ESG Reporting for Data Centres: Scope 1, 2 & 3 Under AASB S2 and CSRD

ESG Reporting for Data Centres: Scope 1, 2, and 3 Under AASB S2 and CSRD

Data centres now sit at the centre of two converging forces: the global AI buildout and a wave of mandatory ESG disclosure laws. Electricity demand from data centres grew 17 percent in 2025, outpacing nearly every other sector, according to the International Energy Agency (IEA). At the same time, regulators across the EU, Australia, and the GCC have moved from voluntary reporting guidance to enforceable obligations.

For CFOs and sustainability leads at data centre operators, colocation providers, and hyperscale campus investors, this combination is not a future concern. It is a compliance deadline on the calendar.

This guide sets out exactly what Scope 1, 2, and 3 emissions mean for data centre operators, how Power Usage Effectiveness (PUE) fits into mandatory reporting frameworks, what the EU Energy Efficiency Directive (EED) and the Corporate Sustainability Reporting Directive (CSRD) require under ESRS E1, and how AASB S2 (Australian Sustainability Reporting Standard S2: Climate-related Disclosures) applies to Australian-based operators. It closes with a five-step readiness plan and an FAQ section structured around the questions regulators and investors are already asking.

Source: IEA, "Key Questions on Energy and AI," April 2026

Why Data Centres Are Under ESG Scrutiny Right Now

The AI Compute Surge Is Not Slowing Down

The five largest technology companies spent over USD 400 billion in capital expenditure in 2025. That figure is set to jump by another 75 percent in 2026. Much of that spending is directed at data centre construction and AI infrastructure. IEA satellite tracking shows that AI-focused data centres tripled in capacity over the 18 months preceding April 2026.

This pace is without precedent in energy infrastructure history. Global data centre electricity consumption is projected to double by 2030 to roughly 950 TWh, up from approximately 460 TWh in 2024. AI-focused facilities alone could see their power consumption triple over the same period.

Sources: IEA, "Data Centre Electricity Use Surged in 2025," April 2026 | IEA, "Energy and AI," April 2025

Why ESG Scrutiny Follows Energy Demand

The IEA estimates that data centres will reach roughly 1 percent of global CO2 emissions by 2030, and closer to 1.4 percent in a faster-growth scenario. This makes data centres one of the few sectors where emissions are projected to grow while most of the economy decarbonises.

In Ireland alone, data centres consume approximately 21 percent of national electricity, a figure the IEA estimated could rise to 32 percent by 2026. In the US state of Virginia, data centres account for 26 percent of electricity consumption. These concentrations draw direct regulatory attention.

Hyperscalers including AWS, Microsoft Azure, and Google have published net-zero commitments and Power Purchase Agreement (PPA) portfolios, but their customers and regulators are now demanding granular, third-party verified data rather than portfolio-level claims. The gap between what operators currently publish and what frameworks require is the central challenge for sustainability teams in 2026.

Sources: Carbon Brief, "Five Charts on Data Centre Energy Use," September 2025 | EU Energy Commission, "In Focus: Data Centres," November 2025

Scope 1, 2, and 3 Emissions: What They Mean for Data Centre Operators

The Greenhouse Gas (GHG) Protocol divides an organisation's carbon footprint into three scopes. For data centre operators, the distribution across those scopes differs markedly from most other sectors.

Scope 1: Direct Emissions

Scope 1 covers direct GHG emissions from sources owned or controlled by the reporting entity. For data centres, this category is typically narrow but should not be dismissed.

The main Scope 1 sources for data centre operators are:

• Diesel combustion in backup generators (tested regularly; triggered during grid outages)

• On-site gas-fired cooling or heating plant

• Refrigerant leakage from cooling infrastructure (HFCs carry global warming potential up to 1,000 times that of CO2)

• Any on-site fuel combustion for maintenance vehicles or facility equipment

Research from Schneider Electric estimates that Scope 1 represents just 0.2 to 0.5 percent of a data centre's total lifetime carbon footprint. The low number masks a real risk: refrigerant leakage is often unmeasured and undisclosed, yet an HFC leak from a large cooling system can represent hundreds of tonnes of CO2-equivalent in a single year.

Source: Schneider Electric / Data Centre Dynamics, "Demystifying Data Centre Scope 3 Carbon," July 2023

Scope 2: Purchased Electricity

Scope 2 is the largest or second-largest emissions category for most data centres, depending on the carbon intensity of the local grid and whether the operator holds renewable energy certificates (RECs) or PPAs.

