Should IT Reporting be Included in CSRD Reporting? A Case That Shouldn’t Be a Case
The new Corporate Sustainability Reporting Directive (CSRD) of the European Union in the field of corporate responsibility is a monumental step toward requiring companies to disclose their relevant environmental, social, and governance (ESG) impacts. But in the middle of the discord of renewed demands for carbon mitigation targets and socially fair policies, many organizations' CSRD reporting has one critical hole—it rarely takes information technology (IT) into account. That’s not just a simple oversight; it’s like forgetting the engine in your sustainability vehicle.
IT departments, across data centers, cloud computing, software development, and hardware procurement, have a massive environmental footprint and an undeniable stake in business continuity. When it comes to CSRD reporting, a lack of engagement with IT is not just a missed opportunity — it’s close to a willful negligence. Let’s take a look at why IT should have a seat at the CSRD table.
The Blind Spot of Double Materiality
CSRD mandates companies to take a double materiality approach — this means assessing not only how sustainability affects the company but how the company affects sustainability. However, many organizations consider IT in this assessment as a neutral or negligible entity, but nothing could be farther from the truth!
Look at data centers, for example. These facilities are voracious consumers of energy. A 2022 study estimated that worldwide data centers totaled approximately 200 terawatt-hours (TWh) of electricity consumption per year — almost 1% of global demand for electricity. In the EU, data centers consume between 1,8% and 2,6% of the total electricity. How can a company argue that it fully reports its environmental impact while ignoring an operation that’s swallowing gigawatts?
IT systems are not merely energy hungry beasts; they are also the enablers of efficiency or inefficiency. Excessive energy usage by poorly optimized code or inefficient hardware setups is like planting trees in the parking lot while allowing a diesel generator to run 24/7 in the basement — it’s not paying attention to the role of IT in sustainability. So, you’re undermining your own efforts.
The "Invisible" Environmental Footprint of IT
IT's environmental footprint includes more than just electricity consumption. Consider hardware. Every server, laptop, and smartphone has an embedded carbon cost — from the mining of rare earth minerals to energy-intensive processes in manufacturing. As per the United Nations, electronic waste (e-waste) is the fastest-growing waste stream in the world, with 53.6 million metric tons generated in 2019 alone. However, IT assets are yet seldom included in CSRD reporting or considerations.
This negligence sets off a domino effect. Without reporting, there’s no accountability and without accountability, there’s no incentive for sustainable practices like reusing or recycling devices, extending the lifecycles of the hardware, or sourcing ethically made products.
IT as the Centerpiece of Business Continuity
Apart from its environmental consequences, IT underpins the continuity of contemporary business. IT keeps business running, from cloud services to cybersecurity. Excluding IT from CSRD reporting harms the holistic approach to sustainability that the directive lays out. After all, what good is a business continuity plan if it’s not sustainable in and of itself?
Consider the retail sector or a transportation company, where shipments are booked online. Here, both sectors heavily rely on strong IT infrastructure. If these platforms experience downtime because of badly managed or underreported IT systems, the knock-on effects can be catastrophic in terms of customer confidence, revenue — and even supply chains.
Including IT in CSRD reporting isn’t just an environmental matter; it’s risk management and strategic foresight.
You Cannot Ignore IT In These Industries
There are specific sectors that stand out amongst the rest in failing to address the materiality of IT as part of their CSRD reporting. Let’s take a look:
1. Financial Services
For banks and financial institutions, a data center is critical for real-time transactions, fraud detection, customer service, and more. A power-guzzling server farm in Iceland running unoptimized algorithms is not just a blemish on the ESG matrix — it is the antithesis of the sector’s sustainability declarations.
2. Tech Companies
Ironically, some of the most cutting-edge tech companies in the world can be the worst offenders when it comes to leaving IT out of CSRD reporting. They have sprawling data centers and hardware-heavy R&D labs. If they’re not leading on sustainable IT practices, then who will?
3. Healthcare
Hospitals and healthcare providers increasingly rely on IT for patient records, telemedicine, and diagnostic tools. The sector’s IT systems consume a lot of energy and are also vital for our very well-being. To turn a blind eye to IT’s footprint here isn’t just irresponsible, it’s unethical.
How IT Can Participate in CSRD Reporting Practically
IT integration into CSRD reporting doesn't have to be an enormous task. Here are some practical actions companies can adopt:
1. Perform an IT-Specific Materiality Assessment
Make your double materiality framework IT-specific by introducing bounding metrics such as energy, hardware lifecycle emissions, and e-waste.
2. Leverage Green IT Practices
You can adopt energy-efficient data centers, use renewable energy to run your IT operations, and implement server virtualization to minimize your hardware requirements. Companies such as Google and Microsoft have already moved toward carbon-neutral data centers: an obvious path to follow.
3. Promote a Circular IT Economy
Promote and accommodate for recycling, refurbishing, and repurposing of IT assets. Here, a strong partner can make the world of difference in easing and streamlining these processes, so you do not have to reinvent the wheel.
4. Include IT Metrics in Existing Frameworks
Adapt existing sustainability frameworks like the Global Reporting Initiative (GRI) to incorporate IT-relevant disclosures. This creates comparability and consistency across sectors.
Why the Hesitation?
So, why are companies so hesitant to involve IT in their CSRD reporting? Excuses vary from a notion of a lack of expertise to a belief that it’s too complicated to quantify IT’s impact. I am though not sure if that’s a good excuse. If companies can account for every gram of carbon generated by entities powered by transportation, it should be able to do the same for the electricity used by entities powered by data centers and the lifecycle of their IT assets. Companies who take pride in their sustainability initiatives lead by example. There are excellent examples in the market to showcase their commitment to holistic approach to sustainability accountability and reporting.
Some argue that IT’s environmental impact is minimal compared to other functions. This is a strawman argument. The question is not whether IT is the biggest contributor to a company’s footprint but whether it is a substantial one. Spoiler alert: it is.
Conclusion: Without IT, There is No Integrity
At a time when the CSRD is in the limelight, the exclusion of IT reporting feels like nothing short of a betrayal of the essence of the directive itself. IT is too embedded in today’s digital world, companies’ operations, and too environmentally consequential to be left on the sidelines. With businesses getting ready to create compliance with CSRD, it’s time to position IT where it should be — at the center of sustainability dialogues.
As a half-alarmed bystander would say, “If you can’t measure it, you can’t manage it.” And if you’re not managing IT, you’re not managing sustainability.