BANKACILIK SEKTÖRÜNDE YAPAY ZEKA UYGULAMALARI, GDPR VE AB YAPAY ZEKA YASASI ÇERÇEVESİNDE VERİ GÜVENLİĞİ

Yıl 2025, Cilt: 20 Sayı: 2, 68 - 88, 29.12.2025

Özce Cumhur

Öz

Bankacılık sektörü, dijital dönüşümün hızlanmasıyla birlikte yapay zeka (YZ) uygulamalarının en yoğun kullanıldığı alanlardan biri hâline gelmiştir. Kredi skorlama, risk yönetimi, dolandırıcılık tespiti, müşteri davranış analizi, süreç otomasyonu ve karar destek mekanizmaları gibi işlevlerde YZ sistemlerinin yaygınlaşması, veri güvenliği, algoritmik ayrımcılık, şeffaflık, hesap verebilirlik ve insan haklarına yönelik riskleri beraberinde getirmiştir. Bu bağlamda Avrupa Birliği (AB), hem kişisel veriyi korumak hem de YZ sistemlerinin güvenli kullanımını sağlamak amacıyla iki temel düzenleme oluşturmuştur: Genel Veri Koruma Tüzüğü (GDPR) ve Yapay Zeka Yasası (AI Act). Bu çalışma, bankacılık sektöründe YZ kullanımının teknik ve hukuki boyutlarını incelemekte; GDPR ve YZ Yasası’nın sektöre getirdiği yükümlülükleri, riskleri ve fırsatları karşılaştırmalı olarak analiz etmektedir. Ayrıca AB Veri Yasası (Data Act), Veri Yönetişim Yasası (DGA), PSD2, Digital Services Act ve AB Etik İlkeleri gibi tamamlayıcı düzenlemelerin sektördeki etkileri de değerlendirilmektedir. Sonuç olarak bankacılık sektörünün, hızlı teknolojik dönüşüm ile gelişen düzenleyici çerçeve arasında uyumu sağlamak için veri yönetişimi, açıklanabilirlik, insan gözetimi, model risk yönetimi ve şeffaflık alanlarında kapsamlı stratejik dönüşümler yapması gerekti düşünülmektedir.

Anahtar Kelimeler

Yapay zeka , GDPR , Yapay Zeka Yasası , Veri Güvenliği , Algoritmik ayrımcılık

AI APPLICATIONS IN THE BANKING INDUSTRY, DATA SECURITY WITHIN THE FRAMEWORK OF GDPR AND THE EU AI ACT

Öz

The rapid digital transformation has positioned the banking sector as one of the primary fields in which artificial intelligence (AI) technologies are heavily deployed. Applications such as credit scoring, fraud detection, customer behavior analytics, risk modeling and automated decision-making raise significant concerns related to data protection, algorithmic fairness, transparency and accountability. In response, the European Union (EU) has introduced a two-tier legal framework: the General Data Protection Regulation (GDPR) and the Artificial Intelligence Act (AI Act). This article examines the legal and technical implications of AI use in the banking sector, evaluates the intersection between GDPR and the AI Act, and analyzes complementary regulations including the Data Act, the Data Governance Act, PSD2 and the EU Ethical Guidelines for Trustworthy AI. Findings demonstrate that banks must strengthen governance mechanisms, including explainability, human oversight and model risk management, to ensure compliance and sustainability.

