Global Device Offboarding Is Where the Money Quietly Disappears
Global device offboarding sounds like a process problem. It is really a money problem. The average business laptop is worth between £900 and £1,200. Multiply that by the number of employees your company has offboarded across Lagos, Singapore, Warsaw, and a dozen other cities in the past year. Now ask yourself: how many of those devices actually made it back?
At Rayda, we help companies manage devices across 170+ countries, and the pattern we see is consistent. Companies have tight offboarding checklists for HQ. The moment a device needs to come back from another country, the process falls apart. Assets get written off. Data stays on unwiped drives. And nobody really wants to talk about it because it has quietly become a cost of doing business.
It does not have to be.
Why Global Device Offboarding Breaks at the Border
The core issue with global device offboarding is that most IT asset management processes are designed for a central office, not a distributed workforce. Once an employee is in a different country, the standard playbook, prepaid shipping labels, IT drop-off points, courier collection, stops working reliably.
Most IT teams have a clear offboarding process for the people sitting in the same building as them. Revoke access, collect the laptop, wipe it, move on. Clean and simple.
But that same team has almost no infrastructure for the employee who worked from Warsaw for two years and is now leaving the company. Or the contractor in Lagos who had a company MacBook for six months. Or the regional manager in Singapore who is moving to a competitor and, technically, still has your device.
According to research from Gartner, enterprises lose track of up to 20% of their IT assets during the average device lifecycle. At scale, that is not a rounding error. For a company with 1,000 employees spread across 15 countries, that could represent £180,000 to £240,000 in unrecovered hardware sitting in apartments your IT team has never visited.
The problem is not that people are stealing laptops. Most of the time, the device is just sitting in a spare room waiting for someone to tell them what to do with it. The process never arrived.
The Real Cost: What Unrecovered Devices Actually Represent
An unrecovered device is not just a lost asset. It is a combination of three separate liabilities that most finance and IT teams only count as one.
Hardware value. A mid-range business laptop depreciates, but it does not depreciate to zero quickly. A two-year-old MacBook Pro or ThinkPad still holds significant resale or redeploy value. Writing it off rather than recovering it means you are buying a replacement instead of reissuing an existing one.
Replacement cost. When a new hire joins in Singapore, they need a device. If the one your previous Singapore employee still has had been recovered and redeployed, that new device purchase is unnecessary. At £1,000 per unit, unnecessary purchases add up fast.
Data risk value. This one is harder to price but easier to regret. An unwiped device contains emails, documents, system credentials, and potentially customer data. Once it is out of your physical control, you have no way to guarantee what happens to it.
A 2023 report from IBM found that the average cost of a data breach globally is $4.45 million. Not every unwiped laptop leads to a breach. But every unwiped laptop is a door that is not fully closed.
Why Warsaw and Lagos Are Not the Same Problem as London
Geography shapes the difficulty of international IT asset recovery in ways that pure logistics thinking misses.
In London, Paris, or New York, there is a reasonably reliable infrastructure for courier pickup, IT drop-off, or company-arranged collection. The challenges are mostly procedural. Someone needs to schedule it, the employee needs to be home, the packaging needs to be right.
In Warsaw, Lagos, or Ho Chi Minh City, the challenges are structural. Courier networks that work reliably in Western Europe do not always operate with the same coverage or dependability in West Africa or Southeast Asia. Customs regulations can hold a cross-border shipment for weeks. Prepaid international labels, if they work at all, often come with restrictions, surprise fees, or just never get used.
This is why the standard "mail it back" approach produces a write-off rate that climbs sharply in emerging markets. It is not that employees in those cities are less cooperative. It is that the system asks them to do something that is genuinely difficult and then acts surprised when it does not happen.
Local pickup, using teams or partners who are already in those cities, changes the dynamic entirely. A pickup scheduled for Tuesday at 10am is dramatically more likely to happen than a prepaid label that requires the employee to find a DHL location, package the device correctly, and navigate customs paperwork on their way out.
The Compliance Risk Nobody Is Tracking Closely Enough
This is where global device offboarding moves from an operational headache to a legal exposure.
GDPR applies to any data relating to EU residents, regardless of where the company is headquartered. An unrecovered, unwiped device in Germany or Poland that contains employee records, customer communications, or any personal data is not just a lost laptop. It is a potential GDPR violation. Article 5 of the GDPR requires that personal data be processed securely, and Article 32 requires appropriate technical measures to protect it.
