Article , Whitepaper

The Ultimate Guide to Åpenhetsloven

Legislation is rapidly being introduced by countries and trading blocs to improve human rights and help address the planet’s environmental issues. Organisations worldwide are slowly being scooped up by a metaphorical regulatory net that requires them to assess the potential for human rights and environmental risks within their supply chains and report on what they are proactively doing to address them.
Across the entire end-to-end process, from the finished product to the metals, minerals and other raw materials that are required to make them, companies must now demonstrate a clear understanding of the impact they are having on people and the planet. and demonstrate their approach.

In more and more of the world, ethical business and business as a force for good is now not only a way of differentiating or a way of meeting increasingly discerning consumer expectations, it’s a regulatory issue with financial penalties for doing it wrong.

In this latest Achilles Ultimate Guide, we take a detailed look at the Norwegian Transparency Act (Åpenhetsloven), who it applies to, what it means to those organisations (and their suppliers) that need to comply and provide advice on how to get started based on our own experience of supporting organisations with supply chain risk assessment and compliance gained for more than 30 years.

You may also be interested in:

What is Åpenhetsloven? 

Åpenhetsloven is a Norwegian word that translates to “Transparency Act” in English.

Åpenhetsloven is a law passed by the Norwegian Parliament in June 2021. It requires companies to take responsibility for human rights and decent working conditions in connection with producing goods and services in their supply chains.

Under the Åpenhetsloven legislation, companies are required to identify and address potential risks to human rights in their supply chains, including risks related to child labour and forced labour. Where risks haven’t been identified, companies must substantiate their claims by demonstrating robust due diligence to identify potential human rights violations. Where the company’s due diligence activities have identified risks, they must put in place measures to prevent or mitigate these risks, such as conducting regular audits and implementing corrective action plans.

The law applies to companies in a wide range of industries, including energy, manufacturing, construction, clothing, and food and beverage. Failure to comply with the law can result in punitive fines.

Åpenhetsloven draws upon international guidelines such as the OECD Guidelines for Multinational Enterprises and human rights conventions defined by the International Labour Organisation (ILO) and is part of a growing trend towards greater corporate responsibility for human rights and the environment in global supply chains. Several other countries, including Germany, France and the Netherlands, have also implemented similar laws in recent years.


Why is Åpenhetsloven important? 

Åpenhetsloven is important for several reasons: 

  • Protection of Human Rights: The law is designed to protect human rights by requiring companies to identify and address potential risks in their supply chains, including forced labour, child labour, and other forms of exploitation. By ensuring that companies are held accountable for human rights abuses in their supply chains, the law helps to protect vulnerable workers and communities around the world. 
  • Responsible Business Conduct: The law promotes responsible business conduct by requiring companies to comply with ethical business practices in their supply chains, including respecting intellectual property rights, combating corruption and bribery, and ensuring fair competition. This helps to create a level playing field for companies and promotes sustainable economic development. 
  • International Norms: The law is consistent with international norms on business and human rights, including the United Nations Guiding Principles on Business and Human Rights. By aligning with these norms, the law helps to promote a common understanding of the responsibilities of companies in relation to human rights and the environment. 

Overall, Åpenhetsloven helps to promote sustainable and responsible business practices, protect human rights and create a more just and equitable global economy. 


Which organisations need to comply with Åpenhetsloven?

The new legislation applies to:

  • Larger companies that are based in Norway and offer goods and services in or outside Norway
  • Larger foreign companies that offer goods and services in Norway and are taxable in Norway under internal Norwegian legislation

The Transparency Act defines larger companies as:

  • Enterprises that fall into the definition provided by the Accounting Act (Regnskapsloven) §1-5, such as public limited companies, listed companies, and other entities liable for accounting
  • Enterprises that, on the date of financial statements, exceed the threshold for two of the following three conditions:
  • An annual turnover of at least NOK 70 million (€ 6.92M / US $7.4M)
  • A balance sheet total of at least NOK 35 million (€ 3.46M / US $3.7M)
  • An average number of at least 50 full-time employees in the financial year (or equivalent annual man-hours)

Effectively, this includes all enterprises that are not defined as “small” under Sections 1-6 under the Accounting Act in Norway.

When assessing whether a business exceeds these thresholds, a group of parent and subsidiary companies must be considered as one unit, provided that the parent company is located in Norway and regardless of whether the subsidiaries are registered in or outside Norway.