Scope 2 emissions for data centres arise from:

• Electricity consumed by IT equipment: servers, storage, and networking hardware

• Electricity consumed by cooling infrastructure

• Electricity consumed by power distribution and UPS systems

• Shared facility loads including lighting, security, and ancillary systems

Across the lifetime of a typical data centre, Scope 2 accounts for between 31 and 61 percent of the total footprint. Under AASB S2 and CSRD's ESRS E1, operators must report both location-based and market-based Scope 2 figures separately. A market-based figure of zero, claimed on the basis of REC matching, does not satisfy either framework without disclosure of the number and quality of Energy Attribute Certificates (EACs) applied.

Hyperscalers that claim market-based Scope 2 of zero are increasingly being asked to provide the underlying EAC documentation by auditors and investors. An audit-ready evidence file requires more than a summary figure on the cover page of a sustainability report.

Sources: Computer Weekly, "What You Need to Know Before Emissions Regulators Come Knocking," April 2026 | Schneider Electric / DCD, July 2023

Scope 3: Value Chain Emissions

Scope 3 covers all indirect emissions across a data centre's value chain, both upstream and downstream. Research places Scope 3 at 38 to 69 percent of total lifetime carbon footprint, making it the single largest category for operators that have already decarbonised their grid supply.

The key Scope 3 categories for data centre operators are:

• Capital goods: the embodied carbon in servers, networking hardware, cooling equipment, and construction materials (typically the largest single Scope 3 driver)

• Purchased goods and services: emissions associated with indirect supply chain inputs

• Downstream customer emissions: electricity consumed by tenants in colocation facilities, or workloads of cloud customers on shared infrastructure

• Business travel and employee commuting

• Waste management: equipment disposal, e-waste recycling, and facility waste streams

• Water consumption: upstream processing of potable water generates indirect Scope 3 emissions

‍

The boundary question is sharp for colocation providers. The electricity consumed by a tenant's servers is technically the tenant's Scope 2 emission and the colocation operator's Scope 3 downstream emission. Both parties carry a disclosure obligation. Many current ESG reports at colocation providers omit downstream customer emissions entirely, which will not satisfy CSRD's ESRS E1 or AASB S2 from Year 2 of reporting.

Sources: Schneider Electric / DCD, "Demystifying Data Centre Scope 3 Carbon," July 2023 | Compass Datacenters, "Defining Scope 1, 2, 3 Emissions"

What Is PUE and Why Does It Matter for ESG Reporting?

Power Usage Effectiveness (PUE) is the primary energy efficiency metric for data centres. Defined in EN 50600-4-2 and ISO/IEC 30134-2, PUE is the ratio of total facility energy consumption to the energy consumed specifically by IT equipment.

A PUE of 1.0 would indicate perfect efficiency. In practice, cooling, power distribution, and other overhead push PUE above 1.0. The global average for hyperscale facilities sits closer to 1.3 to 1.5. Legacy enterprise data centres often run at 2.0 or above, meaning that for every watt running a server, another watt is spent on non-IT overhead.

PUE matters to ESG reporting for three distinct reasons. First, the EU Energy Efficiency Directive mandates PUE disclosure annually for all data centres with IT power demand of 500 kW or above. Second, CSRD's ESRS E1 requires disclosure of energy intensity and efficiency measures. Third, investors and hyperscale customers increasingly use PUE as a proxy for how seriously an operator manages its operational carbon.

A facility with a PUE of 1.8 consuming the same IT load as one with a PUE of 1.2 is burning roughly 50 percent more energy for the same compute output. That difference is visible in Scope 2 emissions and increasingly visible in hyperscale customer contracts that specify PUE performance thresholds.

Under the EU EED, PUE is one of four mandatory key performance indicators reported annually alongside Water Usage Effectiveness (WUE), Energy Reuse Factor (ERF), and Renewable Energy Factor (REF). These four metrics form the baseline evidence layer for any EU-based or EU-linked data centre ESG disclosure.

