Legal due diligence is one of the most important stages of any merger or acquisition in Turkey. In practice, it is the process through which the buyer, investor, or incoming joint venture partner identifies the legal risks of the target business before signing or closing the transaction. In Turkey, this review is especially important because M&A transactions sit at the intersection of company law, competition law, labor law, contract law, personal data law, tax rules, and, in some cases, capital markets regulation. Turkey’s official investment materials also frame the legal environment in similarly broad terms, noting that investors typically evaluate foreign investment protection, business structures, labor law, property rights, environmental law, competition law, public procurement, and personal data protection during the investment process.
A proper Turkish due diligence exercise is therefore not limited to checking whether the target exists and whether it has signed contracts. It is a structured legal risk assessment designed to answer more difficult questions: Who really controls the target? Are there restrictions on the transfer of shares? Do key contracts require third-party consent? Could the transaction trigger Turkish merger control? Are there hidden employee, tax, or data protection liabilities? Is the target operating under licenses or permits that may be revoked, reassessed, or require change-of-control approval? These issues directly affect valuation, signing mechanics, indemnity design, and whether the transaction can close at all.
In Turkish M&A practice, the importance of diligence has only increased as transaction volume has remained active. The Turkish Competition Authority’s 2025 Mergers and Acquisitions Overview Report states that 416 merger and acquisition transactions were examined in 2025, the highest number in the last thirteen years, and that notified transactions received final decisions after an average of 10 days following the final date of notification. That data shows two things at once: the Turkish market is active, and transaction planning is increasingly dependent on getting the legal work right early.
Why legal due diligence matters in Turkey
The first reason legal due diligence matters in Turkey is that Turkish law often ties transaction validity to legal formality. A buyer may be commercially ready to sign, but if the target’s corporate structure, shareholder approvals, transfer restrictions, or regulatory status have not been properly reviewed, the deal may become delayed, restructured, or legally ineffective. This is particularly true in LLC transactions, regulated sectors, listed-company deals, and transactions involving foreign investors or technology businesses.
The second reason is that not all Turkish M&A deals transfer risk in the same way. In a share deal, the buyer usually acquires the company with its legal history, liabilities, and operational structure intact. In an asset deal or business transfer, Turkish law introduces separate questions relating to contract transfer, creditor notice, employee continuity, and liability allocation. Due diligence is what allows the buyer to distinguish between risks that stay with the seller and risks that move with the business.
The third reason is regulatory timing. Turkish merger control rules require notification and authorization where the relevant thresholds are met, and the Competition Authority evaluates whether there is a lasting change in control. If that issue is not identified during due diligence, parties may sign documents that assume immediate closing even though legal closing cannot occur without Competition Board authorization.
Corporate and ownership due diligence
The starting point in a Turkish due diligence review is usually corporate status and ownership. Counsel should confirm the target’s exact legal form, constitutional documents, registered office, registry data, shareholding structure, management bodies, representation rules, and whether there are any defects in incorporation or later amendments. Turkey’s Investment Office states that international investors may establish any company form set out in the Turkish Commercial Code, but that joint stock companies and limited liability companies are the most common vehicles in practice. That is important because transfer rules are not identical across those forms.
If the target is a joint stock company, registered shares are in principle transferable unless the law or the articles of association provide otherwise. Article 490 of the Turkish Commercial Code states that, unless otherwise stipulated by law or the articles, registered shares may be transferred without restriction, and the legal transfer can be completed by endorsement of the share certificate and transfer of possession. For diligence purposes, that means counsel must still review the articles, any shareholders’ agreement, share classes, veto rights, liens, usufruct rights, unpaid capital issues, and any statutory or contractual transfer limitations.
If the target is a limited liability company, the diligence analysis becomes more formal. Article 595 of the Turkish Commercial Code provides that transfer of an LLC capital share and the underlying transfer obligation must be made in writing with notarized signatures, and that—unless the articles provide otherwise—the transfer requires general assembly approval and becomes valid only with that approval. The same article also allows the articles to prohibit transfer altogether. This makes LLC share-diligence particularly important in Turkey: the buyer must verify not only ownership, but also whether the contemplated transaction is structurally possible and what approvals are needed to complete it.
Corporate due diligence should also check whether the signatories who will bind the seller and the target are duly authorized. Turkey’s investment guidance notes that company establishment and registry formalities are run through trade registry directorates and MERSIS, and that the process is designed as a one-stop shop. In practice, that means registry records, signature authority, board powers, and historical corporate filings are central pieces of diligence material, not mere formal appendices.
