With a lack of true guidance from the European Commission and/or the EPDB in how to make the assessment required to ensure art 46 is effective in practise following Schrems II for countries without Adequacy Decisions. There is a wider industry concern with it being left up to companies it will lead to a clear difference in the assessments which is counter to the objectives of GDPR initially. That said from a company perspective how are people managing it? Do you get legal advice for each location? Or alternative? The required scope for the assessments aren’t feasible for smaller companies so looking to understand how it is being managed. Not making the transfers is not a business option.