Skip to main content

Frequently Asked Questions About the Safeguard → Deel Migration

Jeffrey Smith
  • Updated

Commercial

[ACCORDION] Why is this change happening?

As you know, Deel purchased the Safeguard Pay business in March 2025. While the Safeguard technology will remain in place for some time, Safeguard clients can gain material advantages in technology, payroll operations, quality and speed by moving to the Deel platform. The underlying business model is essentially the same, but the Deel platform delivers significantly enhanced functionality. We will ensure this is explained fully during our various discussions with you.

[ACCORDION] Will my pricing change?

There are no plans to change pricing as part of the migration.

[ACCORDION] How are Contract / MSA changes being handled as part of this migration?

Clients will retain their existing Master Services Agreement that is in place today. At contract expiry or renewal, Deel-based contracts and MSAs will be signed with clients in place of the existing Safeguard contracts. We are happy to discuss this further with you.

[ACCORDION] What are the main functionalities the Deel platform has for Global Payroll processing?

Please see the “Payroll Processing with Deel” breakdown — we will take you through this in detail as part of the meetings we have with you.

[/ACCORDION]

 

Migration Strategy

[ACCORDION] How will the Unity payrolls be migrated to Deel — new implementation or Lift & Shift?

It will be a structured migration. The approach is covered in detail within the SGP Transition to Deel Platform global migration deck, which will be walked through with your team.

[ACCORDION] Will we have a dated project plan to support our SGP to Deel migration?

Yes. Deel will build a client-specific project plan that includes all payrolls, dates, ownership and milestones. This will be constructed and shared once high-level timelines are agreed.

[ACCORDION] Will we have a single point of contact managing our implementation?

You will have one dedicated point of contact for Migration and one for Implementation, with a senior Onboarding Manager leading both workstreams to ensure continuity and accountability throughout the transition.

[ACCORDION] What is the approach to migrating Pay Elements?

In Deel, Payroll Elements are called Components. Deel has built a standardized list of components by country, covering the vast majority of client needs.

Each component can be mapped at various points in the data lifecycle. For example, “Bonus” in Deel can map to “Annual Bonus” in your HCM, appear as “Annual Bonus” on payslips, and as “Bonus” for GL purposes.

We recommend moving to Deel’s standardized pay elements to simplify your setup. During migration, the Onboarding team will work with you to determine whether standard configuration or country-specific customization is required.

[ACCORDION] Can cost centre and org structure changes be made during migration?

Yes. If a client wants to change their entire org structure during migration, they would need to provide a full reconciliation of current versus new. This would be reviewed by the GL Team to determine feasibility during migration. Small changes to org data can be accommodated during the migration process.

[ACCORDION] What is the testing strategy for the migration?

Testing will follow the approach defined in the Migration and Workday Integration strategy. Where payroll software is changing, parallel testing will be conducted to validate payroll accuracy and reporting.

[ACCORDION] Are there any data differences at country level?

Country-level data differences are currently being analysed and will be communicated as part of the migration planning process.

[ACCORDION] Are Deel’s in-country payroll solutions certified?

As a general theme, the underlying payroll integrations will not change as part of the migration. In some markets, Deel will change the payroll engine — this will be specified in the Project Plan and migration discussions.

Where a local certification process for a payroll engine exists, Deel’s approach is to certify. However, this is not a requirement in all markets where the Deel platform runs its own calculation process.

[/ACCORDION]

 

Platform & Setup

[ACCORDION] Will my payrolls be called the same on Deel as on SGP?

Existing Unity payroll names will be replicated on the Deel platform.

[ACCORDION] Will my Organisation Structure be migrated on Deel as set up on SGP?

Your existing organisational structure in Unity payroll will be configured on the Deel platform. Please note that Split Costing is available at the Cost Centre level only.

[ACCORDION] Will my employee numbers remain the same on the Deel platform?

Yes. We will preserve your existing employee numbers when migrating from Safeguard’s Unity system to Deel’s Global Payroll platform, allowing you to maintain continuity with your existing employee identification.

[ACCORDION] Will my pay element names remain the same on the Deel platform?

In Deel, Payroll Elements are called Components. Deel has a standardized list of components by country, and each can be mapped at various points in the data lifecycle.

For example, “Bonus” in Deel can map to “Annual Bonus” in your HCM, payslips, and GL as needed. The Onboarding team will work with you during migration to ensure your pay elements are properly configured.

[ACCORDION] Will my treasury solutions change?

Existing employee net pay bank files will be configured on the Deel platform. Format and penny testing will be conducted as part of QA.

Where Ebury treasury services are in place, they will move to Deel Treasury services (where available). The full scope of Treasury services will be reviewed and agreed with your Onboarding team during the Transition period.

[ACCORDION] Will my GL have the same format on Deel as on SGP?

Your existing General Ledger format and Chart of Accounts will be built on the Deel platform where technically possible.

Deel has a dedicated GL team who will provide support during the transition. GL configurations will be tested during the Quality Assurance phase.