Due diligence must match the deal structure
A strong Turkish due diligence exercise always takes account of whether the deal is a share purchase, asset purchase, business transfer, merger, or joint venture. Turkish law does not treat these structures the same way, and a buyer who uses the same diligence checklist for all of them is likely to miss critical issues.
In an asset or business transfer, Article 202 of the Turkish Code of Obligations is essential. It provides that a person who takes over an asset pool or a business with its assets and liabilities becomes liable to creditors starting from the date of creditor notice or public announcement, and that the previous debtor remains jointly liable with the transferee for two years. That means Turkish asset diligence cannot stop at identifying assets; it must also map whether liabilities, notices, and creditor-facing obligations are being transferred in a way that could create shared or continuing exposure.
Contract transfer also requires specific review. Article 205 of the Turkish Code of Obligations defines contract transfer as an agreement among the transferor, transferee, and the remaining contract party through which the full contractual position passes to the transferee. It also recognizes agreements based on prior consent or later approval from the remaining party. For Turkish M&A lawyers, this means commercial diligence must identify which agreements are freely transferable, which require consent, and which are subject to change-of-control or anti-assignment clauses.
Competition-law due diligence
Competition-law diligence is now one of the most important workstreams in Turkish M&A. The Competition Authority’s guideline on control explains that a merger or acquisition exists where there is a lasting change in control, including acquisition of direct or indirect control over all or part of an undertaking through shares, assets, contracts, or other means. The guideline also makes clear that intra-group transactions and minority acquisitions that do not create control generally fall outside the concentration regime. This means due diligence must assess not only share percentages, but also veto rights, board rights, reserved matters, de facto influence, serial transactions, and interdependent steps.
Threshold analysis is equally important. Article 7 of Communiqué No. 2010/4 states that Competition Board authorization is required where the total Turkish turnovers of the transaction parties exceed TRY 750 million and the Turkish turnovers of at least two parties each exceed TRY 250 million, or where the Turkish turnover of the target asset or activity exceeds TRY 250 million and another transaction party has global turnover exceeding TRY 3 billion. The same provision also states that, in acquisitions of certain technology companies operating in the Turkish geographic market, conducting R&D in Turkey, or providing services to Turkish users, the ordinary TRY 250 million local threshold does not apply in the usual way.
Technology-sector diligence therefore deserves special care. The communiqué defines “technology undertakings” to include digital platforms, software and gaming software, financial technologies, biotechnology, pharmacology, agricultural chemicals, and healthcare technologies. In practice, this means a target with relatively modest Turkish turnover may still require careful merger-control analysis if it has Turkish users, Turkish R&D activity, or a business model that falls within the technology undertaking definition.
From a practical standpoint, competition-law diligence in Turkey should therefore cover: group turnover, market activities in Turkey, control rights, overlaps and vertical links, recent acquisitions, joint-control arrangements, and whether the transaction involves a transfer of only part of a business. If those issues are identified late, the SPA or investment agreement may need to be rewritten around conditions precedent and regulatory timing.
Employment and workplace due diligence
Labor law is another area where Turkish due diligence can materially affect the economics of the transaction. Article 6 of the Labor Law provides that when a workplace or a part of it is transferred through a legal transaction, the employment contracts existing at the transfer date pass to the transferee together with all rights and obligations. It also requires the transferee to recognize the employee’s original commencement date for seniority-based rights. For asset and business transfers, this rule can significantly affect severance risk, accrued benefits, and post-closing workforce planning.
The same article also provides that transferor and transferee are jointly liable for pre-transfer obligations that were due at the transfer date, although the transferor’s responsibility is limited to two years from the transfer. It further states that neither the transferor nor the transferee may terminate employment solely because of the transfer, and that the transfer itself is not a justified ground for termination from the employee’s side. This makes Turkish employment diligence especially important in carve-outs and business transfers where buyers might otherwise assume they can freely select the workforce they want to keep.
Occupational health and safety is part of the same diligence stream. Law No. 6331 states that employers are responsible for securing occupational health and safety, taking necessary measures, monitoring compliance, conducting or commissioning risk assessments, and appointing or obtaining required OSH personnel such as an occupational safety expert and workplace physician under the statutory framework. For M&A purposes, the buyer should review risk assessments, OSH service arrangements, workplace accident history, inspection findings, corrective actions, and whether the target’s staffing model and hazard classification are reflected correctly in compliance practice.
Personal data and technology due diligence
Personal data compliance has become a core due diligence topic in Turkish M&A, particularly for companies with digital products, consumer databases, employee data, health information, financial services, SaaS infrastructure, or cross-border processing models. The Personal Data Protection Law states that its purpose is to protect fundamental rights and freedoms, especially privacy, and that it applies to natural or legal persons processing personal data wholly or partly by automated means, or by non-automated means where the data forms part of a filing system. This means data protection review is not optional only for “tech companies”; it is potentially relevant to a large range of Turkish targets.
