The Work From Anywhere Compliance Framework

Your CEO Has An Idea

A competitor has just announced a Work From Anywhere policy.

Your CEO comes knocking on your door and says “We’re going to do our own Work From Anywhere geo mobility policy. Have a draft ready for me by Monday and let’s announce it in the next few weeks.”

This is the stuff of nightmares for many global mobility leaders.

They know there are risks in going too fast, such as out of control compliance risks. But there are also risks in going too slow, such as losing some of your best talent.

So how can you eloquently capture the key risks and opportunities of implementing a Work From Anywhere policy?

Who This Is NOT For

Well the first step, before you even consider implementing a Work From Anywhere policy, is to reflect on whether Work From Anywhere is possible for you and your company.

Many companies have fixed locations, such as manufacturing facilities, or are highly regulated, such as financial institutions. In the case of financial institutions, they are in many cases strictly prevented from performing regulated functions outside specific territories.

So Work From Anywhere, at least internationally, is unlikely to be a “burning platform” issue for these kinds of companies.

Who This Most Definitely Is For

However, if you have a highly mobile workforce, and are in a global battle for talent, then Work From Anywhere is quite clearly going to be top of the agenda, not just for your CEO, but for the Board of Directors.

This is especially true if you have seen recent announcements from direct or indirect competitors around Work From Anywhere policies.  

It doesn’t matter whether the substance of those policies is weak.  

What matters is that they have announced it.  

So it’s your moment to step into the spotlight and implement a policy which will have far-reaching consequences for both you and your organization.

But before we talk about a policy, let’s talk about the key risks and opportunities.

Personal Income Tax & Social Security

The personal income tax risks around Work From Anywhere are well documented.  What is sometimes misunderstood is the “183 day” myth.  Some people incorrectly assume that if they spend less than 183 days in a country that they don’t have a tax residency risk, but this is completely incorrect.  

In some countries, you can become a tax resident in a fraction of this amount of days, triggering considerable double taxation risks (especially if there is no double taxation agreement in place between the home and destination country).  If you become a tax resident in a country with a global wealth tax then the risks are amplified many times over.

Social security is another element here that is often forgotten about. It is also the element that can sometimes vary the most between countries, especially the employer portion of social security (take a look at Denmark versus France, to name but two examples).

Either way, getting the personal income tax and social security risks wrong can have massive consequences for both the employer and employee in terms of taxation risks and potential tax penalties.  

So how do you tackle these risks? Well fear not, you can use our tax risk assessment tool to quickly identify whether a planned trip is likely to have significant tax implications.

Corporate Tax & Permanent Establishment

Corporation tax is another very tricky risk, but is potentially the biggest risk if you get it wrong.  

Take one example.  Let’s say you’re a senior Director of a division within a company, and you decide to live in your summer home in France 7 months a year.  Maybe you decide to allow a number of the senior sales executives to also base themselves in France for that period.  Depending on the circumstances, there is a possibility that you might trigger a Permanent Establishment risk for that business unit and/or for the parent company.

If that was the case, then there is a possibility of your company incurring considerably higher corporation tax bills in France, which could run into the millions of Euros if you are a large, growing company.

This is not a black and white issue and the individual circumstances will vary, furthermore some countries are more aggressive than others when it comes to monitoring Permanent Establishment risk, but it is simply not an option to ignore this when considering a Work From Anywhere policy.

If you’re interested in learning more about PE risks, check out our other dedicated Permanent Establishment article here.

You can also find some valuable information about the different way to hire or work from anywhere here including the various risks to look out for.

Immigration & Employment Law

Immigration and employment law are two separate but equally important risks when considering Work From Anywhere.

Immigration is an obvious one.  The days of turning a blind eye while your employee travels illegally on a leisure travel visa are gone.  It’s a little bit like driving on a motorway and doing 150km/hr in a 120km/hr zone.  Sooner or later you’re going to get caught, except it could well be the employer who ends up paying the fine.  If the employer is found to have breached local immigration laws this could at worst result in civil and criminal liability, and could also damage the immigration possibilities for other employees who wish to work in that country.  This also links back to tax in that many countries have a tightly integrated tax and immigration regulatory architecture, especially those with digital visa databases, so ignoring one might lead to negative consequences in both.

Employment law is another significant risk.  

Take one common myth around employment law…that an easy solution for countries where you do not have a legal entity present, is to employ an individual as a contractor.  However this raises the likelihood of contractor misclassification, whereby an individual who is in substance an employee is hired legally as a contractor, so is in effect misclassified.  This misclassification can lead to significant back-dated employer tax and social security liabilities as well as fines.  