[ACCORDION] Will my Pay Elements report with the same names and GL codes on Deel as on SGP?

It is recommended to use Deel’s standardized pay elements listing to simplify payroll setup globally.

As part of the transition, some pay component names may change; however the treatment of these components and their associated GL account codes will not change.

[ACCORDION] Will the payroll software change?

There are two scenarios where payroll software may change:

1. ICP Insourcing — where Safeguard uses an ICP and Deel has an in-house payroll team.

2. Software Migration — where Safeguard local market software differs from Deel’s in-house software.

Where possible, software changes will be made as part of the transition. Where software is changing, parallel testing will be conducted to validate payroll accuracy and reporting.

[ACCORDION] Does Deel have role-specific platform access controls (e.g. Finance / GL vs Payroll)?

Yes. The Deel platform supports role-specific access controls, enabling you to assign permissions at the appropriate level for Finance (GL) and Payroll teams separately.

[/ACCORDION]

 

Integrations

[ACCORDION] What experience does Deel have integrating with Workday HRIS?

Deel is a certified global payroll partner on Workday’s Marketplace and is Workday Global Payroll Cloud (GPC) certified.

Our native integration leverages Workday’s APIs and the Global Payroll Connect module for data transfer, payroll processing, employee data synchronisation, onboarding, compensation changes and offboarding.

Deel supports both Workday PECI and GPC integrations. Our recommendation for any new integration is the API-based GPC approach, which enables quicker deployment and reduced implementation costs while aligning with Workday’s roadmap.

[ACCORDION] SGP integration with Workday vs Deel API, DCoD and APD — what are the key differences?

During the transition, we plan to move your Workday integration from Safeguard’s PECI solution to Deel’s GPC DCoD (Data Changes on Demand) solution.

PECI is file-based and scheduled, while DCoD is API-based, real-time and on-demand.

Benefits include:

  • Simplified setup and maintenance with a single connection across all countries
  • Data errors identified directly in Workday
  • Additional Payroll Data captured through Workday UX
  • Automated feedback loop returning payslips and payroll results to Workday

     

[ACCORDION] What access is required for Deel to retrieve data via API from Workday?

Access is defined at a Pay Group level in Workday and controlled via the API between Deel and the client’s Workday tenant. Each connection is authenticated and pulls data for a given Pay Group based on the country and pay period being processed.

[ACCORDION] What configuration is needed for pay elements — is it the same as setting up PECI?

Mapping of pay elements (called Payroll Components in Deel) is managed by the Deel team as part of the migration.

Where clients need to make changes to how payroll elements are managed in Workday, this can be accommodated and mapped accordingly in Deel.

[ACCORDION] Will the data and process for supplying files to Deel remain the same as SGP (non-Workday HCM)?

The Deel platform offers several benefits over SGP technology, but the underlying delivery model is fundamentally the same. Deel processes payroll with as much automation as possible (“Perfect Payroll”).

[ACCORDION] Can we continue to share the EUT for payroll input?

Because the payroll platform is changing, the way payroll input data is submitted will change to align with Deel’s standard processes. We are actively building Safeguard EUT support into the Deel platform to preserve continuity where possible.

[ACCORDION] How does Deel consume data from systems like Time & Attendance?

Deel provides integrations for Time & Attendance, HR, Benefits and more, as well as a public API for specific scenarios. Additional integrations can be enabled to optimise existing processes.

For an overview of all available integrations, see: Deel Integrations & API

[ACCORDION] How long has Deel had GPC available to customers, and how many clients use it?

Deel has had Workday GPC available to clients for over a year, with more than 40 Global Payroll clients currently utilising Workday GPC.

Workday GPC resources can be found here: Deel Workday Help Centre

[ACCORDION] Are there any data field limitations linked to an employee ID?

Fields are limited only in the context of minimising data use in line with GDPR requirements. Customised fields can be discussed and aligned to specific client requirements.

[/ACCORDION]

 

Reporting & Analytics

[ACCORDION] How does SGP payroll reporting compare to Deel payroll reporting?

Because the platform is changing from Unity to Deel, the standard suite of reports will change.

In countries where Deel has in-house payroll software, statutory reporting and payslips may also change. These changes will be discussed at the start of the migration.

[ACCORDION] Will Unity Analytics remain in place?

Once live on Deel, you will have access to Deel Analytics, which replaces Unity Analytics and provides a centralised dashboard for payroll and workforce data.

Reports can be generated across seven key categories including Finance, Benefits, People, Payroll, Contracts, Productivity, and Time Off.

[ACCORDION] Is the Deel platform ready for EU Pay Transparency Reporting requirements?

Deel is currently building EU Pay Transparency reporting. This will initially focus on Deel HRIS clients but will evolve further as it becomes embedded into the platform.

[/ACCORDION]

 

Employee Experience

[ACCORDION] Will the way employees access payslips and tax documents change?

Yes. As part of the migration, employees will transition from the Safeguard Employee Portal to the Deel platform for payslips and tax documents.

Employees can view and download documents directly from the Deel app without HR intervention.