Source: EU EED Directive 2023/1791, Article 12 and Annex VII; EU Delegated Regulation 2024/1364 | Socomec, "EU EED: What New Rules Mean for Data Centres"

EU Energy Efficiency Directive: Mandatory Data Centre Reporting Since 2024

Who Must Report Under the EED

The EU Energy Efficiency Directive (Directive 2023/1791, recast) introduced binding reporting obligations for data centre operators in EU member states. The obligations apply to all data centres with an IT power demand of at least 500 kW. Defence-related facilities are exempt.

Data centres exceeding 1 MW of IT power are also encouraged to adopt the best practices set out in the EU Code of Conduct on Data Centre Energy Efficiency, referenced directly in the EU Taxonomy Delegated Act for climate mitigation.

What Must Be Reported and When

The first reports under the EED were due to the European database by 15 September 2024. Annual reporting continues, with subsequent submissions due by 15 May each year. Operators unable to report through a national system may report directly to the EU database.

The mandatory annual disclosure set includes:

• PUE: Power Usage Effectiveness, measured under EN 50600-4-2

• WUE: Water Usage Effectiveness

• ERF: Energy Reuse Factor, reflecting heat recovery and reuse

• REF: Renewable Energy Factor

• IT power demand and total facility energy consumption

• Floor area and installed IT power capacity

• Temperature set points and cooling approach

• Data volumes handled

• ICT equipment inventory (for equipment installed after June 2024, mandatory from 2025 reporting cycle)

Aggregated results are published at EU and member state level. The European Commission has signalled it will use the accumulated data to assess whether minimum performance standards or a labelling scheme are warranted. The Commission's Data Centre Energy Efficiency Package, expected alongside the Digitalisation and AI Strategy Roadmap, is the next regulatory pressure point.

Sources: EUDCA, "Energy Efficiency Directive" | CMS Law, "European Publication Obligations for Data Centres," March 2026 | Danfoss, "Data Centre Policies in the EU"

How EED Reporting Connects to CSRD

The EED and CSRD are separate legal obligations but use overlapping data sets. A data centre already reporting PUE, energy consumption, and renewable energy share under the EED has most of the underlying data required for ESRS E1 energy and resource use disclosures. The gap between EED compliance and CSRD compliance lies in the framing: CSRD requires contextualisation of that data within a double materiality assessment, a transition plan, and forward-looking scenario analysis.

ESRS E1, the climate standard within CSRD, covers transition plans, Scope 1 through Scope 3 GHG emissions, and the anticipated financial effects of physical and transition climate risks. Under the post-Omnibus CSRD scope (companies with 1,000 or more employees and EUR 450 million or more in turnover, for financial years starting from January 2027), most large data centre operators and colocation groups operating in Europe will be in scope.

A data centre operator that treats EED compliance as sufficient for investor and customer sustainability disclosures is taking a significant risk. EED reports are operational metrics. CSRD and ISSB-aligned reports are financial disclosures with director liability attached.

Sources: BSI Group, "ESRS E1 Applicability and Transitional Reliefs," April 2026 | Coolset, "ESRS E1 Climate Reporting: What Changes Under the Amended ESRS," 2026

AASB S2: What Australian Data Centre Operators Must Disclose

AASB S2 (Australian Sustainability Reporting Standard S2: Climate-related Disclosures) is mandatory under the Corporations Act 2001, administered by the Australian Securities and Investments Commission (ASIC). It is Australia's local equivalent of IFRS S2, issued by the International Sustainability Standards Board (ISSB), and carries the same legal weight as financial reporting obligations.

Who Is In Scope and When

Reporting is phased across three groups:

• Group 1: Large listed entities and NGER-reporting entities. Reporting from annual periods beginning on or after 1 January 2025. First reports for most Group 1 entities due in the first half of 2026.

• Group 2: Medium entities meeting two of three thresholds: revenue of AUD 200 million or more, gross assets of AUD 500 million or more, or 250 or more employees. Reporting from 1 July 2026. First sustainability reports due in late 2027.

• Group 3: Smaller entities. Reporting from 1 July 2027.

A mid-size Australian colocation operator with AUD 250 million in revenue, 300 staff, and AUD 600 million in assets falls squarely within Group 2. The transition period does not mean preparation can wait: systems, data collection processes, and baseline emissions inventories must be in place from 1 July 2026.

Sources: AASB, "AASB S2 Published," October 2024 | PwC Australia, "Mandatory Climate Reporting" | Eco-Shaper, "AASB S2 Group 2," March 2026

What AASB S2 Requires Data Centres to Disclose

AASB S2 follows the four-pillar TCFD (Task Force on Climate-related Financial Disclosures) structure: governance, strategy, risk management, and metrics and targets. For data centre operators, the most substantive requirements fall under metrics and targets.

