Complying with the Norwegian Transparency Act in year 2 – an update for U.S.-based multinationals

Viewpoints
November 27, 2023
10 minutes

Ropes & Gray and Thommessen published a joint client alert on the Norwegian Transparency Act shortly after its adoption. The first due diligence statements under the Act were required to be published by June 30, 2023.

Enterprises are now in their second compliance period, with many continuing to enhance their due diligence processes and starting to think about the content of their 2024 statements. In addition, stakeholder and regulatory scrutiny of the first year of statements has begun.   

In this joint Q&A post prepared with Thommessen Specialist Counsel Håkon Stalheim Meldahl and Associates Lovise Dahl and Susan Bahia Jensen, we provide an overview of the requirements of the Act for U.S.-based multinationals. The post takes into account guidance published by the Norwegian Consumer Authority after our earlier client alert.

Can non-Norwegian enterprises be subject to the Transparency Act?

Yes. The Act applies to larger enterprises that (1) are resident in Norway and offer goods and/or services in or outside Norway and (2) to foreign enterprises that offer goods and/or services in Norway and that are liable to tax to Norway pursuant to internal Norwegian legislation

The term “larger enterprises" as per the Act refers to enterprises that either fall under Section 1-5 of the Norwegian Accounting Act or exceed the thresholds for two of the following three criteria for two years in a row:

  • Sales revenues: NOK 70 million; and/or
  • Balance sheet total: NOK 35 million; and/or
  • Average number of employees in the financial year: 50 full-time equivalents.

(As of mid-November, this equated to sales revenues of approximately U.S.$6.5 million and a balance sheet total of approximately U.S.$3.25 million.)

The following enterprises are covered by the Norwegian Accounting Act Section 1-5, and therefore automatically recognized as larger enterprises: 

  • Public limited companies;
  • Entities subject to accounting obligations if their shares, interests, fund certificates or bonds are listed on a stock exchange, authorized marketplace or equivalent regulated market abroad; and/or
  • Other entities subject to accounting obligations if specified by regulation.

In determining whether a parent company resident in Norway constitutes a "larger enterprise", the criteria must be evaluated for the parent company and its subsidiaries collectively. This consolidation rule does not apply to foreign parent companies.

For a foreign enterprise without a subsidiary company organized in Norway through which it conducts its Norwegian activities, the assessments of the thresholds should be considered based on the activities within Norway.

The tax liability criteria can be ambiguous. For non-Norwegian companies to be subject to the Act, they must also be liable to tax to Norway pursuant to internal Norwegian legislation (not taking into account tax treaties, etc.). 

Thommessen has developed a Transparency Compass that can assist companies with their Transparency Act scoping. 

To come within the scope of the Act, the enterprise must offer goods and services. What does this mean?

Goods and services are interpreted broadly. They are not limited to conventional commercial activities provided to third-parties. Furthermore, it is not necessary for the enterprise to receive monetary compensation or other advantages for the goods and services provided.

Internal services within a group of companies come within the Act’s scope according to guidance from the Norwegian Consumer Authority. The same also is the case for intra-group loans or administrative services within the group.

What does it mean for a business to be covered by the Act? 

The Act contains three primary obligations:

  • Conducting human rights due diligence assessments;
  • Publicly reporting on findings and measures resulting from the due diligence; and
  • Providing information about due diligence upon request.

These obligations are meant to mitigate the risk of adverse impacts on human rights and decent working conditions and ensure the general public has access to information to create accountability for companies.

Human rights due diligence is required to adhere to the OECD Guidelines for Multinational Enterprises on Responsible Business Conduct. However, the due diligence process under the Act is specifically focused on fundamental human rights and decent working conditions, which is a narrower scope than what is encompassed by the MNE Guidelines. (See our Alert on the recently updated MNE Guidelines.)

The Act defines fundamental human rights as internationally recognized human rights that follow from, among other instruments, the International Covenant on Economic, Social and Cultural Rights, the International Covenant on Civil and Political Rights and the International Labour Organization's core conventions. Decent working conditions are defined as work that safeguards basic human rights, health, safety and environment, as well as providing a living wage.

The due diligence process mandated by the Act is required to be conducted regularly. Due diligence is to be proportionate and risk-based. This means that enterprises must carry out a concrete assessment of their own risks and prioritize areas where the risk of negative impact is most significant. Due diligence is to be commensurate with the size and nature of the enterprise, its operational context and the severity and likelihood of negative impacts on fundamental human rights and decent working conditions.

Enterprises covered by the Act must account for their due diligence assessments – what does this mean?

Enterprises are required to publish an annual account of their due diligence assessment. The annual account must be published or updated no later than June 30th each year. An earlier update is required if there are significant changes to the enterprise's risk assessment. The annual account must include at least the following:

  • A general description of the enterprise's structure, area of operations, guidelines and procedures for handling actual and potential adverse impacts on fundamental human rights and decent working conditions;
  • Information regarding actual adverse impacts and significant risks of adverse impacts that the enterprise has identified through its due diligence; and
  • Information regarding measures the enterprise has implemented or plans to implement to cease actual adverse impacts or mitigate significant risks of adverse impacts, and the results or expected results of these measures.

The Act provides limited exemptions concerning the information that companies are required to include in their annual account. There are exclusions for information regarding (1) an individual’s personal circumstances and (2) technical devices and procedures or other operational or business matters that are competitively sensitive. These exclusions do not apply to information regarding actual adverse impacts on fundamental human rights with which the enterprise is familiar. There is however an absolute exemption for information graded according to the Norwegian Security Act or protected under the Norwegian Copyright Act.

