Transfer of data outside the EU on behalf of the controller is made through a transfer data agreement and not through a general Power of Attorney. It is because the data controller must set instructions for the data transfer the data processor must comply with. In fact, the data controller will be liable for any infringement of GDPR rules and even for choosing the wrong data processor.Consider that the EU Commission adopted a Standard contractual clause to implement contracts concerning data transfers.
If you are referring to the Power of Attorney in connection with a legal claim (i.e. transferring data outside EU for a legal claim), consider that establishing, exercising or defending legal claims is an exemption to GDPR rules. The Power of Attorney, in this case, can allow data controller or data processor to transfer data outside the EU (of course only data which are necessary for the legal claim.)