Binding Corporate Rules (BCRs) were developed by the European Union Article 29 Working Party (today the European Data Protection Board) to allow multinational corporations, international organizations, and groups of companies to make intra-organizational transfers of personal data across borders in compliance with EU Data Protection Law.
BCRs are a framework for having different elements (internal legal agreements, policies, trainings, audits, etc.)
The BCRs were developed as an alternative to the "standard contractual clauses" (SCCs)[1] and the now defunct U.S. Department of Commerce EU Safe Harbor (which was for US organizations only, but has been declared invalid).
BCRs typically form stringent, intra-corporate global privacy policies, set of practices, processes and guidelines that satisfy EU standards and may be available as an alternative means of authorizing transfers of personal data (e.g., customer databases, HR information, etc.)
[4] It has to be noticed that, while originally designed for providing legal ground to international transfers, BCRs became de facto a corporation demonstration of its capacity to comply "at large" with personal data processing requirements.