Another Proposed Human Rights Due Diligence and Reporting Requirement for Multinationals – This Time Norway
On November 28, 2019, the Ethics Information Committee convened by the Norwegian government recommended the adoption of mandatory corporate human rights legislation. As proposed, this broadly applicable Act would create additional human rights due diligence and disclosure obligations for a significant number of multinationals doing business in Norway. This Alert provides a detailed overview of the draft Act.
The draft Norwegian Act adds to the rapidly growing body of corporate human rights legislation adopted, proposed or under discussion in several countries and at the European Union level. For other Ropes & Gray Alerts, Articles and White Papers discussing corporate human rights legislation, please visit our firm website and our CSR and Supply Chain Compliance website.
Background and Purpose of the Act
The Ethics Information Committee was established by the Norwegian government during June 2018 in response to two petition resolutions by the Parliament. The ten-member committee has members from academia, business, government, trade unions, employers’ organizations and NGOs.
The Committee was tasked with assessing whether Norwegian businesses should be required to disclose information on responsible business conduct and supply chain management. As was widely expected, the Committee concluded that mandatory legislation is necessary, which is consistent with the growing sentiment globally that a “smart mix of measures” to address potential adverse human rights impacts by businesses requires a combination of voluntary and mandatory instruments. The Committee also was tasked with proposing the scope of legislation and how it should be enforced if the Committee concluded that legislation is feasible and advisable. At the time the Committee was formed, it was announced that the Committee would submit its report to the government by December 1, 2019.
According to the Committee’s Report, the purpose of the Act is to provide consumers, trade unions, civil society organizations and others with information on the impact of businesses on fundamental human rights and labor conditions in order to enable consumers to make informed choices and question responsible business conduct. The Act also aspires to advance fundamental human rights and labor principles in order to improve working conditions in businesses and their supply chains globally.
As proposed, the Act would apply to enterprises that offer goods and services in Norway. Enterprises are defined expansively to include companies, cooperative societies, associations, sole proprietorships, foundations or other forms of organizations. Covered enterprises also include publicly owned enterprises offering goods or services. The draft Act is not by its terms limited to entities organized under Norwegian law.
Duty to Know
Under the Act, each covered enterprise would be required to know of salient risks that may have an adverse impact on fundamental human rights and decent work in the enterprise’s business and supply chains. “Fundamental human rights” are defined as the internationally recognized human rights expressed in the International Covenant on Economic, Social and Cultural Rights, the International Covenant on Civil and Political Rights and the International Labour Organization’s fundamental conventions covering fundamental principles and rights at work. As used in the draft Act, “decent work” is work that respects fundamental human rights, protects health, safety and the environment in the workplace and provides a living wage. “Supply chains” are defined as entities supplying goods and services that deliver products or factor inputs to an enterprise.
The scope of the duty to know would be facts-and-circumstances-based, depending on factors such as the size of the enterprise, its ownership and structure, activities and industry and type of goods or services the entity provides. The duty to know would apply where the risk of adverse impact is most severe, such as the risk of forced labor and other slavery-like labor, child labor, discrimination in employment and at work and lack of respect for the right to form and join trade unions and undertake collective bargaining and risks to health, safety and the environment in the workplace.
Disclosures by Consumer-Facing Companies
Covered enterprises that distribute goods to consumers would be required to publish the manufacturing sites of the goods. This information would be required to be published on the enterprise’s website or otherwise made easily accessible to the public.
The draft Act contemplates that additional regulations may be adopted exempting particular sectors and enterprise groups from this requirement.
Additional Requirements for Larger Enterprises
The Act would impose more stringent due diligence and reporting requirements on larger enterprises. Larger enterprises are those covered by section 1-5 of the Norwegian Accounting Act, or which exceed two of the following three conditions on the balance sheet date:
- NOK 70 million of sales income;
- NOK 35 million in total assets; and
- An average of 50 full-time equivalent employees in the accounting year.
As of the date of this Alert, NOK 35 million is equal to approximately US$3.8 million. If this threshold is maintained in the Act if adopted, and subject to any other exemptions that are adopted, the threshold is likely to be exceeded by a significant number of multinationals offering goods and services in Norway.