Required disclosures under AASB S2 include:

• Gross Scope 1, Scope 2 (both location-based and market-based), and Scope 3 GHG emissions, separately reported and not netted against offsets

• Climate-related risks and opportunities with defined time horizons (short, medium, long)

• Scenario analysis covering at least one 1.5 degree C-consistent pathway

• A climate transition plan with interim targets and capital allocation alignment

• Governance disclosures: board oversight of climate risk, management roles, and accountability

• The financial effects of climate-related risks: anticipated costs, revenue impacts, and asset write-downs

The Scope 3 obligation has transitional relief in Year 1. Australian Group 2 operators are not required to disclose Scope 3 in their first reporting year. From Year 2 onward, Scope 3 is mandatory. Given the complexity of measuring downstream customer emissions for colocation providers, starting that measurement programme from the first day of the reporting period is the only path to meeting Year 2 obligations with defensible data.

Liability and Assurance

False or misleading climate disclosures under AASB S2 carry fines of up to AUD 15 million or 10 percent of annual turnover, whichever is greater. Directors face personal liability from the first reporting period for Scope 1, Scope 2, and governance disclosures. The three-year modified liability period applies only to Scope 3, scenario analysis, and transition plans.

External assurance is required from the first reporting period. Limited assurance applies initially, with a trajectory toward reasonable assurance over all climate disclosures by financial years starting on or after 1 July 2030. For a data centre operator, this means emissions measurement methodology, metering infrastructure, and data lineage must be audit-ready, not just internally consistent.

Sources: Eco-Shaper, "AASB S2 Group 2," March 2026 | Cority, "AASB S2 Compliance Guide," April 2026

The NGER Connection

Many large Australian data centre operators already report under the National Greenhouse and Energy Reporting Act 2007 (NGER), administered by the Clean Energy Regulator. NGER data is a significant input for AASB S2 Scope 1 and Scope 2 disclosures, but NGER reporting and AASB S2 are not equivalent.

NGER covers GHG emissions and energy production or consumption above specified thresholds. AASB S2 goes further: it requires governance disclosures, scenario analysis, a forward-looking transition plan, and the financial effects of climate risk. NGER compliance provides the emissions data. AASB S2 requires that data to sit within a broader strategic and financial narrative that ASIC will scrutinise.

GCC Data Centres: ESG Reporting Enters the Mandatory Zone

Data centre investment across the Gulf Cooperation Council (GCC) has grown sharply, driven by national digital transformation programmes. Saudi Arabia's Vision 2030 has targeted over USD 18 billion in data centre investment. The UAE has positioned itself as the regional hub for hyperscale infrastructure, and both countries are now embedding ESG reporting obligations that operators can no longer treat as voluntary.

For data centre operators and investors working across the GCC, understanding regional ESG disclosure requirements is a pre-condition for accessing institutional capital and hyperscale customer contracts. As detailed in  

For data centre operators and investors working across the GCC, regional ESG disclosure requirements are now a pre-condition for accessing institutional capital and hyperscale customer contracts. Spectreco's analysis of the UAE ESG compliance landscape sets out why these requirements are entity-specific and cannot be satisfied by group-level estimates: UAE ESG Compliance: What the 30 May 2026 Deadline Means for GCC Businesses.

UAE: ISSB-Aligned Reporting from FY2026

The UAE Securities and Commodities Authority (SCA) has mandated ISSB-aligned ESG reporting for listed companies, with expectations tightening toward IFRS S1 and S2 from FY2026. The Ministry of Climate Change and Environment (MOCCAE) requires entity-specific GHG data submissions. Data centre operators listed or operating through UAE entities should treat the 2026 reporting cycle as the baseline year that investors and regulators will reference going forward.

Saudi Arabia, Qatar, and the Wider GCC

Saudi Arabia's Tadawul stock exchange has moved from voluntary guidance toward mandatory ISSB-aligned expectations. Qatar's Central Bank (QCB) and the Qatar Financial Centre Regulatory Authority (QFCRA) have issued binding frameworks for financial institutions, including QFC-authorised data infrastructure investors, from January 2026. Oman's Muscat Stock Exchange achieved 100 percent compliance with its mandatory GRI-aligned ESG cycle in 2025.

