We constantly get questions from companies we are in contact with, whether there are templates for the Transparency Act as well as guides for handling the Transparency Act. We at Share Control have therefore spent a lot of time developing material such as templates and guides, to make it easier for our customers to enforce the Transparency Act.
The steps to comply with the Norwegian Transparency Act
The Act on Business Transparency and Work with Basic Human Rights and Decent Working Conditions (hereinafter called the Transparency Act) can be difficult to get to grips with. The specific points in the law can be perceived as relatively simple, but the complex starts when you start diving into the various steps.
We have therefore tried in the simplest possible way to explain the steps you must follow according to the Norwegian Consumer Protection Authority’s (hereby referred to as Forbrukertilsynet) guidance. The list can be used as a procedure, but does not provide any guarantee that you will always meet the requirements of the law. We consider the most important element in the Act to be time and therefore recommend starting as early as possible, and continuously keeping the Transparency Act in the back of your mind.
1. Anchor accountability in the board
To start with the Transparency Act, it is important that the business itself has its guidelines and accountability in place. The process therefore starts with the board adopting guidelines for responsibility in connection with human rights and working conditions. The document for ethical guidelines (Code of conduct) forms the basis for obligations and requirements for how the company should act and handle various dilemmas that may arise. The document must be signed by the board, so that they are responsible for the outcome in the Transparency Act.
The guidelines in the document should focus on the actual risk areas that have the highest probability of occurring, but should also contain the other and less likely risks. The document Code of conduct will then describe how the business must behave responsibly in various situations, while this forms the basis for expectations of responsibility from suppliers and other business partners.
Read more about anchoring responsibility in the board here.
2. Create supplier lists
The main points of the Transparency Act are to map and assess actual and potential negative consequences for basic human rights and decent working conditions that the business has caused or contributed to. Businesses that are covered by the legislation must therefore survey and assess through supply chains and business partners, as stated in §4, letter b.
According to §3, letter d. it appears that a supply chain is understood as any supplier and sub-supplier who supplies or produces goods, services or other input factors.
Therefore, start by getting a full overview of the company’s suppliers and business partners. Also include important parameters such as the type of goods, solutions or services the suppliers deliver, so that you can more easily select risks broken down by country, industry, contract size and the like. Forbrukertilsynet also recommends businesses to make an effort to find subcontractors, so that these can also be assessed.
Read also: What is the Transparency Act and what is your duty?
Assessment of human rights and working conditions
An important point in the Transparency Act is the requirements for human rights and working conditions in one’s own business. This can present challenges if production or other activities take place abroad. We recommend businesses to ensure that they have systems where employees can submit anonymous complaints to safety representatives or the management of the company.
Download guide for the Transparency Act
Get an insight into all the functions and processes that can help you deal with the Transparency Act. We have created templates for the Transparency Act that take you from anchoring in the board to due diligence assessments, risk assessment and reporting.
Get the guide in your inbox
3. Conduct due diligence assessments
According to “åpenhetsloven” §4 of the Transparency Act, companies are obliged to carry out due diligence assessments in line with the OECD’s guidelines for multinational companies.
The due diligence can be defined as the sum of risk analysis, mapping and assessment of negative consequences, measures to prevent violation, follow-up, communication and recovery. The due diligence assessments must be carried out regularly. Due diligence under the Transparency Act has 6 steps:
Risk assessment of suppliers
Every year, businesses must report on their due diligence assessments. However, there is an exception according to §5 of the Act. If there have been significant changes in the risk assessments, the report must be updated as soon as possible. But what exactly is a risk assessment?
As we have mentioned in the previous steps, risk is a probability that negative consequences for human rights and working conditions may occur. It must also appear in a risk assessment whether the business has caused or contributed to the negative consequences.
Les vår oversikt over landsrisiko: Landsrisiko for brudd på menneskerettigheter
In risk assessments, it is important to place extra focus on suppliers of great importance, suppliers from countries and industries that have known challenges related to human rights and working conditions. It should also be considered whether more thorough risk assessments should be carried out at subcontractors with complex products. There are several templates for the Transparency Act that can be used in assessing risk, see the example below.
See example of risk assessment
Imagine that a company is going to buy 100 new laptops for its employees. In many cases, it is price, delivery time and software that determine the choice of supplier and manufacturer.