Over 9000 companies operating in Norway are understood to be subject to the act.


What does the act encompass?

Risk areas covered by the Act are based on International Standards and guidance documents such as the ILO Fundamental Conventions, OECD Due Diligence Guidelines for Responsible Business Conduct and UN Guiding Principles on Business and Human Rights.
The Åpenhetsloven covers a broad range of risks related to human rights in global supply chains and requires companies to identify and address potential risks in the following areas:

  • Human rights: The law requires companies to prevent and address human rights violations in their supply chains, including forced labour, child labour, discrimination, and violations of the rights of indigenous peoples.
  • Working conditions: The law requires companies to take steps to ensure decent working conditions for the people employed across their supply chains.

The law is designed to promote responsible business conduct and prevent harm to people across global supply chains. It reflects a growing recognition of the need for companies to take responsibility for their supply chains and ensure that their business practices are sustainable and ethical.

Under the Act, companies are required to ensure they have adopted risk-based processes to identify, assess, prevent and remediate risks that are identified within their supply chain. Risk-based processes may include measures such as supply chain mapping, audit and introduction of grievance reporting mechanisms.

As the name suggests, a fundamental aspect of Åpenhetsloven is transparency and the ability for investors, customers, and business partners to have access to the information needed to make fully informed decisions. For this reason, Åpenhetsloven incorporates the right of every person to request any company’s information regarding how they address actual and potential adverse impacts pursuant. Under the Act, companies are obliged to provide the information no later than three weeks after the request. However, companies do have the right to deny requests for information if the request doesn’t provide a sufficient basis for identifying what the request concerns, is clearly unreasonable, or related to personal or competitive data.


What are the reporting requirements?

Åpenhetsloven imposes reporting requirements on companies.

The Norwegian Consumer Authority is responsible for ensuring that businesses directly affected by the Transparency Act comply with their obligations. The law requires companies to conduct a due diligence assessment, publish a Transparency Report, and provide information on how the business complies with fundamental human rights and decent working conditions.

Companies are required to publish an annual report on their due diligence assessments on their website – no later than the 30th of June each year. The purpose is to ensure public access to the company’s due diligence efforts and action plans. To comply with this demand, the report must, as a minimum, include the following:

  • A general description of the company’s structure, area of operations, guidelines, and procedures for handling actual and potential adverse impacts on fundamental human rights and decent working conditions;
  • Provide information regarding actual adverse impacts and significant risks of adverse impacts that the enterprise has identified through its due diligence;
  • Information regarding measures the enterprise has implemented or plans to implement to cease actual adverse impacts or mitigate significant risks of adverse impacts, and the results or expected results of these measures.


What happens if a company fails to comply with Apenhetsloven?

Companies that fall under the requirements of the Act will be responsible for ensuring that they have appropriate processes in place to identify, remediate and report on any human rights issues within their supply chain.

Failure to comply may result in a company being fined up to 4% of the company’s annual turnover or 25 million Kroner, with the highest amount to be applied.

When determining the size of the fine, factors such as the severity of the violation, whether it was preventable, whether the violation of the Transparency Act was committed to promoting one’s own interests, and the preventive effect of such a fine will be taken into account.


What are the benefits of compliance?

Overall, complying with Åpenhetsloven can bring significant benefits to organizations, including improved reputation, reduced risk, increased efficiency, competitive advantage, and long-term sustainability.

  • Improved Reputation: Complying with the law can help improve an organization’s reputation as a responsible and ethical business. By taking steps to prevent human rights abuses and environmental damage in their supply chains, organizations can enhance their brand image and increase customer loyalty.
  • Reduced Risk: Compliance with the law can help reduce the risk of legal action, fines, and reputational damage. By identifying and addressing potential risks in their supply chains, organizations can minimize the likelihood of human rights abuses occurring and mitigate any negative impacts.
  • Increased Efficiency: Compliance with the law can help increase the efficiency of supply chain management. By implementing due diligence measures and monitoring suppliers, organizations can identify areas for improvement and optimize their supply chain operations.
  • Competitive Advantage: Compliance with the law can provide a competitive advantage by demonstrating a commitment to responsible business practices. This can help organizations attract and retain customers, investors, and employees who prioritize sustainability and ethical business practices.
  • Long-Term Sustainability: Compliance with the law can contribute to the long-term sustainability of an organization’s operations. By taking steps to ensure the health and safety of workers, organizations can promote the well-being of their employees and the communities in which they operate.


