Comparison Overview

VakıfBank

VS

Yapı Kredi

VakıfBank

İstanbul, 34415, TR
Last Update: 2026-04-02
View Profile
Between 750 and 799
http://www.vakifbank.com.tr

1954 yılında, vakıf kaynaklarını ekonomik kalkınmanın gereksinimleri doğrultusunda en iyi biçimde değerlendirmek amacıyla kurulan VakıfBank, o günden bu yana çağdaş bankacılık yöntemleri ve uygulamalarıyla Türkiye’nin tasarruf düzeyinin gelişim sürecine katkıda bulunmaktadır. VakıfBank; bölgesinin en iyi, en çok tercih edilen ve değer yaratan bankası olma vizyonu doğrultusunda, vakıf kültüründen aldığı güçle, kendisine emanet edilen varlık ve değerleri etkin ve verimli yöneterek müşteriler, çalışanlar, hissedarlar ve topluma kattığı değerleri sürekli artırma misyonuyla hareket etmektedir. Kurumsal, ticari ve küçük işletme bankacılığının yanı sıra bireysel ve özel bankacılık alanlarında da çağdaş bankacılık ürün ve hizmetleri sunan VakıfBank, özellikle bir alanda değil, tüm finansal alanlarda uzmanlaşmış, Türkiye’nin önde gelen bankalarından biridir. Temel bankacılık ürün ve hizmetlerine ek olarak yatırım bankacılığı ve sermaye piyasası faaliyetlerinde de bulunan VakıfBank, iç ve dış ticaretin finansmanında öncü bir rol üstlenmektedir. Ayrıca, finansal iştirakleri aracılığıyla sigortacılıktan finansal kiralama ve factoring hizmetlerine kadar geniş bir yelpazede yer alan finansal ürünleri çağın gerektirdiği yüksek teknolojilerle müşterilerine sunmaktadır. VakıfBank’ın ABD New York, Kuzey Irak Erbil, Katar Doha şubelerinin yanı sıra Bahreyn’de kıyı bankacılığı şubesi bulunmaktadır. Ayrıca, Avusturya’da VakıfBank International AG (Viyana Şubesi ve Almanya’da Köln Şubesi), KKTC’de Tasfiye Halinde World Vakıf UBB. Ltd. ve Kıbrıs Vakıflar Bank. Ltd. olmak üzere yurt dışında üç bankada da iştiraki bulunmaktadır. VakıfBank’ın diğer iştirakleri arasında; Vakıf Faktoring A.Ş., Vakıf Finansal Kiralama A.Ş., Vakıf Gayrimenkul Yatırım Ortaklığı A.Ş., Vakıf Menkul Kıymet Yat. Ort. A.Ş., Vakıf Yatırım Menkul Değerler A.Ş. Vakıf Pazarlama San. ve Ticaret A.Ş., Taksim Otelcilik A.Ş., Vakıf Enerji ve Madencilik A.Ş., Vakıf Gayrimenkul Değerleme A.Ş. bulunmaktadır.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 11,668
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Yapı Kredi

Levent, İstanbul, 34740, TR
Last Update: 2026-03-27
Between 750 and 799
http://www.yapikredi.com.tr

Yapı Kredi has been sustainably strengthening its market positioning in the sector since its establishment in 1944 through a customer-centric approach and focus on innovation. Yapı Kredi is the 3rd largest private bank in Turkey with total assets worth TL 411 billion as of the end of 2019. Constantly seeking to increase its contribution to the financing of the Turkish economy with its customer-centric approach, Yapı Kredi enlarged the volume of its total cash and non-cash loans by 4% in 2019 to TL 319 billion. Thus, Yapı Kredi maintained its position in 2nd place among private banks in this respect. The Bank serves its customers with its 846 branches covering all regions of Turkey and 16,631 employees. Yapı Kredi delivers its products and services via its advanced Alternative Delivery Channels (ADCs) that comprise 4,330 ATMs, innovative internet banking, leading mobile banking, 3 call centers and approximately 709 thousand POS terminals. 94% of the Bank’s transactions went through non-branch channels as at year-end 2019. Yapı Kredi is a fully integrated financial services group supported by its domestic and international subsidiaries. Yapı Kredi serves its customers through retail banking (comprising of individual banking, Small and Medium Size Enterprises (SME) banking and card payment systems, private banking and wealth management), as well as corporate and commercial banking. The Bank’s operations are supported by domestic subsidiaries in asset management, brokerage, leasing and factoring as well as international banking subsidiaries in the Netherlands, Malta and Azerbaijan. Yapı Kredi has a strong shareholding structure which ensures sustainable and profitable growth. 40.95% of the Bank’s shares are owned by Koç Financial Services, 9.02% of the shares are owned by Koç Holding A.Ş. The total direct and indirect shares of Koç Group amount to 49.99%. 20.00% of Bank’s shares are owned by UniCredit S.P.A. The remaining 30.03% is publicly traded on Borsa Istanbul

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 16,217
Subsidiaries: 53
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/vakifbank.jpeg
VakıfBank
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/yapikredi.jpeg
Yapı Kredi
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
VakıfBank
100%
Compliance Rate
0/4 Standards Verified
Yapı Kredi
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

No incidents recorded for VakıfBank in 2026.

Incidents vs Banking Industry Average (This Year)

No incidents recorded for Yapı Kredi in 2026.

Incident History — VakıfBank (X = Date, Y = Severity)

VakıfBank cyber incidents detection timeline including parent company and subsidiaries

Incident History — Yapı Kredi (X = Date, Y = Severity)

Yapı Kredi cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/vakifbank.jpeg
VakıfBank
Incidents

No Incident

https://images.rankiteo.com/companyimages/yapikredi.jpeg
Yapı Kredi
Incidents

No Incident

FAQ

Yapı Kredi company demonstrates a stronger AI Cybersecurity Score compared to VakıfBank company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Yapı Kredi company has disclosed a higher number of cyber incidents compared to VakıfBank company.

In the current year, Yapı Kredi company and VakıfBank company have not reported any cyber incidents.

Neither Yapı Kredi company nor VakıfBank company has reported experiencing a ransomware attack publicly.

Neither Yapı Kredi company nor VakıfBank company has reported experiencing a data breach publicly.

Neither Yapı Kredi company nor VakıfBank company has reported experiencing targeted cyberattacks publicly.

Neither VakıfBank company nor Yapı Kredi company has reported experiencing or disclosing vulnerabilities publicly.

Neither VakıfBank nor Yapı Kredi holds any compliance certifications.

Neither company holds any compliance certifications.

Yapı Kredi company has more subsidiaries worldwide compared to VakıfBank company.

Yapı Kredi company employs more people globally than VakıfBank company, reflecting its scale as a Banking.

Neither VakıfBank nor Yapı Kredi holds SOC 2 Type 1 certification.

Neither VakıfBank nor Yapı Kredi holds SOC 2 Type 2 certification.

Neither VakıfBank nor Yapı Kredi holds ISO 27001 certification.

Neither VakıfBank nor Yapı Kredi holds PCI DSS certification.

Neither VakıfBank nor Yapı Kredi holds HIPAA certification.

Neither VakıfBank nor Yapı Kredi holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published
Date
2026-04-01
Updated
Date
2026-04-01
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References