Two Regulatory Frameworks, One Infrastructure Problem
The EU’s sustainability regulatory architecture has grown dramatically over the past four years. Two directives now intersect in a way that creates a specific and underappreciated compliance challenge for data centre operators. The Corporate Sustainability Due Diligence Directive, adopted by the EU Council in May 2024, establishes binding obligations on large companies. Those obligations require identification, prevention, and remediation of adverse human rights and environmental impacts across their global value chains. The EU Energy Efficiency Directive, recast in 2023, requires member states to ensure data centres above one megawatt of total rated energy input assess waste heat recovery feasibility. Some must implement it.
These two frameworks address different problems. The CSDDD targets corporate accountability across supply chains. The EED targets operational energy efficiency within facilities. Nevertheless, they converge on exactly the same operational reality. Both eventually demand that a data centre operator demonstrate meaningful action on waste heat. Both create liability exposure for failure to act. Moreover, both operate against the same physical constraint. The heat these facilities produce at the most critical density tier, the AI GPU cluster operating above one hundred kilowatts per rack, exits the cooling system at temperatures that European regulatory frameworks did not anticipate when they were written.
What Directive 2026/470 Actually Changed
The CSDDD as originally adopted was sweeping in scope. It covered companies with more than one thousand employees and over four hundred and fifty million euros in worldwide net turnover. After that it required mandatory climate transition plans. It created a harmonised EU-wide civil liability norm. Hyperscale data centre operators and major cloud providers met these thresholds easily. They faced genuine compliance obligations with real teeth.
Directive 2026/470, published in the Official Journal on twenty-sixth February 2026 and entering into force on eighteenth March 2026, substantially revised the original framework. The Omnibus I package narrowed the CSDDD threshold dramatically. Only companies with more than five thousand employees and over one point five billion euros in turnover now fall within scope. This revision reduced the number of covered companies from tens of thousands to approximately two thousand nine hundred. Mandatory climate transition plans were deleted. The harmonised civil liability norm was removed.
What Survived the Omnibus Revision
Despite the revision’s dramatic scope reduction, the CSDDD was not repealed. Its essential obligation structure survived. In-scope companies must still identify actual and potential adverse human rights and environmental impacts. They must address those impacts across their operations and their direct business partner relationships. Also, they must implement grievance mechanisms. They must monitor their due diligence programmes continuously. The corporate-sustainability-due-diligence-directive.com legal intelligence tracker captured the situation precisely as of June 2026. Discussions shifted from compliance to competitiveness. The legal framework continued to exist. The February 2026 amendments fundamentally changed its practical reach, not its existence.
The data centre operators that remain in scope are not small companies. They are the largest hyperscalers and colocation providers in the European market. Each of them now faces an obligation to assess and address environmental impacts across their chain of activities. That chain includes their cooling supply chains, their energy procurement arrangements, their waste heat disposal practices, and their relationships with coolant chemistry suppliers. The waste heat problem sits directly within this chain-of-activities framework.
How CSDDD Captures Thermal Disposal as an Environmental Impact
The CSDDD’s obligation to identify adverse environmental impacts across operations does not enumerate specific activities. Instead, it references international frameworks, particularly the OECD Due Diligence Guidance for Responsible Business Conduct. That guidance defines adverse environmental impacts as measurable negative changes to the natural environment. Thermal pollution of water bodies, excessive groundwater withdrawal, and the release of industrial waste heat into the ambient environment without productive use each qualify as measurable negative environmental impacts under this framework.
A data centre discharging high-temperature waste heat through cooling towers into the atmosphere, or through once-through water cooling into a river or coastal water body, creates a documentable environmental impact. That impact sits within the operator’s own operations. Under the CSDDD, the operator must identify it, assess its severity and breadth, and implement measures to prevent or mitigate it where technically and economically feasible. The directive does not require perfection. It requires a documented, credible, risk-based process for addressing the impact.
The Feasibility Assessment Intersection With EED
The EU Energy Efficiency Directive adds a parallel and more specific obligation. Member states must ensure that operators of data centres above one megawatt submit a waste heat recovery feasibility assessment. This assessment evaluates whether recovered waste heat can technically and economically serve adjacent district heating networks, industrial heat users, or other productive applications. If the assessment finds a feasible reuse pathway, implementation becomes a regulatory expectation rather than a voluntary aspiration.
These two obligations, the CSDDD’s chain-of-activities environmental impact assessment and the EED’s waste heat feasibility mandate, address the same underlying question from different regulatory entry points. Both ask: what is this facility doing with its thermal output? Then both create documentation requirements. Both create liability exposure if the answer is nothing, where nothing was technically and economically feasible. The collision between these frameworks and the physical reality of next-generation AI cooling output is where the conundrum begins.
