The ESG Blind Spot: How AI Is Finding Risks in Companies Nobody Else Is Watching

Norway's $2.2 trillion sovereign wealth fund now uses AI to screen portfolio companies for forced labor, corruption, and fraud within 24 hours of investment. The real story isn't the technology. It's what the fund found when it started looking at small-cap companies in emerging markets that data vendors barely cover. For businesses and investors managing ESG risk in global supply chains, this shift has concrete implications.

What actually happened

On February 26, 2026, Norges Bank Investment Management (NBIM) published its annual responsible investment report. Buried in the details was something worth paying attention to: since 2025, the fund has used large language models to screen every new company that enters its equity portfolio on the same day it's added.

The fund holds stakes in roughly 7,200 companies worldwide and owns about 1.5% of all publicly listed stocks. When the FTSE Global All Cap index adds a company, NBIM has to buy it. The question has always been whether that company has links to forced labor, corruption, or fraud. Until recently, the answer depended on whether a data vendor happened to cover it.

According to Reuters, NBIM's AI tools now flag potential risks within 24 hours. The fund reported that "in multiple instances, we identified and sold these investments before the broader market reacted to the risks, avoiding potential losses."

The coverage gap problem

This is the part that matters for anyone managing a global portfolio or supply chain. Most ESG data vendors focus on large-cap companies in developed markets. A mid-size manufacturer in Southeast Asia or a mining operation in Central Africa? The odds of a data vendor maintaining a detailed ESG profile are low.

NBIM said it plainly: "News may be limited to small media outlets in local languages, and controversies suggesting systemic failures in risk management may go unreported in international media." Translation: the existing ESG data infrastructure has a massive hole in it.

Supply chain risk doesn't stay contained. A forced labor finding at a third-tier supplier in a country you've never visited can become a front-page story that damages your brand, triggers regulatory action, and tanks your stock price. The companies most likely to have these problems are the ones least likely to appear in a MSCI or Sustainalytics report.

What AI actually does here (and what it doesn't)

Let's be specific. The fund uses large language models to scan public information — news articles, regulatory filings, court documents, local media — in multiple languages, faster than human analysts can. The AI flags potential issues. Humans then investigate.

This is not AI making investment decisions. It's AI doing the first pass on a problem that was previously handled by checking whatever database your ESG vendor maintained. The difference is coverage and speed. A human team reviewing 7,200 companies for emerging controversies would need dozens of analysts working full-time. An LLM can cover the same ground in hours.

The limitations are real. AI models can flag a news article about a corruption investigation, but they can't verify whether the allegation is credible or whether the company has taken corrective action. They can surface patterns in local-language media, but they can also misinterpret context or amplify rumors. NBIM hasn't published false positive rates, and that gap matters.

Why this goes beyond sovereign wealth funds

You don't have to manage $2.2 trillion to face this problem. Any company with international suppliers, contractors, or joint venture partners has the same blind spot NBIM identified.

Look at the regulatory direction. The EU's Corporate Sustainability Due Diligence Directive (even in its recently simplified form) still requires large companies to identify and address human rights and environmental risks across their value chains. U.S. Customs and Border Protection continues enforcing the Uyghur Forced Labor Prevention Act, which puts the burden on importers to prove their supply chains are clean. Canada's Fighting Against Forced Labour and Child Labour in Supply Chains Act took effect in 2024.

The common thread: regulators expect you to know what's happening in your supply chain, including the parts you can't easily see. Sending questionnaires to Tier 1 suppliers and hoping they're honest about Tier 2 and 3 has obvious problems.

What this looks like in practice

A mid-size U.S. company sourcing materials from multiple countries might have 50 to 200 direct suppliers and thousands of indirect ones. Running a basic AI screen on those suppliers — checking local news, regulatory databases, and court filings in the relevant languages — would have been prohibitively expensive three years ago. It's not anymore.

Several commercial tools now offer this kind of screening. Quality varies. But the approach NBIM described — LLMs scanning public information in local languages, flagging potential issues for human review — is something procurement teams at much smaller organizations can now implement.

The practical steps:

• Map your supply chain beyond Tier 1. You can't screen what you haven't identified.

• Run automated scans of public information for key suppliers, focusing on forced labor, environmental violations, and corruption — the areas with the highest regulatory exposure.

• Set up ongoing monitoring instead of annual reviews. NBIM's 24-hour screen works because it runs continuously. Annual audits miss things that develop between visits.

• Investigate flags with human judgment. AI finds the signal in the noise. People determine whether it's real.

The cost of not looking

NBIM reported that it sold positions before market reactions in "multiple instances." In a corporate context: if your competitor discovers a supplier's forced labor problem before you do, and you're both sourcing from the same factory, you're the one explaining to regulators why you didn't know.

The financial exposure is real. CBP detained or seized goods worth over $1.3 billion under the UFLPA in fiscal year 2024. Companies that couldn't demonstrate supply chain due diligence lost product, revenue, and time. Companies that had documentation ready got their goods released faster.

Beyond enforcement, consider the market signal NBIM is sending. When the world's largest sovereign wealth fund says it's using AI to find ESG risks that traditional screening misses — and selling positions based on what it finds — companies with undisclosed risks in their supply chains just lost some cover. Poor data coverage used to provide plausible deniability. That's eroding.

Where this goes from here

More institutional investors will adopt similar tools. Data vendors will expand their coverage or lose business. Companies in emerging markets that currently sit outside the ESG radar will face more scrutiny.

For businesses, the takeaway is simple: the gaps in ESG data coverage that used to shield you from scrutiny are closing. Whether you're an investor, a procurement officer, or a sustainability director, the question isn't whether to use AI for supply chain screening. It's how quickly you can get it running.

At Council Fire, we work with companies making exactly this kind of operational shift — turning new tools and regulations into real risk reduction. If your supply chain extends into markets where traditional ESG data falls short, get in touch.

FAQs

What AI tools is Norway's wealth fund using for ESG screening?

NBIM reported using large language models to scan publicly available information, including news, filings, and local media in multiple languages. Reports indicate the fund uses Anthropic's Claude model, among other tools. The AI flags potential links to forced labor, corruption, and fraud for human review.

Can smaller companies use AI for supply chain ESG screening?

Yes. Several commercial platforms now offer AI-powered supply chain screening at price points accessible to mid-size companies. The core approach — scanning public information in multiple languages and flagging risks for human investigation — works at any scale.

What regulations require supply chain due diligence?

The main ones affecting U.S. companies: the Uyghur Forced Labor Prevention Act (UFLPA), which requires importers to prove supply chains are free of forced labor from the Xinjiang region; the EU's Corporate Sustainability Due Diligence Directive, which applies to companies above certain size thresholds; and Canada's Fighting Against Forced Labour and Child Labour in Supply Chains Act, which requires annual reporting.

How does AI-powered ESG screening differ from traditional methods?

Traditional ESG screening relies on data vendors who primarily cover large-cap companies in developed markets. AI screening processes information from local-language media, smaller publications, and regulatory databases that vendors typically don't monitor. The main advantage is coverage of small and mid-cap companies in emerging markets.