Another employment law risk is local employment law entitlements.  Take our friend above who is living in France.  If they continue to live a large part of the year in France over a period of time, then they may become entitled to French redundancy entitlements, which can differ significantly from other countries.  

Certain countries, such as Ireland, have implemented remote work laws, so these need to also be taken into account, as well as the local employment law regulations, when implementing a Work From Anywhere policy.

A short article like this is insufficient to do justice to the employment law risks, but hopefully the above gives you a taste of some of the higher impact employment law risks.

Insurance & Duty Of Care

What happens if one of your remote working employees becomes unsafe or unwell when working abroad? How do you handle this with your geomobility policy?

To address this, let’s first start with Duty of Care.  To refresh your memory, Duty of Care is defined as the moral and legal obligations of employers to their employees, contractors and related family members in maintaining their well-being, security and safety when working on international assignments.

What is perhaps underappreciated is how the Duty of Care risks are magnified in a Work From Anywhere situation.

An obvious reason why is because remote workers are abroad for a longer period of time than a typical business traveller.  Furthermore, the nature of their work, often outside typical office locations, also causes Duty of Care risks to be elevated (e.g. think workplace ergonomics and health and safety).

One challenge when it comes to Duty of Care is that the risks need to be balanced with the privacy of the individuals and local laws and regulations.  Therefore it is critical to embed data collection within your Work From Anywhere policy, so that if your employees are in danger (e.g. in a high risk country) or are triggering risks for the company (e.g. tax residency risks), you are in a position to be informed.  

Data collection can take the form of linking in with your T&E (Travel and Expense) policy, to track the travelling patterns of your employees, or it might be having warning triggers based on VPN sign-ins to your company network (e.g. if someone signs in from a new country there is a warning trigger sent to global mobility).  

However, doing this must be done in a balanced and well thought out manner which above all respects local laws and regulations (e.g. GDPR and anonymised data collection).

Insurance is also linked to these Duty of Care risks.  Typical travel insurance policies don’t cover remote workers, which is why remote worker insurance policies have started to emerge.  SafetyWing and Insured Nomads are just two example of these kind of innovative insurance policies emerging.

Therefore it is critical to incorporate insurance and Duty of Care risks into your Work From Anywhere policy.

Talent Management & Benefits

Steve Cadigan talks about the great talent migration that we are experiencing, something also referred to as the “Great Resignation”.  This was underlined by the Monster report which discussed how 95% of employees are considering quitting their jobs. To take this further, Work From Anywhere, together with the “Great Resignation” might well lead to a great geographical talent migration.

However you see this, what cannot be ignored is that you cannot ignore Work From Anywhere…especially if your competitors are announcing Work From Anywhere policies. Otherwise you’ll end up losing your best talent.

But how do you put a value on Work From Anywhere? 

Maybe start with surveying your employees.  Look at the recent survey which showed that most employees in top tech companies in the US would give up $30,000 to continue to work from home.  This put a number on the value of work from home.  So then why not do a similar survey to gauge the value of Work From Anywhere to your employees?  You could simply start with a shortlist of countries you’re considering offering and then ask your employees what would the value of being able to remote work abroad in those countries be?  The findings may surprise you.

From a financial perspective, it’s also critically important to assess what the value is, in terms of performance, of your high performing employees.  The Netflix company culture tackles this brilliantly, where it outlines how in procedural work, the top performers are 2x better than average, however in creative/inventive work, they’re 10x better than average. 

Furthermore, when you do employer branding surveys, how high up does Work From Anywhere stack up from a brand differentiation standpoint? If it appears very high, this might well be the difference between a top performer accepting that letter of offer or rejecting it.

Lastly, one important element to consider when designing Work From Anywhere geo-mobility policies is to avoid cultural bias.  To give one concrete example, many people make the incorrect assumption that Work From Anywhere is primarily a key benefit for employees from North America and Western Europe who want to go to a beach in Thailand.  However, you might be surprised to find that it is actually much more valuable to employees from collectivistic cultures, such as an Indian expat in the USA or a Polish expat working in the UK, both of whom may want to spend a few months at home close to their families.

Another aspect we don’t have space to delve into is the decision-making around localizing salaries as well as dealing with diversity and inclusion, but these are also critical topics to consider when building a Work From Anywhere policy.