The Physics of Low-Grade Waste Heat
The temperature at which a data centre’s waste heat exits its cooling system determines everything about what can be done with it. This is a thermodynamic reality that no regulatory framework can negotiate away. Air-cooled data centres operating at conventional cloud-era rack densities of five to fifteen kilowatts reject heat at temperatures of twenty-five to thirty-five degrees Celsius. This temperature range is too low for direct injection into virtually any European district heating network. Third-generation Fernwärme networks across Germany and Central Europe require supply temperatures of seventy to one hundred degrees Celsius. Even fourth-generation networks, designed specifically for low-temperature sources, require supply temperatures of forty-five to sixty-five degrees Celsius.
An air-cooled facility producing twenty-five-degree waste heat requires an industrial heat pump to bridge the gap to any district heating network. That heat pump consumes electricity to operate. Its coefficient of performance at this temperature lift typically falls between two point five and three point five. Every kilowatt consumed by the heat pump appears in the facility’s total power draw. Consequently, it raises the facility’s PUE. For a facility already struggling to meet EnEfG PUE thresholds, the energy penalty of bridging the air-cooled temperature gap is a compliance trap rather than a compliance solution.
The Architecture Split That Changes the Equation
However, the cooling architecture of AI-era data centres produces waste heat at a fundamentally different temperature. Liquid-cooled Blackwell GPU racks operating at one hundred and twenty to one hundred and fifty kilowatts per rack produce coolant exit temperatures of fifty to sixty-five degrees Celsius. Jet impingement liquid cooling technologies, such as those deployed by Nexalus in their university campus heating project, deliver waste heat at fifty-five to sixty degrees Celsius without heat pumps at all. Single-phase immersion cooling captures close to one hundred percent of rack-level heat into liquid at fifty to sixty-five degrees Celsius.
This temperature range falls squarely within the injection window of fourth-generation district heating networks. Consequently, an AI data centre deploying direct-to-chip or immersion cooling technology in 2026 produces waste heat that can satisfy regulatory reuse mandates without the energy penalty of industrial heat pump infrastructure. The feasibility economics therefore depend entirely on which cooling technology the facility uses. An air-cooled or hybrid air-liquid facility faces a temperature gap that makes compliance expensive and energy-counterproductive. A fully liquid-cooled AI facility operates at temperatures that make compliance straightforward and commercially viable.
The ERF Mandate and Its Contradictions
Germany’s Energy Efficiency Act set specific and escalating energy reuse factor targets. New data centres must achieve ten percent energy reuse from July 2026, rising to fifteen percent from July 2027, and twenty percent from July 2028. The ModulEdge analysis of waste heat recovery economics calculated specific financial implications. At ten percent ERF from July 2026, a facility earns at least sixty-two thousand euros per megawatt of IT load annually from heat sales, at an assumed rate of twelve to thirty euros per megawatt-hour. Additionally, the facility avoids the capital and operating cost of alternative heat rejection infrastructure for the reused fraction.
These numbers look attractive. They are, for liquid-cooled AI facilities with district heating connections within the viable economic radius of three to four kilometres. For air-cooled or legacy facilities, the same ERF mandate creates a fundamentally different economic reality. Bridging the temperature gap from thirty-five degrees to the sixty-five degrees that most district heating networks require demands industrial heat pump infrastructure. That infrastructure costs approximately one hundred and ninety thousand to two hundred and fifty thousand euros per megawatt of heat recovery capacity. It also adds an ongoing electricity cost that partially erodes the heat sale revenue.
The COP Penalty and Its PUE Consequence
The energy maths of heat pump-assisted waste heat recovery creates a direct contradiction with PUE compliance requirements. A heat pump achieving a COP of three delivers three units of heat energy for every unit of electricity consumed. For a one-hundred-megawatt facility redirecting twenty percent of its output through heat pumps, the pumps themselves consume approximately six point seven megawatts of electricity continuously. That six point seven megawatts appears in the facility’s total power draw. It increases the denominator of the PUE calculation by the same amount without adding any IT compute output to the numerator.
For a facility already operating at PUE 1.25, close to the EnEfG brownfield threshold of 1.3, this heat pump energy penalty can push the facility above its compliance threshold. The EnEfG reform team at the Federal Ministry acknowledged this contradiction indirectly through the April 2026 amendment. The amendment created exemptions for facilities without technically and economically feasible district heating connections. However, it did not resolve the core contradiction for facilities that do have proximate networks but cannot bridge the temperature gap efficiently. The regulatory system simultaneously mandates energy reuse and mandates energy efficiency. For legacy air-cooled facilities, these mandates conflict arithmetically.
