As GDPR launches today, Brent Crider illustrates the requirements for the regulation and how it impacts organizations processing cross-border payments. Vendors managing payroll or freelancer payouts enterprises must be extra vigilant about GDPR compliance, as they store a wealth of personally identifiable information that accompanies such payment types.

On May 25, the EU’s General Data Protection Regulation (GDPR) will radically alter the cross-border payments landscape. The mandate has vast and sweeping compliance implications affecting how global financial institutions process and move data across borders, including data attached to capital transactions. The scale of this impact is compounded further by directives to give consumers more power and control over how their information is stored and protected at organizations.

Cross-border payment providers that help companies manage international transactions must adapt their service to these jurisdictional changes around data security, both for themselves and as a watchdog for their clients. GDPR requires thorough reviews of providers’ data protection management systems and clients’ territorial scope, not to mention the rollout of new privacy policies and the appointment of a Data Protection Officer.

What are the requirements of GDPR?

GDPR’s application to European citizens’ personal data, regardless of which jurisdiction the company operates in (e.g. in the US), demands extensive research into how effective compliance is maintained when transacting between different territories.

Under the regulation, consumers must provide explicit consent for companies to hold, process, and retain their personal information. This includes, but is not limited to, protection from unauthorized or unlawful processing, accidental loss, or damage. GDPR’s provisions also introduce the concept of ‘data transferability,’ which gives clients the right to receive their personal data on-request.

Vendors that manage payroll or freelancer payouts for their enterprise clients must be particularly vigilant about GDPR compliance, given the wealth of personally identifiable information that accompanies these types of payment. Human resources and payments professionals who process employee salaries manage sensitive details, including Social Security numbers, bank account numbers, addresses, phone numbers, and other tax information.

Not only do cross-border payment service providers need to familiarize themselves with the nuances of GDPR for their clients’ protection, they must evaluate their own compliance capabilities as well. Under the new directive controllers and processors are both learning that they are not exempt from GDPR enforcement. What remains up for debate, however, is the correct preparation process for this unprecedented regulatory change.

Article Categories:
Related articles
Press Releases

Mastercard Advances Cross-Border Capabilities with Acquisition of Transfast

We are pleased to announce that Mastercard is acquiring Transfast, parent company of Transpay.

Proven P2P and B2B Network to Accelerate Scale and Growth
In The News

Fundera: The 8 Best Payment Solutions for Your Business

In The News

The Paypers: Payment Solution Providers' Ecosystem Explained and Global Mapping of Key Players

The Paypers presents a completely updated mapping of the solution providers in the payments space and the salient differences that currently exist between them

In The News

PaymentsSource: The Massive Market for Cross-Border P2P

The market for cross-border person-to-person (P2P) remittances is massive. It experienced double-digit growth in 2018 as consumers migrated from one country to another in...

Subscribe to the latest updates on Newsroom.

Pay by API

Automate Local Bank Transfers Worldwide

Learn More
Pay by Web

Send Local Bank Transfers Online

Learn More
Get Paid

Receive Local Bank Transfers from Your US-Based Clients

Learn More