Anahtar Kelimeler

Artificial intelligence , GDPR , AI Act , Algorithmic bias , Data governance

Kaynakça

• AKERKAR, R. (2014). Introduction to Artificial Intelligence. PHI Learning Press, London.
• BABINA, T., BAHAJ, S., BUCHAK, G., DE MARCO, F., FOULIS, A., GORNULL, W., MAZZOLA, F. ve YU, T. (2024). “Customer Data Access and Fintech Entry: Early Evidence from Open Banking”, Journal of Financial Economics, 169.
• BELELIEU, A., PROPSON, D. ve PARKER, D. (2025). Artificial Intelligence in Financial Services, White Paper, World Economic Forum.
• BILGEL, D. ve AKSOY, B. (2019). “Finansal Teknoloji Şirketleri ve Geleceğin Bankacılığı: Açık Bankacılık”, European Journal of Science and Technology, 17: 1097–1105.
• BRYNJOLFSSON, E. ve MITCHELL, T. (2017). “What can machine learning do? Workforce implications”, JSTOR Journals, 358(6370).
• CASOLARO, A. M. B., RAUBER, G. N. ve DE LIMA, U. S. M. (2025). “Open banking: a systematic literature review”, Journal of Banking Regulation, 26: 340–355.
• CHUI, M., HAZAN, E., ROBERTS, R., SINGLA, A., SMAJE, K., SUKHAREVSKY, A., YEE, L. ve ZEMMEL, R. (2023). The Economic Potential of Generative AI: The Next Productivity Frontier, McKinsey Global Institute.
• DELOITTE. (2024). The Role of Artificial Intelligence in Credit Risk Management.
• DICK, S. (2019). “Artificial intelligence”, Harvard Data Science Review, 1.1.
• DICKSON, B. (2017). “What Is Machine Learning?”, https://bdtechtalks.com.
• EU (European Union). (2024). Regulation (EU) 2024/1689 … Artificial Intelligence Act.
• Erişim: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:L_202401689
• FARES, O. H., BUTT, I. ve LEE, S. H. M. (2023). “Utilization of artificial intelligence in the banking sector: a systematic literature review”, Journal of Finance Service, 835–852.
• FILLMANN, A. (2025). “The EU AI Act and Respective Regulation of Financial Services”.
• FOSSO WAMBA, S., AKTER, S., EDWARDS, A., CHOPIN, G. ve GNANZOU, D. (2015). “How ‘big data’ can make big impact: Findings from a systematic review and a longitudinal case study”, International Journal of Production Economics.
• FUTURE OF LIFE INSTITUTE. (t.y.). High-level Summary of the AI Act.
• GHANDOUR, A. (2021). “Opportunities and Challenges of Artificial Intelligence in Banking: Systematic Literature Review”, TEM Journal, 10(4): 1581–1587.
• GOERTZEL, B. (t.y.). “From narrow AI to AGI via narrow AGI?”, Medium.
• GOUNARI, M., STERGIOPOULOS, G., PIPYROS, K., GRITZALIS, D. (2024). “Harmonizing Open Banking in the EU: PSD2 Compliance & Cybersecurity”, International Cybersecurity Law Review, 5: 79–120.
• GROBELNIK, M., PERSET, K. ve RUSSELL, S. (t.y.). “What is AI? Can You Make a Clear Distinction Between AI and Non- AI Systems?”, OECD.AI.
• HAENLEIN, M. ve KAPLAN, A. (2019). “A Brief History of Artificial Intelligence…”, California Management Review.
• HAYDER, W. A. (2025). “Highlighting DeepSeek-R1: Architecture, Features and Future Implications”, International Journal of Computer Science and Mobile Computing, 14(2).
• IBM INSTITUTE FOR BUSINESS VALUE. (2023). AI-Powered Risk Analytics in Financial Services.
• KIM, S. D., ANDREEVA, G. ve ROVATSOS, M. (2025). “The Double-Edged Sword of Big Data… Open Banking”, arXiv.
• KOK, J. N., BOERS, E. J., KOSTERS, W. A., VAN DER PUTTEN, P. ve POEL, M. (2009). “Artificial intelligence: definition, trends, techniques, and cases”, Artificial Intelligence, 1: 270–299.
• LEITNER, G., SINGH, J., VAN DER KRAAIJ, A. ve ZSÁMBOKI, B. (t.y.). “The Rise of Artificial Intelligence: Benefits and Risks for Financial Stability”.
• MCCARTHY, J. (2024). “What is Artificial Intelligence?”, Computer Science Department, Stanford University.
• MCKINSEY & COMPANY. (2023). “Building a World-class Mobile-banking App”. https://www.mckinsey.com
• MCKINSEY & COMPANY. (2024). Global Banking Annual Review 2024.
• MICHAEL, R. (2025). “General Data Protection Regulation (GDPR)”, Salem Press Encyclopedia.
• MIHRET, E. T. (2020). “Robotics and artificial intelligence”, International Journal of Artificial Intelligence and Machine Learning.
• OECD. (2019). Artificial Intelligence in Society. OECD Publishing, Paris.
• OECD. (2023). “Recommendation of the Council on OECD Legal Instruments Artificial Intelligence”.
• OZILI, P. K. (2021). “Big data and artificial intelligence for financial inclusion: benefits and issues”, in Artificial Intelligence, Fintech, and Financial Inclusion, CRC Press.
• SARI, S. (2024). “Bankacılıkta YZ Uygulamaları”, Journal of Emerging Economies and Policy, 9: 246–263.
• SHARMIN, S., PRABHA, M., JOHORA, F. T., MOHAMMAD, N., HOSSAIN, M. A. (2024). “Open Banking and Information Service…”, Journal of Business and Management, 12: 3743–3758.
• SPECTOR, J. M. (2025). “Artificial Intelligence: Expert Systems”, Salem Press Encyclopedia of Science.
• SWIETLA, K. (2019). “Protection of personal data… GDPR”, Financial Sciences. Nauki o Finansach, 24(3).
• WEBER, P., HINZ, O. ve CARL, K. V. (t.y.). “Applications of Explainable Artificial Intelligence in Finance”, Management Review Quarterly.