The CSDDD Supply Chain Dimension
The CSDDD’s chain-of-activities obligation extends beyond a facility’s thermal output. It reaches upstream into the supply chains that provide the materials and components that create that output. Liquid cooling systems require specific coolant chemistries. These range from water-glycol mixtures in direct-to-chip systems to dielectric fluids in immersion systems. The dielectric fluids used in single-phase and some two-phase immersion systems frequently contain per- and polyfluoroalkyl substances, the PFAS chemicals that the EU’s Chemicals Strategy for Sustainability is progressively restricting under REACH regulation.
PFAS compounds are persistent environmental pollutants. They accumulate in ecosystems and human tissues. Their manufacture, use, and disposal create documented adverse environmental impacts at each stage of the lifecycle. Under the CSDDD framework, an in-scope data centre operator using PFAS-containing coolants must assess the environmental impacts of those chemicals across its operations and its direct supplier relationships. Where those impacts are severe, the operator must implement measures to prevent or mitigate them. Transitioning to PFAS-free coolant alternatives is the most direct form of impact prevention. However, PFAS-free alternatives for certain immersion cooling applications remain limited in availability, higher in cost, and sometimes lower in thermal performance.
The Value Chain Audit Trail CSDDD Creates
CSDDD compliance at the operational level creates a documentation requirement that most data centre procurement processes have not previously generated. Under the six-step OECD due diligence framework that the directive embeds into EU law, an in-scope operator must identify adverse impacts, assess their severity and breadth, prevent or mitigate actual and potential impacts, monitor implementation effectiveness, communicate publicly on due diligence performance, and provide remediation where impacts materialise. Each step requires a documented audit trail.
Applied to coolant chemistry, this means procurement decisions must include an assessment of the environmental impact profile of each coolant option. They must document why one coolant was selected over PFAS-free alternatives, or document the plan for transitioning away from PFAS-containing products. Applied to waste heat, procurement decisions for facility cooling architecture must include an assessment of the thermal output profile’s compatibility with available heat reuse pathways. These documentation requirements represent a new category of compliance infrastructure that data centre operators have not historically maintained. Consequently, building it retroactively across existing facility portfolios is a significant undertaking.
The Feasibility Geography Problem
The waste heat reuse economics documented across more than thirty operating projects in Europe converge on a consistent finding. Pipeline distance is the dominant variable. Heat recovery projects within one to two kilometres of an existing district heating main achieve payback periods under eight to ten years at prevailing heat purchase rates. Beyond three to four kilometres, the economics deteriorate rapidly. Pipeline construction costs rise linearly with distance. Heat transmission losses rise nonlinearly. The marginal cost per tonne of CO2 avoided increases to levels that make the investment commercially indefensible.
This geographic constraint creates a structural inequity in CSDDD and EED compliance outcomes. A data centre located in Frankfurt’s Sachsenhausen district, within four hundred metres of Mainova’s Fernwärme distribution main, can achieve ERF compliance at a commercially viable cost. A facility twenty kilometres outside Frankfurt in a greenfield industrial park, chosen specifically for its lower land and grid connection costs, may face no viable heat reuse pathway regardless of how much capital its operator commits to the project. The regulatory framework does not create different obligations for these two facilities. Both must complete a feasibility assessment. Both face the same ERF escalation schedule.
National Transposition Inconsistency Amplifies the Problem
The CSDDD’s national transposition requirement adds a further layer of geographic inconsistency. Member states must transpose the directive into national law by twenty-sixth July 2028. Each member state implements its own supervisory authority and its own enforcement framework within the directive’s minimum standards. The result is a patchwork of national implementations that creates different compliance environments for data centres operating in different EU jurisdictions, even when those facilities perform identical functions and produce identical thermal outputs.
Germany’s EnEfG already provides the most demanding national framework for waste heat reuse in the EU. France, Sweden, Denmark, and the Netherlands each have their own national targets. The ImpactBuying CSDDD tracker confirmed that companies already complying with Germany’s Lieferkettensorgfaltspflichtengesetz have a head start on CSDDD due diligence processes. However, the EED waste heat mandates are national-level implementations, not CSDDD implementations. An operator that satisfies Germany’s ERF requirements has not automatically satisfied its CSDDD obligations, and vice versa. Both frameworks require separate compliance documentation and separate supervisory authority engagement.
