The Norwegian Transparency Act: What Vendor Compliance Professionals Should Know

article

Share this post

https://enterprise.craft.co/post/the-norwegian-transparency-act-what-vendor-compliance-professionals-should-know

In recent years, regulatory focus has increased around human rights due diligence. Norway is one of the latest countries to adopt formal legislation requiring companies to demonstrate compliance with labor law and human rights standards throughout their operations and supply chains. 

Below we’ll review what the Norwegian Transparency is, who it covers, how it compares to other due diligence legislation, and what you need to do to comply.  

What is the Norwegian Transparency Act?

The Norwegian Transparency Act went into force in July 2022. It requires large companies doing business in Norway (both foreign and domestic) to adhere to human rights due diligence based on the OECD Guidelines (Organisation for Economic Co-operation and Development) and transparently communicate those efforts to consumers. This includes due diligence in their operations, supply chains, and the use and disposal of their products and services. 

In other words, the Norwegian Transparency Act requires companies to have comprehensive insight and control into their supply chain to ensure compliance with fundamental human rights and fair labor conditions. 

The legislation builds upon current international frameworks derived from the UN Guiding Principles on Business & Human Rights (also known as the Ruggle principles) established in 2011. The Ruggie Principles outline 31 directives under three pillars: the state duty to protect against human rights abuses, the corporate responsibility to respect human rights, and the need to remedy any abuses. 

The Norwegian Transparency Act itself is based on 3 principles:

  1. Proportionality: The work of due diligence you’re carrying out should correspond with the size of your company and the weight of the risk.

  2. Risk-based Approach: Companies should prioritize the highest risks. You may have mapped out multiple risk areas, but in order to carry out human rights due diligence, you must target the ones where risk is highest.

  3. Transparency: Report on your due diligence efforts to the government and, when necessary, to the public as well. Transparency enables and enforces accountability for identifying and mitigating risks through corporate due diligence. 

All companies carry some risk of human rights violation—but if you aren’t careful, you can get overwhelmed in attempting to tackle the issue. The principles of proportionality and risk-based approach keep your efforts focused on the highest risks with a proportional amount of effort to ensure companies use their resources most effectively.  

How Does It Impact Supply Chains?

The Norwegian Transparency Act requires companies to understand and control what happens throughout their supply chains. This means companies not only need visibility into the risks within their direct Tier 1 suppliers and operations but also with n-tier suppliers down the supply chain to the production site.

This will involve gathering publicly available data as well as direct information from suppliers to identify risks.  

Who Does It Apply To? 

The Act applies to large and medium-sized companies operating in Norway that meet at least two of the following criteria: 

  • At least 50 FTE
  • Annual revenue of at least NOK 70 million (US $7.94 million)
  • Balance sheet sum of at least NOK 35 million (US $3.97 million)

This includes both domestic and foreign companies selling goods or services in the country. Large companies are defined as any company with more than 50 employees–which currently covers around 8,000 companies operating in Norway today. 

Note: If you are a global company but have a subsidiary and/or are tax liable to Norway, that subsidiary will also be impacted.  

Norwegian Transparency Act vs. Other Due Diligence Legislation 

The main EU Supply Chain Due Diligence Laws (EU Corporate Due Diligence Directive, German Supply Chain Act, Norwegian Transparency Act) contain 3 main functions:

  • Identify & Assess Risk 
  • Mitigate through Implementation & Planning
  • Report & Communicate 

Key Takeaways

Scope

The Norwegian Transparency Act covers more companies than the German Supply Chain Act.  This is because the German Supply Chain Act only applies to enterprise-level German companies with over 3,000 employees (in 2023) and over 1,000 employees in 2024. Whereas the Norwegian Transparency Act also covers smaller businesses—i.e., any company with over 50 employees. 

Additionally, the Norwegian Transparency Act applies to the full supply chain—not just the first-tier suppliers—obligating Norwegian businesses to proactively gather information from their suppliers for comprehensive visibility. It also requires companies to respond to information requests about their due diligence efforts, further promoting transparency for the government and consumers. 

Due Diligence Requirements

Human rights due diligence is at the core of the Norwegian Transparency Act. The Act requires companies to carry out due diligence in accordance with the OECD Guideline for Multinational Enterprises and follows the UN Guiding Principles regarding human rights. By following the prescribed due diligence methodology, companies should be continuously updating and improving their due diligence efforts. 

This includes: 

  • Integrating responsible business practices into company policies
  • Identifying risks and potential adverse impacts
  • Implementing mitigative measures
  • Monitoring the results
  • Reporting 
  • Remedying adverse impacts when required

This is a key differentiator from the German Supply Chain Act, which only applies to tier 1-2 suppliers and only requires companies to take action when they become aware of substantial issues—making it less proactive than Norwegian Act.

Penalties

If companies that fall under the Norwegian Transparency Act fail to comply, they may face fines and injunctions that limit business activity. The exact penalties have not yet been defined. But for comparison, the German Supply Chain Act currently imposes sanctions for non-compliance of up to 2% of a company’s annual revenue.

The Norwegian Consumer Authority is in charge of oversight and enforcement.  

How to Comply with the Norwegian Transparency Act [+ Next Steps]


Conduct due diligence

If you’re covered by the Act, you’ll need to outline and implement robust due diligence policies according to OECD Guidelines. The purpose is to identify and assess any actual or potential risks to human rights or labor rights within your supply chain—at any level. This requires a detailed understanding of your supply chain and stronger relationships with your suppliers to get a comprehensive assessment. 


Report your efforts

Transparency is a key part of your due diligence obligation—that’s why its in the name! Companies are required to publish an annual report of their due diligence assessments by June 30. The report must be publicly available on the company website and approved by all board members. 


Respond to requests for information

The Act includes a Right to Request Information, meaning anyone can ask the company for information regarding their due diligence efforts and assessments—and the company is required to provide it. Companies should prepare to handle such requests by developing clear processes for responding and ensuring adequate resources are in place to handle them.

Key Takeaways:

  • You need to have a complete picture of your supply chain. This requires detailed n-tier mapping of your suppliers. 
  • Communicate with suppliers to inform them of the new compliance requirements. 
  • Put in place strong procedures to streamline compliance efforts in risk assessment, mitigation, and reporting. 

Importance of a Comprehensive Supplier Intelligence Platform

The Norwegian Transparency Act and other due diligence legislation like it require a deep understanding of your suppliers beyond Tier 1 and Tier 2. But to gain a complete picture of your supply chain is a monumental undertaking—especially for larger companies with many layers of suppliers. Tackling this job manually is resource-heavy and time-intensive—and often leaves gaps or errors in the data. 

Craft’s supplier intelligence platform cuts through the noise for you to quickly identify, assess, and monitor your whole supply chain. Analyze potential suppliers across 450+ data points and multiple key risk domains, including financial, operational, ESG, labor, security, and more, to get a 360-degree view of your risk landscape.  

Use n-tier mapping to uncover suppliers at every level and assess and prioritize identified risks, so you can plan and implement actions strategically.