The annual account must be easily accessible on the enterprise's website, and the enterprise must include information in its annual report indicating where the account can be accessed.

The Norwegian Consumer Authority recently announced a review of 500 enterprises' websites. They found that approximately 100 of the enterprises had failed to publish a required report. In its analysis of the remaining 400 enterprises, the Authority observed a lack of detailed reporting on actual adverse impacts and the measures implemented or planned to address these impacts. Additionally, the Authority highlighted a prevalent approach among enterprises: addressing due diligence assessments primarily through the distribution of forms, codes of conduct or similar documents, which in at least some cases likely falls short of the substantive requirements of the Act. 

Who has the right to information and what must the enterprise provide information about?

Section 6 of the Act indicates that "everyone" is entitled to information from a subject enterprise regarding how it addresses actual and potential adverse impacts on fundamental human rights and decent working conditions. This implies that virtually anyone can submit a written information request to an enterprise, without having to provide a reason. 

The request for information generally must be answered within three weeks (two months in certain situations) after the enterprise has received a written request for information. Enterprises covered by the Act should therefore have a system in place to ensure that requests for information can be addressed within the relevant timeframe, regardless of the absence of particular individual employees.

Information about the enterprise's due diligence assessment can be requested. The right to information encompasses both general information and information relating to a specific product or service offered by the enterprise.

Enterprises are not required to meet more granular document requests, such as to provide supplier lists. However, in some cases it may be necessary for the enterprise to specify and provide detailed factual information to be able to describe its due diligence processes.

The right to information is subject to certain limitations. Enterprises may in certain cases deny information requests. These limitations are discussed in our earlier joint Alert.

What potential legal consequences might a company face if it fails to meet the obligations outlined in the Transparency Act?

If an enterprise is in violation of the Act, the Norwegian Consumer Authority can invoke orders and prohibitions (essentially mandating compliance or imposing injunctive relief). If there are repeated violations, the Consumer Authority may impose enforcement and infringement penalties. Non-compliance of course also may result in reputational or commercial harm.

In February 2023, the Norwegian government enacted a new regulation that allows for infringement penalties of up to the greater of 4% of the enterprise's annual turnover or NOK 25 million (approximately U.S.$2.3 million at mid-November 2023 exchange rates). However, it is not expected that the maximum fine will be levied in the early compliance periods. Furthermore, the fine levied will depend on the circumstances, i.e., if there are repeated and serious infringements of the Act.

The penalty regulation has been criticized, since the hearing on the regulation took place before the Act entered into force. A new hearing was held, which has also been criticized. It has been asserted by the Norwegian Bar Association that the penalty regulation may not have been validly adopted. Others have pointed out that the hearing was not suitable for submitting input on infringement penalties under the Act. However, it is expected that the penalty provisions will not materially change.

Does the board have any duties? What is the board’s risk in the event of non-compliance with the Transparency Act?

The Act does not place particular obligations on an enterprise’s board, other than the requirement to sign the annual public statement. However, the board of an enterprise organized under Norwegian law has a general duty to see to the operations of the enterprise, and the Act is a statutory requirement. To be able to monitor compliance with the statutory requirement to carry out due diligence assessments, the board should be aware of how the enterprise implements policies and procedures to mitigate risks of adverse impacts on fundamental human rights and decent working conditions and that due diligence is carried out regularly.

For U.S.-based multinationals, where does the Transparency Act fit into their global compliance requirements?

U.S.-based multinationals need to consider the Act in the broader context of their global mandatory human rights due diligence and reporting. Disclosures under the Act should be aligned with disclosures under modern slavery legislation in other jurisdictions. To ensure alignment and reduce their compliance burden, many U.S.-based multinationals have integrated their annual modern slavery and Norwegian Transparency Act disclosures into a single statement. We expect this trend to grow as Canadian modern slavery and child labor reporting comes online in 2024. For applicable U.S.-based multinationals, Transparency Act due diligence and disclosures also need to be aligned with compliance procedures, policy statements and annual disclosures under new German and Swiss human rights due diligence and reporting requirements.

Human rights due diligence practices and disclosures – including those under the Transparency Act – also should be considered through a U.S. litigation lens. For U.S.-based multinationals, there is growing concern that new mandatory human rights disclosures that describe global policies, compliance procedures, risk assessments and risk mitigation strategies may be used to support allegations by plaintiffs in U.S. consumer protection, securities fraud and other suits.

Subscribe to Ropes & Gray Viewpoints by topic here.

About Ropes & Gray’s practice

Ropes & Gray has a leading ESG, CSR, and business and human rights compliance practice. We offer clients a comprehensive approach in these subject areas through a global team with members in the United States, Europe, and Asia. In addition, senior members of the practice have advised on these matters for more than 30 years, enabling us to provide a long-term perspective that few firms can match.

For further information on the practice, click here.

About Thommessen’s practice

Thommessen is a leading Norwegian law firm, assisting businesses with transactions, complex projects and contentious matters in all areas of commercial law. The firm’s robust professional legal expertise is combined with in-depth industry knowledge, and the lawyers stay abreast of trends and developments on an ongoing basis in order to provide advice, which facilitates long-term value creation.

Thommessen has over time developed extensive compliance expertise and experience, and currently advises a broad range of Norwegian and international businesses on addressing compliance challenges in relation to, amongst other things, human rights, anti-corruption, anti-money laundering and terror financing issues. Thommessen has a dedicated team who is ready to advise clients in matters relating to the Transparency Act and related issues.