“The business of business is responsibility.”
This oft-attributed motto from Milton Friedman now resonates differently. In today’s interconnected world, companies can't separate their operations from ethics. Staying compliant with laws like the Norwegian Transparency Act (åpenhetsloven) and CSDDD (The Corporate Sustainability Due Diligence Directive) requires embedding responsibility into every part of your supply chain.
The 2025 context — UNGPs at the heart of regulation
The UN Working Group on Business & Human Rights continues to promote the UNGPs (United Nations Guiding Principles on Business and Human Rights) around the world. Today, these principles are reflected in several binding laws:
- Norwegian Transparency Act builds directly on UNGPs and OECD Guidelines
- CSDDD, in force July 2024, follows the same frameworks
- In 2025, public procurement rules increasingly require due diligence aligned with UNGPs
Simply put: you can no longer pay lip service to human rights. In 2025, being compliant is non-negotiable.
Has the EU Omnibus package changed the relevance of UNGPs, and should you still care?
The short answer: Yes. The UN Guiding Principles remain the foundation, even as EU policymakers consider Omnibus simplification measures. Here's why:
- Focus narrowed, not removed. The Omnibus I package, proposed in early 2025, seeks to reduce due diligence scope under the CSDDD. It suggests delaying implementation timelines, limiting mandatory checks to Tier 1 suppliers only, and extending the assessment cycle from annually to every five years.
- Concerns about rollback. Human rights experts from the UN Working Group directly warned that this shift “undermines the comprehensive approach that the UNGPs require”NGOs and academics have echoed concerns about weakening accountability, reducing transparency, and excluding indirect impacts — actions that conflict with UNGP expectations
- Regulatory uncertainty, and why action still matters. Omnibus proposals aren't final yet—they still require formal adoption by the European Parliament and the Council Meanwhile, many companies and regulators continue preparing for full-scope compliance (UNGPs + CSDDD) as originally intended.
- Market expectations remain high. Even if laws are softened, investors, NGOs, and global partners still expect Tier 2+ visibility and risk mitigation. Companies that narrow focus too much risk gaps in governance and reputation — and may struggle to win tenders or financing.
While the Omnibus package may reduce regulatory requirements on paper, the UN Guiding Principles remain the global benchmark for responsible business conduct. Adhering fully to their approach remains the safest, and smartest, choice for building resilient supply chains, safeguarding reputation, and staying ahead of shifting rules.
The three pillars of the UN Guiding Principles (updated 2025)
The UNGPs remain structured around their original three pillars, each with real-world relevance today:
1. State obligation to protect human rights
Governments must create and enforce effective laws protecting human rights. The Transparency Act, with its unique right to request information, is a groundbreaking example, and the first fine has already been issued (NOK 450,000) for non-compliance.
2. Corporate responsibility to respect human rights
Companies must:
- Avoid causing or contributing to human rights violations
- Conduct ongoing, proportionate due diligence across supply chains
- Act when risks are identified, not just when violations are publicised
- Adopt a risk-based approach in line with OECD (Organisation for Economic Co-operation and Development)) due diligence guidance
This pillar lies at the center of Transparency Act and CSDDD requirements, and is now expected from global suppliers.
3. Access to remedy
Both states and businesses must offer accessible ways for victims to raise grievances, including courts, mediation, or company-led channels. The effectiveness of these mechanisms is increasingly a focus of audits and enforcement.
What’s changed in 2025, the state of business & human rights regulation
Key developments this year include:
- Transparency Act fine issued, enforcement is real
- CSDDD is now enforceable, companies subject to EU thresholds must comply from July 2024
- Ongoing OECD updates, the 2023 revision reinforces due diligence on climate, biodiversity, and new tech like AI
- Calls for AI governance under UNGPs, the UN Working Group is seeking input on AI’s human rights impact
- New national action plans (NAPs): eg. the US updated its NAP in March 2024
All signs point to increasing enforcement, deeper scrutiny, and tighter compliance expectations.
Why supply chain visibility matters now more than ever
Your ability to trace and map supply chain risks, from raw materials at Tier 3, to final distribution, is a compliance necessity.
Without a structured and risk-based approach to due diligence, businesses now risk:
- Fines and legal challenges
- Losing tenders or investor funding
- Reputational damage
- Inability to access procurement and financing markets
How Factlines helps you operationalise UNGPs at scale
Factlines’ SRM and Chain Survey platform directly supports Pillar 2 in a compliant, efficient way:
- Supplier mapping across multi-tier chains
- Built-in SAQs covering human rights, labour, environment, and AI governance
- Automated risk scoring aligned with OECD and UNGP frameworks
- Action tracking and documentation, ready for audits or public reporting
- Exportable, board-ready risk and compliance reports
No need for complex spreadsheets or expensive consultants, just a clear path to identify risk, act early, and prove compliance from year to year.
Take the next step, from principles to performance
If you’re seeking to align your business with the UNGPs and meet 2025 compliance demands, it's time to switch from awareness to action.
Book a demo
or
Request a free trial
to see how Factlines can help you build a risk-aware, compliant, and resilient supply chain that meets global standard, and builds trust from inside-out.