Strategies That Reconcile Both Frameworks
The single most consequential compliance decision a new data centre developer makes is cooling architecture. That decision determines the temperature of waste heat output. That temperature determines the feasibility and cost of waste heat reuse. Those economics determine how easily the facility can satisfy both the EED’s ERF mandate and the CSDDD’s environmental impact assessment requirement. A fully liquid-cooled facility producing waste heat at fifty-five to sixty-five degrees Celsius enters the regulatory compliance environment in a fundamentally different position than an air-cooled or hybrid facility producing heat at thirty-five degrees.
The ModulEdge economics quantify the advantage. Liquid cooling captures heat at fifty to sixty-five degrees versus twenty-five to forty-five degrees for air cooling. This higher temperature eliminates or reduces the need for heat pump investment. It expands the range of viable district heating network connections. It improves the economics of the Heat Purchase Agreement that the data centre signs with the municipal utility. Specifically, facilities injecting heat directly at fifty-five to sixty-five degrees Celsius into fourth-generation networks can command twenty-five to forty-five euros per megawatt-hour rather than the twelve to thirty euros achievable after heat pump temperature uplift.
Documentation Architecture That Satisfies Both Frameworks
Beyond cooling architecture, reconciling CSDDD and EED obligations requires a documentation architecture that satisfies both frameworks simultaneously without duplicating effort. The six-step OECD due diligence process that CSDDD embeds provides a framework that is broader and more procedurally demanding than the EED’s feasibility assessment requirement. However, the EED feasibility assessment feeds directly into the CSDDD’s adverse impact identification and assessment steps. Consequently, a well-structured EED feasibility assessment, expanded to include the CSDDD’s value chain and supply chain dimensions, can serve both obligations.
The practical implication for in-scope operators is that their sustainability due diligence function and their facilities engineering function must collaborate on a single integrated assessment. That assessment must capture thermal output temperature profiles across each cooling zone, map available district heating and industrial heat user connections within viable economic range, document coolant chemistry supply chain impacts including PFAS exposure and transition pathways, and quantify the severity and breadth of each identified adverse environmental impact. This integrated approach converts what would otherwise be two parallel compliance exercises into a single coordinated programme. Given that the CSDDD application timeline for the largest companies begins from twenty-sixth July 2028, the window for building this integrated programme before first compliance reporting is relatively narrow.
The CSRD Overlap and the Disclosure Dimension
The CSDDD does not operate in isolation. It runs alongside the Corporate Sustainability Reporting Directive. The CSRD requires large companies to report publicly on environmental, social, and governance performance against standardised European Sustainability Reporting Standards. The Omnibus I package narrowed the CSRD’s scope to companies with more than one thousand employees and over four hundred and fifty million euros in turnover, a ninety percent reduction from the original scope. Nevertheless, the largest data centre operators, hyperscalers, and major colocation providers all meet this threshold easily.
The ESRS that govern CSRD reporting include specific requirements on energy consumption, water use, waste heat output, and pollutant releases. ESRS E1 covers climate change and includes energy intensity metrics. The ESRS E2 covers pollution and includes requirements to disclose substances of concern, explicitly relevant to PFAS-containing coolants. ESRS E3 covers water and marine resources, relevant to facilities using water-based cooling. Together, these reporting standards require a data centre operator to quantify and disclose precisely the environmental impacts that the CSDDD simultaneously requires them to address.
Why Disclosure Without Action Creates Legal Exposure
The combination of CSRD disclosure requirements and CSDDD action requirements creates a specific legal risk that operates differently from traditional regulatory compliance. Under conventional environmental regulation, non-compliance triggers regulatory enforcement by a supervisory authority. Under the CSDDD framework, civil liability for third parties who suffer harm as a result of an in-scope company’s failure to conduct adequate due diligence is a distinct and additional risk channel, even after Omnibus I deleted the harmonised EU liability norm.
Individual member states retain the authority to maintain their own civil liability frameworks. France’s Duty of Vigilance Act, Germany’s Lieferkettensorgfaltspflichtengesetz, and the UK’s emerging mandatory due diligence frameworks all create liability exposure that the CSDDD’s harmonisation efforts did not eliminate. A data centre operator that discloses in its CSRD sustainability statement that it produces significant waste heat and has not implemented economically feasible recovery measures, while simultaneously claiming CSDDD compliance, creates a documented contradiction that civil claimants and supervisory authorities can use to establish breach. Disclosure creates the evidentiary record. The CSDDD action obligation creates the standard against which that record is measured.