What is involved in taking a risk-based approach to supply chain due diligence?

The risk-based approach is a fundamental principle of the Åpenhetsloven, which requires companies to identify and address potential risks in their supply chains related to human rights. The law mandates that companies must take a proactive approach to risk management, rather than simply reacting to incidents after they occur.

The key steps to a risk-based approach to supply chain management to comply with the Åpenhetsloven are:

  • Identify and Prioritize Risks: The first step is to identify potential risks in the supply chain, such as forced labour and child labour. Companies should prioritize risks based on their severity and likelihood of occurring.
  • Conduct Due Diligence: Once risks are identified, companies should conduct due diligence on their suppliers to assess their compliance with relevant laws and standards. This may include conducting audits, site visits, or engaging with stakeholders.
  • Mitigate Risks: Companies must take steps to mitigate identified risks in their supply chains. This may involve engaging with suppliers to address non-compliance, terminating relationships with non-compliant suppliers, or providing training and capacity building.
  • Monitor and Review: Companies should continuously monitor their supply chains for potential risks and review their risk management processes to ensure they are effective. This may involve regular supplier audits or conducting risk assessments in response to changing circumstances.
  • Reporting: Companies must report on their due diligence processes and outcomes, including the identification and mitigation of risks. The law requires companies to provide public reports on their compliance with the law.

Overall, by taking a risk-based approach, companies can identify and address potential risks in their supply chains, promote responsible business conduct, and ensure compliance with the Åpenhetsloven. This approach helps companies to minimize potential harm to people in their supply chains and promote sustainable business practices.


How to get started on the path to compliance?

Getting started with Åpenhetsloven compliance can be a complex process, but there are several steps that companies can take to begin their compliance journey:

  • Assess Your Supply Chain: The first step is to assess your supply chain to identify potential risks related to human rights standards. This includes identifying suppliers and subcontractors and evaluating their adherence to international standards and regulations.
  • Develop a Due Diligence Policy: Companies should develop a due diligence policy that outlines the processes and measures they will take to mitigate risks in their supply chains. This policy should be aligned with the requirements of the law and should be communicated to all relevant stakeholders.
  • Implement Due Diligence Measures: Companies should implement due diligence measures to identify and mitigate risks in their supply chains. This includes conducting risk assessments, engaging with suppliers to ensure compliance, and implementing risk mitigation measures where necessary.
  • Monitor and Evaluate Performance: Companies should monitor and evaluate the performance of their due diligence measures to ensure that they are effective in mitigating risks in their supply chains. This includes tracking supplier performance and conducting regular risk assessments.
  • Publish Annual Reports: Companies should publish annual reports on their compliance with the due diligence obligations under the law. These reports should include a description of due diligence processes, identified risks, risk mitigation measures, supplier engagement, remedy measures, verification measures, grievance mechanisms, transparency, and management approach.
  • Engage with Stakeholders: Companies should engage with stakeholders, including customers, investors, civil society organizations, and affected communities, to understand their concerns and expectations related to supply chain due diligence.
  • Seek External Support: Companies can seek external support from consultants, auditors, and other experts to help them comply with the requirements of the law.

In summary, getting started with Åpenhetsloven compliance requires a comprehensive approach that includes assessing the supply chain, developing a due diligence policy, implementing due diligence measures, monitoring and evaluating performance, publishing annual reports, engaging with stakeholders, and seeking external support where necessary.


Challenges of achieving Åpenhetsloven compliance

Organisations working towards and achieving compliance with the Åpenhetsloven face a number of challenges. These include:

  • Supply Chain Complexity: Many companies have complex and extensive supply chains, with numerous tiers of suppliers. Identifying and assessing risks throughout the entire supply chain can be challenging and resource-intensive.
  • Data collection: Data required to comply goes beyond regular operational boundaries. Data sources with questionable provenance, accuracy and interpretation often become primary sources of information which undermine the basis for the reporting. Data may also be in multiple data formats and there is often an absence of systems to record data in a methodical way that can be used to demonstrate a risk-based approach.
  • The veracity of data: Web-scraped or AI-generated data from sources of unknown provenance lacks the scrutiny necessary to fully understand the risks. Organisations rarely have the resources to undertake credible data checking or independent verification required to report with confidence.
  • Lack of Transparency: Many suppliers may be unwilling or unable to provide full transparency in their operations, making it difficult to identify and address risks.
  • Limited Capacity: Many suppliers may lack the capacity or resources to implement the necessary improvements to comply with the law. This can create additional costs for companies that may need to invest in capacity-building or seek alternative suppliers.
  • Cost of Compliance: Complying with the law can be expensive, especially for small and medium-sized companies. The cost of conducting due diligence, monitoring suppliers, and implementing risk mitigation measures can be significant.
  • Knowing what is enough: Understanding what is required to satisfy the regulators and ensure compliance.
  • Legal Liability: Non-compliance with the law can result in legal liability, including fines and legal action. This can create additional risk for companies, particularly if they are unable to identify and address potential risks in their supply chains.
  • Coordination with Suppliers: Collaboration with suppliers is essential to implement due diligence processes effectively. However, engaging with suppliers can be challenging, especially if they are located in different countries with different cultural and legal frameworks.
  • Time Constraints: Companies may struggle to implement effective due diligence processes within the required timeframe. The law requires companies to implement due diligence processes within a specific timeframe, and non-compliance can result in legal liability.



Åpenhetsloven is a significant development in Norway’s approach to supply chain regulation. This law requires companies to conduct due diligence throughout their supply chains to prevent human rights abuses. It applies to large companies, including those based outside of Norway, and can result in fines for non-compliance.

This law marks an important step towards a more responsible and sustainable global economy. While the risk-based approach specified by Åpenhetsloven may present some challenges for businesses, it is a necessary measure to effectively address the negative impact that supply chains can have on people and the planet. As other countries consider similar legislation, it is likely that supply chain transparency and accountability will become increasingly important in the global marketplace.

The Åpenhetsloven is a positive development that has the potential to create a more ethical and sustainable supply chain ecosystem. By prioritizing the well-being of workers, and communities, companies can build a stronger and more resilient global economy for the future.


About Achilles

For over 30 years, Achilles has protected organisations’ business interests and reputations by providing unrivalled levels of supply chain transparency, carbon reduction and management. We are the ESG and carbon management partner of choice for the world’s leading global brands.

Achilles specialises in supporting customers that require truly robust environmental, social and governance reporting to fully comply with ESG regulation, meet investor requirements and achieve their own ambitious sustainability goals. We work with market-leading financial, industrial, commercial and governmental organisations requiring the serious, detailed analysis and expert insight necessary to deliver exceptional reporting confidence and positive social impact.

Operating from 17 locations worldwide, Achilles is at the forefront of the battle against climate change, a champion for social justice and human rights, and an expert in health, safety, and risk management.


How Achilles helps companies to comply with Åpenhetsloven:

Achilles works on behalf of organisations that require comprehensive supply chain due diligence solutions and detailed data insight necessary to comply with the Åpenhetsloven and other international supply chain legislative obligations.

Achilles services include:

  • Supply Chain Evaluation – We collect and assess data from a wide range of sources including (but not limited to) documentation from your suppliers, publicly accessible and historical information from the internet and investigation reports from NGOs and charities. Uniquely, our Åpenhetsloven questionnaire also incorporates information captured from our extensive, global, in-person audit programme, and the voices of workers gathered over many years of interviews in similar industries and regions to paint a full picture of your supply chain risk.
  • Risk Assessment – Detailed supply chain evaluation enables us to undertake a “broad scoping exercise” to create a high-level picture of risks that may be hidden within the supply chain. This broad, multi-disciplined approach is integral to successful supply chain due diligence and key for organisations that need to be able to demonstrate to regulatory authorities in Norway and beyond that they understand their risks and have “done enough” to mitigate them.
  • Due Diligence – Delivering thousands of audits (both desktop and site) every year, our teams of highly skilled audit personnel are strategically situated across the globe to interrogate documentation, physically inspect workplaces and confidentially speak with individuals who may be subject to unethical employment practices or human rights violations.
  • Remediation and Reporting – Committed to continually improving international supply chains, Achilles drives continual improvement through the tracking of audit report findings and remediation actions within the supply chain. Analysis supported by Achilles Data Scientists gives you the comprehensive supply chain data you require including the all-important legal disclosure.

Contact us to find out how Achilles can help you meet your Åpenhetsloven obligations.

Get great insights in your inbox every month