As GDPR launches today, Brent Crider illustrates the requirements for the regulation and how it impacts organizations processing cross-border payments. Vendors managing payroll or freelancer payouts enterprises must be extra vigilant about GDPR compliance, as they store a wealth of personally identifiable information that accompanies such payment types.

On May 25, the EU’s General Data Protection Regulation (GDPR) will radically alter the cross-border payments landscape. The mandate has vast and sweeping compliance implications affecting how global financial institutions process and move data across borders, including data attached to capital transactions. The scale of this impact is compounded further by directives to give consumers more power and control over how their information is stored and protected at organizations.

Cross-border payment providers that help companies manage international transactions must adapt their service to these jurisdictional changes around data security, both for themselves and as a watchdog for their clients. GDPR requires thorough reviews of providers’ data protection management systems and clients’ territorial scope, not to mention the rollout of new privacy policies and the appointment of a Data Protection Officer.

What are the requirements of GDPR?

GDPR’s application to European citizens’ personal data, regardless of which jurisdiction the company operates in (e.g. in the US), demands extensive research into how effective compliance is maintained when transacting between different territories.

Under the regulation, consumers must provide explicit consent for companies to hold, process, and retain their personal information. This includes, but is not limited to, protection from unauthorized or unlawful processing, accidental loss, or damage. GDPR’s provisions also introduce the concept of ‘data transferability,’ which gives clients the right to receive their personal data on-request.

Vendors that manage payroll or freelancer payouts for their enterprise clients must be particularly vigilant about GDPR compliance, given the wealth of personally identifiable information that accompanies these types of payment. Human resources and payments professionals who process employee salaries manage sensitive details, including Social Security numbers, bank account numbers, addresses, phone numbers, and other tax information.

Not only do cross-border payment service providers need to familiarize themselves with the nuances of GDPR for their clients’ protection, they must evaluate their own compliance capabilities as well. Under the new directive controllers and processors are both learning that they are not exempt from GDPR enforcement. What remains up for debate, however, is the correct preparation process for this unprecedented regulatory change.

Article Categories:
Related articles
In The News

Enterprise League: 11 Reliable B2B Payment Solutions for Small Businesses

Did you know that in 2020 checks are still one of the most used B2B payment solutions? Yep, those papery things are still around and thriving. Actually, in the USA almost...

In The News

Mastercard Further Extends Payment Network with Acquisition of Transfast

The acquisition will enable partner banks to service consumers, businesses, governments and merchants effectively and efficiently, allowing them to send and receive money...

Transpay Newsroom

Introducing the New Your Business Destination for Global Payouts

We’re pleased to announce the launch of our revamped and enhanced website, offering a new experience for businesses sending payouts worldwide. We have redesigned the site...

In The News

Hubstaff: How to Pay Independent Contractors & Remote Employees

Editor's Note: This article was originally published on April 16, 2019, on the blog of, a company that provides staff monitoring through time-tracking...