For organisations with an HRIS, employee master data updates can be restricted. SSO can also be enabled.

Access to historical payslips on the Safeguard Employee Portal will remain available for 6 months after migration.

[/ACCORDION]

 

 

Security & Compliance

[ACCORDION] What Security or Privacy certifications does Deel hold?

Deel is ISO/IEC 27001:2013 certified and adheres to GDPR globally.

Documentation including certification evidence and the Statement of Applicability is available in the Deel Trust Center.

[ACCORDION] What penetration testing program exists at Deel?

Deel conducts annual penetration tests performed by independent third-party security firms. The latest PenTest Attestation Letter is available via the Deel Trust Center. The most recent test was conducted in July 2024, with a retest in September 2024.

[ACCORDION] What security or encryption standards exist for accessing the Deel platform?

User management of Payroll & HR administrators is controlled by Organisational Admins within the client — giving clients greater control over users. Sensitive data on login pages is protected by TLS 1.2+ encryption and HTTPS. Deel implements generic error messages to avoid disclosing sensitive information, and auto-complete and client-side caching are disabled on forms containing sensitive data.

[ACCORDION] How is data encrypted, both in transit and at rest?

At rest: All data is encrypted using AES-256, with AES-256-GCM for sensitive customer information. A minimum key length of 256-bit is used, and encryption keys are accessible only by authorised personnel.

In transit: All data is encrypted using TLS 1.2 or higher, including sensitive information and API payloads — covering secure API transfers, SFTP over SSH, and VPN channels.

These practices align with GDPR, SOC 2 Type II, and ISO 27001.

[ACCORDION] How is Data protected as it flows between the user machine and the Deel platform?

Deel protects data in transit using TLS 1.2+ over HTTPS with authenticated certificates. Sensitive transmissions are encrypted to prevent exposure and tampering (including secure APIs, SFTP over SSH, and VPN channels). Additional safeguards include authenticated APIs, network segmentation, and access controls, aligned with ISO 27001 and SOC 2 Type II.

[ACCORDION] How is privileged access managed within Deel?

Privileged access is limited to authorised individuals for defined periods, with usage monitored and logged. Access follows least privilege principles and is managed through Deel’s Identity Provider (IDP). There’s a formal provisioning/deprovisioning process with manager approval based on role, and elevated access is regularly reviewed. Deel apps also support compatibility with PAM software.

[ACCORDION] How does Deel implement access controls for the platform?

Deel mandates Multi-Factor Authentication (MFA) for all users, including remote access and sensitive actions. MFA is enforced for users and administrators, using authenticator apps, push notifications, and OTP emails.

[ACCORDION] How does software patch management work at Deel?

Deel applies critical third-party security patches promptly. Open-source packages are continuously monitored via Software Composition Analysis (SCA). AWS managed services handle infrastructure-level updates. Patches are prioritised by severity and tested in staging before production. Antivirus solutions are maintained across desktops and servers.
 

[ACCORDION] How regularly is patch management performed?

Updates/patches are applied approximately twice a week via centrally managed configuration management. Critical updates are deployed promptly (typically bi-weekly or immediately for high-risk vulnerabilities). OS patches for Windows/Linux are scheduled monthly, with critical patches applied immediately. 

[ACCORDION] How does vulnerability management work at Deel?

Deel has a formal, structured, automated process governed by its Vulnerability and Threat Management Policy. Critical vulnerabilities are addressed within 24 hours, and high vulnerabilities within 72 hours. Patches are deployed via automated systems, requiring manager approval and staging tests. Regular vulnerability scans and third-party pen tests validate effectiveness. 

[ACCORDION] How does Deel log system audit trails?

Deel maintains a comprehensive audit trail capturing who made changes, what was changed (before/after values), and the exact timestamp. All key user actions — including authentication events, data modifications and permission changes — are logged. Audit logs are accessible via the "Show Audit Trail" feature in the platform.

[ACCORDION] Does Deel adhere to the OWASP Top 10 for Security and Vulnerability management?

Yes. All Deel systems must meet OWASP Top 10 security vulnerability testing requirements

[ACCORDION] Does Deel have the same level of security roles as SGP Global Unity?

Deel customers benefit from significant investment in security and privacy, including industry certifications. The best place to understand what is in place is thDeel Trust Center.

[/ACCORDION]

 

Business Continuity

[ACCORDION] Please explain your backup, Disaster Recovery and Business Continuity plans and recovery time objectives.

Deel maintains a robust Disaster Recovery Plan and Business Continuity Policy that is reviewed and tested annually.

Key highlights include:

  • Continuous data replication across multiple regions
     
  • Daily immutable backups and point-in-time backups retained for 30 days
     
  • Backups stored across geographically distributed AWS environments
     
  • Recovery Time Objective (RTO): 2 hours
     
  • Recovery Point Objective (RPO): 15 minutes for critical systems

[/ACCORDION]

 

Was this article helpful?
0 out of 0 found this helpful
Was this article helpful?
not helpful
very helpful
Return to top