Ebru Özpolat
Founder & Principal Advisor · Governance, Risk & Compliance | AML/CTF | Crypto Licensing
Professional Summary
GRC and Compliance professional with 16+ years of experience across Tier-1 banking (Akbank, ING), fintech (iyzico) and crypto (Rain, EXZi, BNS, CoinTR). Built compliance functions from scratch at two crypto exchanges, authoring 40+ policies and procedures spanning AML/CTF, KVKK and platform operations. Proven track record in SPK/MASAK licensing, MiCA readiness and enterprise risk — with hands-on expertise in transaction monitoring, STR/SAR workflows and blockchain analytics across tools including Chainalysis, Elliptic, Merkle Science and Sanction Scanner.
Experience
Chief Compliance Officer (CCO)
- Monitor and analyze all legislative developments affecting Turkey's crypto asset sector (SPK regulations, MASAK guidelines, FATF recommendations)
- Lead response to MASAK audits and SPK supervisory examinations; prepare formal written responses to regulatory inquiries
- Design and implement a 4-tier customer risk grading mechanism (L1–L4) integrated into the onboarding flow
- Architect a real-time cryptocurrency trade surveillance system with 10-year log retention, utilizing Python for automated alerting and anomaly detection across 31-model ensemble consensus
- Develop decision matrices and risk assessment protocols for Compliance Committee review of international client onboarding
- Build and deliver AML/CFT training programs for all staff tiers
General Manager
- Led overall licensing, governance and compliance strategy for a KVHS crypto platform entering the Turkish market
- Served as primary point of contact for regulators, banks and strategic partners throughout the licensing and go-to-market process
- Oversaw design of Internal Systems (Risk Management, Compliance, Internal Control) and prepared the organisation for Proof of Reserves (POR), financial and IT audits
Deputy General Manager & Board Member
- Acted as 2nd and 3rd line executive owner, overseeing Compliance, Internal Audit and Internal Control functions with direct Board reporting
- Coordinated SPK III-35/B.1 licensing readiness across legal, compliance, risk and technology teams
- Strengthened cross-functional coordination between risk, compliance, operations and technology to support licensing and operational resilience
Chief Compliance Officer (CCO)
- Built the Compliance and Internal Control function from scratch, authoring 40+ policies, procedures and legal documents spanning AML/CTF, KVKK, platform terms and operational workflows
- Led vendor selection and contract negotiation for 5+ RegTech and blockchain analytics tools including Merkle Science, Sanction Scanner, Chainalysis and Elliptic
- Designed and implemented a MASAK-aligned AML/CTF programme including customer risk scoring, transaction monitoring and sanctions screening tailored to a CEX environment
- Managed LP account opening processes in coordination with Treasury across 4 counterparties (Aquanow, Kraken, OKX, Whitebit)
- Supported the Lithuanian team with a MiCA licensing application, interpreting requirements and aligning local controls with EU standards
Compliance Officer (MLRO)
- Authored Turkey-specific AML/CTF framework from scratch including AML Policy, EDD Procedure and STR/SAR workflows
- Managed 993 EDD cases and filed 234 STR reports to MASAK, overseeing end-to-end case management from alert to submission (across both Rain tenures)
- Reviewed and closed 7,000+ IDM alerts across 453 user accounts; conducted 100+ blockchain investigations using Chainalysis (across both Rain tenures)
- Supported ADGM-based group compliance team on cross-border AML/CTF and sanctions alignment
Compliance Manager (MLRO)
- Led a team of 3 compliance professionals as sole MLRO for Turkey, reporting directly to the Global Chief Compliance & Ethics Officer
- Delivered weekly compliance reports to the local Risk Committee
- Provided compliance advisory on 4–5 new product and service initiatives, ensuring regulatory requirements were embedded prior to go-live
- Represented iyzico at TÖDEB and led AML training follow-up for the Turkish team
Senior Compliance Associate
- Developed AML/CTF policies and procedures from the ground up in the absence of KVHS-specific regulation in Turkey
- Reviewed 3,500+ screening cases (World Check, OFAC, MASAK, CMB) over 7 months
- Executed fiat and blockchain transaction monitoring, supporting STR/SAR preparation
Quality Assurance Compliance AVP
- Executed compliance QA reviews across 7+ regulatory domains including GDPR, Trade Surveillance, Communications Surveillance, COI, Gift Registry, ABC/ACC and US Withholding
- Participated in 20+ RCSA sessions, challenging risk and control ratings from a 2LoD perspective
- Prepared and maintained the annual compliance QA/monitoring plan aligned with ING Group and local risk priorities
Compliance Monitoring Assistant VP
- Developed and executed a risk-based Compliance Monitoring Plan covering 7+ regulatory domains, reviewed on a quarterly basis
- Delivered monitoring observations and remediation tracking to key stakeholders across multiple business units
- Operated as 2LoD, translating monitoring results and regulatory changes into practical control improvements
Credit Monitoring Manager
- Monitored SME and commercial credit portfolio of ~TRY 3 billion
- Managed 20+ restructuring and workout cases for higher-risk and non-performing exposures
- Performed financial analysis and credit reviews in collaboration with business, risk and collections teams
Internal Auditor
- Conducted dozens of branch and head-office audits across retail, SME, corporate, operations and support functions over 6 years
- Led fraud investigations, special reviews and thematic audits, identifying control weaknesses and non-compliance with BRSA regulations
- Tracked audit action plans with business owners, escalating high-risk issues where necessary
Assistant Internal Auditor
- Supported planning and execution of branch and head-office audits, performing fieldwork and control testing in line with internal audit standards
- Assisted in identifying control deficiencies and process gaps, contributing to audit findings and recommendations
Risk Management Intern
- Supported the risk management team with data analysis and reporting on credit and market risk
Education
B.Sc. Statistics
Tools & Expertise
Blockchain Analytics
Chainalysis
Elliptic
Merkle Science
Scorechain
Screening & Monitoring
Sanction Scanner
World Check / Refinitiv
OFAC/SDN
Ondato
Custody & Infrastructure
Fireblocks (MPC, DeFi API, policy engine)
Regulatory Frameworks
MASAK
SPK (KVHS)
MiCA
ADGM
BRSA
KVKK
Languages
Turkish (native), English (professional)
Ebru Özpolat is the Founder & Principal Advisor of AlignX Partners. Advisory engagements are scoped independently under formal engagement letters. Book a discovery call →