Due Diligence. Larger enterprises would be required to exercise due diligence in order to identify, prevent and mitigate any adverse impacts to fundamental human rights and decent work. The due diligence standard is intended to be aligned with the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises.
Disclosure. Larger enterprises would be required to at a minimum publicly report on the following aspects of their own activities and supply chains:
- A description of the enterprise’s structure, area of operations and supply chains, including management systems and early warning channels for preventing or reducing any adverse impact on fundamental human rights and working conditions;
- Due diligence carried out by the enterprise, including information about any actual or potential adverse impact on fundamental human rights and decent work and salient risk of such impact; and
- Results of the due diligence, including measures to limit serious risk or injury and mitigate adverse impact where this is required.
Under the proposed Act, the report always would be required to include information on risks and measures in relation to forced labor and other slavery-like labor, child labor, discrimination in employment and at work and lack of respect for the right to form and join trade unions and undertake collective bargaining, as well as health, safety and the environment.
The report would be required to be signed by the general manager and the board. This is consistent with the approach taken in other jurisdictions to help ensure senior-level accountability for both disclosures and compliance.
The report may be included in the enterprise’s social responsibility report pursuant to Accounting Act section 3-3, although this would not be required.
Stakeholder Information Requests
In addition to requiring enterprises to report specified information as discussed above, the Act would entitle persons to information concerning how the enterprise conducts itself with respect to fundamental human rights and decent work within the enterprise and its supply chains. This portion of the Act would be applicable to all subject enterprises, not just larger enterprises. In particular, persons would be able to request the following information, verbally or in writing:
- General information about the enterprise’s work, systems and the steps taken to prevent or reduce adverse impacts on human rights and working conditions; and
- Information about any adverse impact on human rights and working conditions, significant risks of such impacts occurring and how the enterprise manages this risk, including any risk associated with a particular product or service.
If the request is accepted, the enterprise generally would be required to respond within three weeks of receiving the request. However, if that time frame is unreasonably burdensome, the enterprise would have two months to respond, although it would be required to within three weeks of the request explain to the requesting person the reason for the extension and when the information is expected to be provided.
An enterprise would have flexibility in how it provides requested information. It would be able to disclose the information in the form that it determines to be appropriate. If the request could be satisfied by referring the requesting party to published information, the enterprise would be able to do so.
An information request would be able to be rejected if it is too broadly formulated or provides an inadequate basis for identifying the information to which the request applies. In addition, an enterprise would be able to reject an information request for any of the following reasons:
- The request is clearly unreasonable;
- It concerns information about an individual’s personal affairs; or
- The information requested relates to operational or commercial matters subject to legitimate confidentiality requirements, which may include business strategies, business concepts, formulae or production methods.
However, a request for information known to the enterprise about violations of fundamental human rights related to the enterprise and its supply chains would not be able to be rejected on the grounds described in the foregoing bulleted items.
If the enterprise rejects a request for information, it would be required to explain its justification for rejecting the request and provide the requesting person with information regarding the process for appealing the rejection to the Consumer Authority. The requesting person generally would be able to appeal the rejection until the earlier of three weeks after (1) receiving the rejection and (2) if a response to the request was not received, the date that is two months after the request was received by the enterprise.
The Consumer Authority and the Market Council would be charged with monitoring compliance with the Act. The Consumer Authority and Market Council would determine penalties for failure to comply with the Act. Under the proposed Act, the applicable ministry may adopt more detailed rules governing penalties for non-compliance.
About our Practice
Ropes & Gray has a leading ESG, CSR and supply chain compliance practice. We offer clients a comprehensive approach to ESG, CSR and supply chain compliance through a global team with members in the United States, Europe and Asia. In addition, senior members of the practice have advised on ESG, CSR and supply chain compliance matters for almost 30 years, enabling us to provide a long-term perspective that few firms can match.
For further information on the practice, click here.
Please click here to visit our CSR and Supply Chain Compliance website.