Data, Privacy & Security

Imagine you get the dreaded phone call to say a remote worker who is working abroad in Thailand has just had their wifi compromised which led to a major security breach in your core network.  

Or take an even more straightforward example.  Your remote worker has their laptop stolen.  

How do you address this in your Work From Anywhere policy?

With the evolution of GDPR and other data privacy regulations, having a strong understanding of the data, privacy and security risks for your remote workers is non-negotiable.

You might find it helpful to look at the NCSI Index which gives a high level cyber-security risk by country.

Practical Steps In Implementing A Work From Anywhere Policy

  • It’s critical to take a cross-functional approach when implementing a Work From Anywhere policy.  No single function can solve Work From Anywhere, so use your negotiation skills and influence to bring other functions to the table when trying to implement a Work From Anywhere policy.
  • It is also critical to take a holistic approach to Work From Anywhere policies.  The risks mentioned above cover many of the main risks, but they are not exhaustive, and there may be others which have not been mentioned.  Above all, make sure to get proper professional advice from the experts when designing your Work From Anywhere policy.
  • Work From Anywhere does not need to be a free-wheeling policy where you allow anybody to literally work anywhere.  That would lead to an unmanageable mess of out of control compliance costs and risks.  But you can pick your battles.
    • Start with the countries you currently have legal entities in. These are countries where you already have the local payroll tax knowledge, which is a solid basis to start from. 
    • Recognize you probably already do have elements of Work From Anywhere in place.  Pre-Covid, you probably offered long-term expat assignments?  If so, now is probably the time to bring that under the hood of a Work From Anywhere policy, just like Blueground did.
    • Also understand that you have a meaningful number of countries who are implementing digital nomad visas. In some cases, certain digital nomad visas allow you to continue to deduct payroll taxes in your home country (rather than the destination country). So these might well be very practical solutions to be able to offer a number of countries within a Work From Anywhere policy.
    • What if you have a huge number of requests to work from a beach in Thailand or Portugal, to name but two examples? Well if you find there are two or three countries where you have no legal entity, it may be worth looking into establishing branches or legal entities in these countries.  In these cases, you could look into facilitating short-term assignments (or potentially even longer-term assignments).
    • Above all, it is extremely important to implement a traffic light approach to the risk assessment, for example:
      • Someone who is junior in a non-sales role going from Ireland to the UK for less than 14 days.  Well this is clearly going to be green.
      • However someone in a senior sales role from Germany going for 190 days remote working in the US, this is obviously going to be a flashing red light.

Leverage Compliance Technology to Remove Approval Bottlenecks

Navigate the global compliance risks of work and hire from anywhere

Okay, clearly we may be a little biased, but we hear countless stories from global mobility professionals that are under resourced and drowning in the workload to independently trying to manage a flood of remote work requests coming from across the business. It can take days, if not weeks, reaching out to their internal tax, legal and HR departments to confirm whether there are any red flag compliance risks triggered by the request. Add external consultant requests into the mix and the time and budget quickly blows out.

Technology can do much of this compliance heavy lifting, helping to assess the key tax, immigration and legal risks and some technology (like ours) even show you the solutions to manage those compliance risks. This has the potential to save you weeks of workload and thousands in external consultancy fees with the added benefit of reducing the chance of burnout in a thinly stretched team.

To help you, we have written this article on on the options available when it comes to remote work compliance technology as well as this article on the pros and cons of Employers of Record.  You can also take our platform for a free 7 day trial here which will allow you to see for yourself how we help you to identify the right operating model for all your work and hire from anywhere requests.


Getting Work From Anywhere right is not an optional extra, it is an absolute necessity. 

Hopefully the points mentioned above might inspire you when designing your Work From Anywhere policy.  

There are many points which we have not mentioned above, such as the importance of kid’s education to remote working parents, as well as the challenges around diversity and inclusion, but hopefully this guide will point you in the right direction.

If you are looking to build a Work From Anywhere strategy, then feel free to reach out to us and we’d be happy to discuss how our technology can help you accelerate your transition to a fully distributed global workforce.

Share this article

John Lee Co-founder Work From Anywhere

John Lee

John is Co-founder of the Work From Anywhere team, a platform to help companies execute a hire or work from anywhere strategy.  John is a Chartered Accountant who speaks 6 languages and was previously the senior finance leader of a €4 billion division of FTSE-listed CRH Plc.  John and his family are passionate about travelling and his eldest daughter, Rosa, while only 5 years old has already travelled to 25 different countries.

Work From Anywhere Logo