirements in customer journeys and internal processes.
Quality Assurance Compliance AVP
ING Bank
01.2021 - 10.2021
- Reported into the global compliance function, applying ING Group standards, methodology and policies to the Turkish business.
- Executed compliance QA reviews over monitoring activities and key controls, assessing both design and operating effectiveness.
- Conducted compliance risk assessments and helped shape the risk-based QA and monitoring agenda based on risk analysis and regulatory developments.
- Supported business-led RCSA exercises from a compliance perspective by joining RCSA meetings, challenging risk/control ratings and feeding outcomes into QA planning.
- Prepared and updated the annual compliance QA/monitoring plan, ensuring alignment with global and local risk priorities.
- Operated as a second line of defence (2LoD) function, working closely with first line business teams to challenge, advise and support them on compliance risks, controls and remediation actions.
- Communicated QA observations and thematic findings to key stakeholders and supported the development and tracking of remediation plans.
Compliance Monitoring Assistant VP
ING Bank
09.2019 - 12.2020
- Executed compliance monitoring and QA activities in line with ING Group guidance and procedures.
- Developed and executed a risk-based Compliance Monitoring Plan aligned with global and business line priorities, reviewing it on at least a quarterly basis.
- Supported business units and subsidiaries to ensure monitoring plans for specified operations were properly designed and executed.
- Supported business-led RCSA processes by participating in workshops and meetings, providing a compliance view on key risks and controls, and using outcomes to refine monitoring focus.
- Established cross-functional relationships to drive collaboration, adherence to and maintenance of monitoring work programmes.
- Communicated monitoring observations to key stakeholders and supported the development and follow-up of remediation plans with business owners.
- Functioned as part of the second line of defence, collaborating with first line business and operations teams to translate monitoring results and regulatory changes into practical control improvements.
Credit Monitoring Manager
Akbank
07.2017 - 07.2019
- Managed SME and commercial credit portfolios, monitoring risk indicators, early warning signals and overall portfolio quality.
- Supported restructuring, workout and recovery strategies for higher-risk and non-performing exposures.
- Performed financial analysis and credit reviews, contributing to credit decisions and portfolio actions.
- Worked with business, risk and collections teams to balance portfolio growth with credit risk discipline and regulatory expectations.
Internal Auditor (3rd Line of Defence)
Akbank
06.2011 - 07.2017
- Served as Internal Auditor in the third line of defence (3LoD) at a leading Turkish bank, after progressing from Assistant Internal Auditor.
- Conducted branch and head-office audits across retail, SME, corporate, operations and support functions, assessing risk management and internal controls.
- Led fraud investigations, special reviews and thematic audits, identifying control weaknesses, process gaps and non-compliance with internal policies and BRSA regulations.
- Executed testing of key controls, documented working papers and developed audit findings with clear root cause impact and recommendations.
- Followed up audit action plans with business owners and management, tracking remediation and escalating high-risk issues where necessary.
Assistant Internal Auditor (3rd Line of Defence)
Akbank
07.2009 - 06.2011
- Started career in the Internal Audit function (3LoD), supporting senior auditors in planning and executing audits.
- Performed fieldwork and control testing for branch and head-office audits, documenting working papers in line with internal audit standards.
- Assisted in identifying control deficiencies and process gaps, contributing to audit findings and recommendations.
Risk Management Intern
Halkbank
07.2007 - 08.2007
- Supported the risk management team with data analysis and reporting on credit and market risk.
- Gained early exposure to risk measurement and regulatory expectations in a state-owned bank.
Education
B.Sc. - Statistics
Middle East Technical University (METU / ODTU)
Ankara, Turkey01.2009
Timeline
General Manager
Bitbns Turkey
08.2025 - 11.2025
Board Member & Deputy General Manager
EXZi
03.2025 - 06.2025
Chief Compliance Officer (CCO)
EXZi
04.2024 - 04.2025
Sanctions and Terrorism in Crypto
03-2024
Blockchain and Crypto Assets Foundation
03-2024
Crypto Market Players
03-2024
Crypto Specific Crimes
03-2024
International Organisations Dictating the Financial Regulatory Framework
03-2024
Compliance Officer (MLRO)
Rain Turkey
12.2023 - 04.2024
Compliance Manager (MLRO)
iyzico
11.2022 - 05.2023
Senior Compliance Associate
Rain Turkey
11.2021 - 09.2022
Quality Assurance Compliance AVP
ING Bank
01.2021 - 10.2021
Compliance Monitoring Assistant VP
ING Bank
09.2019 - 12.2020
Credit Monitoring Manager
Akbank
07.2017 - 07.2019
Internal Auditor (3rd Line of Defence)
Akbank
06.2011 - 07.2017
Assistant Internal Auditor (3rd Line of Defence)
Akbank
07.2009 - 06.2011
Risk Management Intern
Halkbank
07.2007 - 08.2007
B.Sc. - Statistics
Middle East Technical University (METU / ODTU)
Skills
Compliance & Risk
Regulatory Strategy
Operations & P&L Management
Senior Leadership
Analytics & Reporting
Business Development
Vendor & Stakeholder Management
Affiliations
Global Centre for Risk and Innovation (Member)
Certification
Sanctions and Terrorism in Crypto
Regulatory And Licensing Experience
- Türkiye, SPK III-35/B.1 crypto-asset licensing, MASAK AML/CTF frameworks, Internal Systems for KVHS; banking, fintech and crypto compliance (Akbank, ING, iyzico, Rain, Bitbns Turkey).
- European Union, Supported a Lithuanian MiCA licensing application, mapping MiCA requirements to CEX governance, risk and AML/CTF controls.
- UAE / ADGM, Worked with an ADGM-based compliance team on group-wide AML/CTF, sanctions and transaction monitoring standards.
- Global, Practical exposure to FATF standards, sanctions regimes and the Travel Rule, using blockchain analytics (Chainalysis, Elliptic).