GCC sustainable bond issuance reached approximately USD 20 to 25 billion in 2026, according to S&P Global. Data centre operators raising green debt or pursuing sustainability-linked loans across the region face covenant-level pressure to maintain credible, third-party verified ESG disclosures aligned with ISSB standards.

Sources: Addleshaw Goddard, "Future of Data Centres in the GCC," 2025 | Anthesis Group, "Mandatory Sustainability Reporting in the Middle East," December 2025 | Oren, "GCC ESG Regulations Guide," April 2026 | Spectreco, "UAE ESG Compliance: What the 30 May 2026 Deadline Means for GCC Businesses," May 2026

Five-Step Data Centre ESG Reporting Readiness Plan

The steps below follow HowTo schema structure. Each step is sequential. Skipping Step 2 and jumping to Step 4 is the most common failure pattern in first-year reporting.

Step 1: Determine Your Regulatory Scope and Group

Identify which frameworks apply based on where the entity is incorporated, where it operates, where its parent is listed, and the size thresholds for each jurisdiction. An Australian colocation operator with a Singapore parent and European enterprise customers may face AASB S2, CSRD value-chain disclosure obligations, and EU EED reporting simultaneously. Mapping this early prevents the cost of building three separate disclosure processes.

Step 2: Build a Metered Emissions Baseline Across All Three Scopes

Install or verify sub-metering at facility level to capture IT load separately from total facility consumption. This is the foundation for PUE calculation and the basis of location-based Scope 2 disclosure. Inventory all Scope 1 sources: diesel fuel consumption from generator testing, refrigerant types and quantities, and any on-site combustion plant. Begin collecting Scope 3 data: hardware capital goods invoicing, water consumption, waste data, and downstream customer energy data from tenant agreements or metered allocations.

Step 3: Calculate PUE and Benchmark Against Regulatory Thresholds

Calculate annual PUE under EN 50600-4-2. Compare against the EU Code of Conduct benchmarks and your peer group. A PUE above 1.6 at a facility subject to EU EED reporting is an audit flag and a potential trigger for the minimum performance standards the European Commission is expected to introduce. PUE also feeds directly into energy intensity disclosures required under ESRS E1 and AASB S2 metrics.

Step 4: Map Data to Framework Requirements and Identify Gaps

Run the collected data against the specific disclosure requirements of your applicable frameworks. For AASB S2 Group 2 reporters: which Scope 1, 2, and governance data points are ready for audit? Where are the gaps in data lineage, methodology documentation, or third-party verification? For CSRD in-scope operators: has a double materiality assessment been completed? Are Scope 3 Category 1 (capital goods) and downstream tenant usage included? Build a gap register before the reporting period opens.

Step 5: Implement a Single-Source Reporting Architecture

Spreadsheet-based carbon tracking will not survive assurance review. A data centre operator with multiple facilities, mixed ownership structures, and customers across jurisdictions needs a platform that ingests operational data from building management systems, utility feeds, and tenant metering, and maps those inputs automatically to AASB S2, CSRD/ESRS E1, EU EED, and GCC frameworks simultaneously.

Spectreco's ESG reporting platform is purpose-built for this architecture, covering data centres as a named sector with real-time metering integrations and multi-framework disclosure generation. See how Spectreco handles data centre ESG reporting.

Frequently Asked Questions

‍

Ready to Build an Audit-Ready ESG Reporting Programme for Your Data Centre?

Spectreco, an ESG technology and advisory firm with offices in Atlanta, London, Lisbon, and Lahore, works with data centre operators, colocation providers, hyperscale campus investors, and digital infrastructure funds to build reporting programmes that are audit-ready from day one.

Our platform ingests real-time operational data from building management systems, utility feeds, and tenant metering, maps it to AASB S2, CSRD/ESRS E1, EU EED, and GCC frameworks simultaneously, and generates investor-grade disclosures with full data lineage for external assurance.

For data centres at the start of their ESG reporting journey, we run a rapid readiness assessment that identifies Scope 1, 2, and 3 gaps, reviews PUE metering infrastructure, and produces a 90-day action plan aligned to your first mandatory reporting period.

Talk to the Spectreco team about your data centre ESG reporting obligations.

Or explore how the Spectreco platform handles multi-framework ESG reporting for data centres.