A device sitting in a former employee's apartment with no remote wipe confirmation does not meet that standard.
Poland, Germany, and the Netherlands all have active data protection authorities. The UK ICO has issued fines for data breaches that stemmed from inadequate device management. These are not hypothetical risks.
| Country | Data Protection Authority | Relevant Regulation | Max Fine |
|---|---|---|---|
| Germany | BfDI | GDPR | €20 million or 4% of global turnover |
| Poland | UODO | GDPR | €20 million or 4% of global turnover |
| Singapore | PDPC | PDPA | SGD $1 million |
| Nigeria | NITDA | NDPR | 2% of annual gross revenue |
| United Kingdom | ICO | UK GDPR | £17.5 million or 4% of global turnover |
Beyond GDPR, data residency rules in countries like Nigeria (under the NDPR) and Singapore (under the PDPA) mean that certain data cannot leave the country at all. That adds complexity to device recovery, because simply shipping a device back to HQ might itself create a compliance issue if proper data handling procedures are not followed first.
The compliant approach is to wipe the device locally before it moves. Which means your recovery process needs to include local data destruction capability, not just logistics.
What a Working Global Device Offboarding Process Actually Looks Like
A functional international IT asset recovery process has three things that most improvised processes lack.
Local presence, not just local coverage. There is a difference between a logistics company that technically operates in 50 countries and a team that has real relationships and operational capacity in those cities. The former gets you a quote. The latter gets you a pickup date that is actually kept.
A defined retrieval trigger. Most offboarding breakdowns happen because nobody owns the device retrieval step. HR closes out the offboarding checklist. IT revokes access. Nobody books the collection. A working process ties the retrieval trigger to the offboarding event automatically, not as a follow-up task that gets deprioritized.
Wipe confirmation before redeploy or dispose. Retrieval without certified wipe is half a process. A device that comes back but has not been professionally wiped cannot be redeployed or resold responsibly. The wipe, and the certificate that proves it happened, is part of the asset's chain of custody.
Companies that get this right treat device offboarding the same way they treat payroll offboarding. It happens on a defined timeline, it has a clear owner, and it does not depend on the cooperation of the departing employee being above average.
Frequently Asked Questions
What is global device offboarding?
Global device offboarding is the process of collecting, wiping, and either redeploying or disposing of company-owned IT equipment when an employee leaves, across multiple countries. It covers laptops, phones, peripherals, and any other hardware that was issued to the employee.
Why is international IT asset recovery harder in countries like Nigeria or Vietnam?
Local courier infrastructure, customs regulations, and the absence of drop-off networks make standard "mail it back" approaches unreliable in many markets. Cross-border shipments can be held for weeks, and prepaid labels often go unused. Local pickup by an in-country team or partner is significantly more effective.
Does an unrecovered laptop in Europe create a GDPR risk?
Yes. If the device contains personal data relating to EU residents and has not been securely wiped, it may constitute a failure to meet GDPR Article 32 requirements around appropriate technical security measures. Data protection authorities in Germany, Poland, and other EU countries have issued fines for inadequate device management.
How long does a company typically have to recover a device after an employee leaves?
There is no universal rule, but most IT asset management policies specify 30 days. After that point, recovery rates drop sharply and the cost of recovery often approaches the value of the asset. Acting quickly, ideally within the first two weeks, produces the best results.
What happens to the data on a recovered device?
A professional device recovery process includes certified data wiping using standards like NIST 800-88 or Blancco. The company receives a wipe certificate as proof of destruction, which supports GDPR compliance and allows the device to be safely redeployed or resold.
Can devices be redeployed to new employees in the same country after recovery?
Yes, and this is often the most cost-effective outcome. A recovered and wiped device in Singapore can be issued to a new hire in Singapore, eliminating the procurement cost of a replacement unit. This is one of the clearest ROI arguments for investing in a structured retrieval process.
If you are managing distributed teams across multiple countries and device offboarding is currently a mix of ad hoc emails and write-offs, Rayda handles procurement, deployment, retrieval, and certified wiping across 50+ countries. Book a discovery call to talk through how it works for your specific footprint.