As we see in the table above from the Directorate for Administration and Financial Management, there is a very high risk of violation of human rights in the extraction of raw materials. It appears here that the risk of, among other things, child labour, forced labour and the poor focus on HSE is very high. In the component assembly and assembly of the finished product, challenges such as forced overtime, underage labor and low wages are the biggest risks.
Mapping and assessment of negative consequences
After the risk analysis has been carried out, it is time to look for conditions with each individual supplier. Here, one must find out whether the suppliers have violated or are violating human rights and decent working conditions. Dialogue and observation of the suppliers is a central part of the mapping and assessment of negative consequences.
Based on the risk assessments and mapping of the suppliers around human rights and working conditions, you can send out surveys or ask for confirmation that the supplier is not in breach of the company’s code of conducts.
We at Share Control have developed several templates for the Transparency Act during mapping of assessment of the suppliers, which are integrated in ShareControl Transparency, a complete system for administration of the Transparency Act.
Measures to prevent infringement
After §4, letter c. the business must take measures to stop, prevent or limit the negative consequences based on priorities and assessments according to the letter b. Letter b deals with the assessments from the risk assessment and the assessments of the actual and potential negative consequences.
It is therefore important to assess the extent to which your business has caused or contributed to the negative consequences. The closer the company is to the damage, the greater the company’s responsibility.
Measures should be taken depending on how big the negative consequences are and the responsibility the business itself has. In any form of collaboration, businesses should consider whether to continue the collaboration, work for changes towards a common goal, withdraw the agreement, or gradually find new suppliers.
Follow-up of measures
In the due diligence assessments, the authority must also follow up on the measures that have been initiated. The purpose of the follow-up is to assess whether the measures have worked according to plan, or whether improvements are needed.
Key questions the business must ask are:
- How many of the measures were carried out on time as planned.
- How well the measures worked.
- Has harm to individuals or groups actually been prevented or dealt with.
Has harm to individuals or groups actually been prevented or dealt with.
4. Account of due diligence assessments
After conducting due diligence assessments of suppliers, subcontractors, business partners and internally in the business, it is time to publish the results. An account according to the Transparency Act is written in section 5 of the Act, and shows which minimum requirements must be included in the report.
An account of the Transparency Act must contain at least:
- Description of the company’s organisation, operating area, guidelines (Code of conduct) and routines for handling actual and potential negative consequences.
- Information about the actual negative consequences that have been found and where there is a significant risk of negative consequences
- Information about measures that have been or are planned to be implemented, as well as expected or experienced results of the measures.
Read more about reporting under the Transparency Act here.
The report must be published each year by 30 June or in the event of significant changes in the company’s risk assessments. In ShareControl Transparency, there are built-in templates for the Transparency Act, so that you can easily streamline parts of the work.
Together with our software solution for the Transparency Act, Share Control has developed a template that retrieves the data from the system and puts this in the report for you. The data from suppliers with virtually zero risk will thus be entered into the report without any further work. The only thing you need to do – is enter a description about your organization. If, on the other hand, you find suppliers with an increased risk, you must expect a little more work. For suppliers with a risk of breach, however, according to the legislation, it is your responsibility to describe the actual and potential negative consequences, as well as which measures have been initiated.
5. Restore
Restoring can have many meanings, but according to the Transparency Act, this means “correcting”. Businesses that find actual or potential negative consequences with their suppliers must ensure cooperation on recovery or compensation where required. However, this does not apply when the business is not directly linked to the consequences.
Forbrukertilsynet recommends using its influence by influencing the person who caused the damage, or contributing information that may be useful in further investigations or dialogue.
Ensure or cooperate in recovery
Where a business has caused or contributed to negative consequences, cooperation on recovery or compensation must be ensured. This means that you must rectify the situation by working with the affected parties to find solutions, or through compensation claims for those affected.
Some examples of recovery measures:
- Replacement or compensation
- A public apology
- Sanctions
- Measures to prevent future damage
Frequently Asked Questions
We often get questions about the Transparency Act and we have collected some of the most common ones here:
ShareControl Transparency
Software for «the Transparency Act»
A complete system for handling all the company’s data and processes around the Transparency Act.