Due diligence should also check whether the target is subject to registration in the Data Controllers’ Registry and, if so, whether it has completed that process correctly. The By-Law on Data Controllers’ Registry states that the Registry is kept publicly available, that data controllers under a registration obligation must register before processing begins, and that relevant operations are carried out through VERBIS. It also requires data controllers under the registration obligation to prepare a personal data processing inventory and to maintain accurate, complete, and lawful registry information. These are precisely the kinds of items that should be tested in Turkish due diligence rather than accepted at face value.
Cross-border data transfers require separate review. The By-Law on the Procedures and Principles for the Transfer of Personal Data Abroad states that transfers may be made where an adequacy decision exists, or, absent adequacy, where one of the prescribed safeguards is in place and data-subject rights and effective remedies are available; failing that, only limited exceptional situations may justify incidental transfers. The by-law also makes clear that processors do not escape responsibility simply because they act on behalf of a controller, and that technical and organizational safeguards remain essential. For diligence purposes, this means Turkish targets should be asked where personal data is stored, who can access it abroad, what vendor arrangements exist, and on what legal basis international transfers are made.
Commercial contracts, licenses, and operating permissions
Contract diligence in Turkey should be risk-based rather than mechanical. The buyer must identify not only whether important agreements exist, but also whether those agreements can survive the transaction as planned. In a share deal, the key question is often whether a contract contains a change-of-control trigger. In an asset deal, the focus shifts more strongly to assignment, novation, and required counterparty consents under the contract-transfer regime.
The same review should be applied to licenses, authorizations, permits, concessions, public procurement positions, and any industry-specific approvals that enable the target to operate. Turkey’s official legal guide specifically highlights public procurement, environmental law, competition law, property rights, and personal data among the legal areas relevant to investors. That means diligence should verify not just private-law contracts, but also whether the target’s business model depends on public law permissions that could be limited, non-transferable, or subject to post-closing scrutiny.
If the target is publicly held or listed, the diligence perimeter becomes broader again. The Capital Markets Board’s legislation page lists the Capital Markets Law, Communiqué II-26.1 on Takeover Bids, and related capital-markets communiqués as part of the Turkish public-company framework. As a result, due diligence for public M&A in Turkey should cover tender-offer implications, disclosure obligations, corporate approvals, shareholder-rights implications, and any special rules that may be triggered by acquiring control in a listed issuer.
Tax and transaction-cost diligence
Tax due diligence is not limited to historic tax audits and unpaid assessments. In Turkey, it also includes reviewing how the structure of the deal may itself generate transaction costs. The Investment Office’s tax guide states that generally applied VAT rates are 1%, 10%, and 20% and that stamp duty applies to a wide range of documents, including contracts, with ad valorem rates or fixed charges depending on the instrument. In transaction planning, those rules matter because they may affect whether the parties prefer a share transfer, an asset transfer, or a more complex reorganization, and because stamp duty and VAT exposure can materially influence closing costs and drafting choices.
This is why Turkish tax diligence should normally test both historical compliance and transactional tax consequences. A buyer should understand whether the target has open tax exposure, but also whether the contemplated document suite, financing structure, or asset-selection method could change the economics of the deal.
Foreign investor and post-closing diligence items
For foreign investors, Turkey’s due diligence process should also include foreign-investment compliance. The Investment Office states that Turkey’s FDI regime is based on equal treatment and that international investors have the same rights and liabilities as local investors, while the conditions for establishing a business and transferring shares are the same as those for local investors. At the same time, the same official guidance states that certain FDI-related documents, including the FDI Share Transfer Data Form, are submitted electronically through E-TUYS. This means foreign investors should not only review pre-closing legality, but also confirm who will handle the post-closing reporting workstream.
Conclusion
In Turkey, legal due diligence is not a formality attached to the back end of an M&A process. It is the legal map of the transaction. A well-run diligence review tells the buyer whether the deal should be structured as a share purchase or asset transfer, whether the target’s ownership can actually be transferred, whether merger-control approval is needed, whether employee and data liabilities may move with the business, whether public or regulatory permissions are secure, and whether the pricing and indemnity package properly reflects the real legal risk.
That is why the best Turkish M&A transactions do not treat due diligence as a document-collection exercise. They use it to shape the deal itself. In a market where company law formalities, merger control, employee transfer rules, data compliance, and foreign-investment reporting all matter, due diligence is the stage that turns a commercial idea into a legally executable transaction.
Yanıt yok