Why Data Centre Operators’ Lenders Face Their Own CSDDD Exposure
The CSDDD’s application to financial institutions introduces a dimension that data centre operators must understand, because it shapes the credit and investment environment in which they operate. The original CSDDD included regulated financial undertakings within scope for their downstream financing and investment activities. The Omnibus I revision deferred the financial sector’s specific obligations. The European Commission committed to submit a report to the European Parliament and Council no later than twenty-sixth July 2026 assessing whether additional sustainability due diligence requirements should apply to financial services and investment activities.
That assessment creates forward uncertainty for the banks, infrastructure debt funds, and institutional equity investors that finance European data centre development. If the Commission’s July 2026 report recommends extending CSDDD obligations to financial services firms based on their lending and investment portfolios, then every bank providing a construction facility to a data centre with documented waste heat compliance gaps, and every infrastructure fund holding equity in a colocation operator with PFAS-containing coolants, faces its own due diligence obligation in respect of those environmental impacts.
The Lender Due Diligence Request That Follows
This forward regulatory trajectory has a practical consequence for data centre financing that is already visible. Infrastructure lenders conducting environmental and social due diligence on new development facilities are incorporating waste heat feasibility assessment requirements, coolant chemistry documentation, and CSDDD compliance programme status into their credit approval processes. Facilities that cannot demonstrate a credible pathway to EED and CSDDD compliance face longer approval timelines and, in some cases, higher financing costs reflecting the regulatory risk the lender is carrying.
This lender-driven due diligence requirement operates ahead of the CSDDD’s formal application timeline. Lenders do not wait for 2028. They apply their own environmental risk management frameworks now, and those frameworks increasingly reference the CSDDD compliance obligations that will apply to their borrowers from 2028 onward. Data centre developers who treat the 2028 CSDDD application date as the earliest point at which they need to engage with compliance are therefore discovering that their financing counterparties disagree. The commercial consequence of that disagreement is a de facto acceleration of the compliance timeline that the legislative delay was intended to provide.
The Commercial Opportunity Inside the Compliance Burden
The CSDDD and EED compliance exercise that in-scope data centre operators now face is not purely a cost. The feasibility assessment that both frameworks require is also a revenue identification exercise. A one-hundred-megawatt AI campus at full utilisation generates approximately eighty-five to ninety megawatts of continuous waste heat output. At twenty-five to forty-five euros per megawatt-hour for direct liquid-cooled heat injection, the annual heat sales revenue from full reuse of that output reaches between eighteen and thirty-five million euros annually. Even partial reuse at the twenty percent ERF minimum produces three point six to seven million euros per year from a one-hundred-megawatt facility.
These numbers convert waste heat from a regulatory obligation into an active revenue stream. The capital investment required to connect a liquid-cooled facility to an existing district heating main within the viable economic radius is recoverable within the payback periods documented across European operating projects. The EnEfG ERF mandate does not require this investment to generate profit. It requires that a minimum fraction of thermal output reach productive use. If the investment does generate profit, compliance becomes commercially self-funding rather than purely a cost centre. Stockholm’s Datafjärden project, integrating ten data centres into district heating supply, demonstrated this integration at city scale. Microsoft’s Finland partnership with Fortum targets heating supply for two hundred and fifty thousand people using waste heat from new data centre facilities.
The Competitive Differentiation That Compliance Creates
Finally, in a market where EU regulatory scrutiny of large data centre operators is intensifying alongside investor pressure for credible ESG performance, demonstrable CSDDD compliance with a documented waste heat reuse programme represents a competitive differentiator that operates across multiple commercial relationships simultaneously. Enterprise customers with their own CSDDD obligations and supply chain due diligence requirements prefer infrastructure partners who have completed that documentation. Institutional investors with sustainable finance mandates require investee companies to demonstrate credible environmental impact management. Municipal governments considering new data centre permits in their jurisdictions respond differently to operators who arrive with an existing heat recovery track record versus those arriving with a feasibility study and no operational proof points.
The CSDDD collision with the low-grade waste heat conundrum is not, ultimately, a problem without a solution. The solution is cooling architecture that produces heat at temperatures high enough to make reuse economically straightforward, paired with a documentation programme that satisfies both the EED’s quantitative ERF requirement and the CSDDD’s broader environmental impact identification and assessment obligations simultaneously. The operators who make that cooling architecture decision at the design stage avoid the conundrum entirely. Those who inherit legacy air-cooled infrastructure face a harder path, one that involves either heat pump economics that create PUE penalties or facility retrofits that require the structural intervention costs analysed elsewhere in this series. The regulatory frameworks that created the collision cannot be negotiated away. The physics that determines which cooling architecture resolves it most efficiently is, however, entirely within the operator’s control at the point of facility design.
