Why ESG Is Now a Contract Term
Green procurement in IT stopped being a values statement the moment regulators made buyers accountable for their supply chain's carbon. A vendor's emissions are no longer the vendor's problem alone — under current disclosure regimes they become your reportable Scope 3 footprint, and Scope 3 typically accounts for more than 70 percent of a company's total carbon footprint. That single fact moves sustainability out of the CSR brochure and into the contract, where procurement owns it.
For IT specifically the stakes are concentrated, because the spend is concentrated. A handful of software, cloud and hardware vendors drive most of a technology estate's emissions, which makes them both the biggest reporting exposure and the highest-leverage place to act. ESG is now simply another dimension of the commercial relationship — one that belongs inside the wider procurement transformation rather than in a parallel sustainability silo.
The Regimes That Bind in 2026
Three regimes dominate planning. The EU's CSRD drives value-chain sustainability reporting; CSDDD drives human-rights and environmental due diligence across suppliers; and IFRS S2 drives climate-related financial disclosure including Scope 1, 2 and 3 emissions. In the US, California's climate disclosure laws require companies above USD 1 billion in revenue to report Scope 1 and 2 from 2026 and Scope 3 from 2027. The compliance dimension here overlaps directly with the governance discipline covered across our contract compliance monitoring work — ESG obligations are compliance obligations, tracked the same way.
| Regime | What it requires | Procurement impact |
|---|---|---|
| CSRD (EU) | Value-chain sustainability reporting, incl. Scope 3 where material | Vendor carbon data becomes mandatory |
| CSDDD (EU) | Supplier human-rights & environmental due diligence | Due-diligence clauses in contracts |
| IFRS S2 | Climate-related financial disclosure (Scope 1–3) | Auditable supplier emissions data |
| California SB 253/261 | Scope 1–2 from 2026, Scope 3 from 2027 (>$1B revenue) | US enterprises pulled into supplier data demands |
Scope 3 and the Vendor Data Problem
The practical obstacle is data. You cannot report Scope 3 you cannot measure, and many IT vendors are not yet able — or willing — to supply auditable emissions figures. The market response has been blunt: ESG criteria are being written into RFPs and renewals with hard data deadlines, and suppliers that cannot provide basic carbon information increasingly risk delays, reduced visibility, or exclusion from tender lists altogether. Roughly 45,000 suppliers were asked to disclose through the CDP Supply Chain programme in a single recent year, a measure of how fast this expectation has hardened.
This makes the supplier's ESG capability a selection criterion in its own right, sitting alongside price, security and SLAs in a structured vendor scorecard. A vendor that cannot supply carbon data is not merely less sustainable — it is a future compliance liability that may force a costly re-tender, which is exactly the kind of risk the scorecard exists to surface early.
The ESG Clauses That Matter
Four clauses do most of the work. A carbon data clause obliges the vendor to provide Scope 1, 2 and 3 data on a defined schedule and in a usable format. Renewable-energy commitments tie the services you consume to clean power, frequently via power purchase agreements for cloud and data-centre workloads. Recycling and e-waste obligations govern hardware end-of-life. And audit or verification rights let you test the data rather than take it on faith. These belong in the contract alongside uptime and price, and they should be governed under the framework set out in the CIO Contract Governance white paper.
An ESG commitment with no data clause, no verification right and no consequence for breach is marketing, not a contract. If a sustainability promise cannot be measured and enforced, it will not survive the first reporting cycle.
Data Centres, Cloud and AI
The cloud is where IT's carbon problem concentrates. Data centres already account for an estimated 3.7 percent of all global greenhouse-gas emissions, and the surge in AI workloads is intensifying it — in one EY survey, 64 percent of senior leaders said they were concerned about AI's negative impact on their sustainability goals. That tension lands squarely on cloud and AI procurement, where compute demand and carbon ambition pull in opposite directions.
The negotiating answer is to make renewable commitments contractual rather than aspirational. Leading cloud and data-centre agreements now bind operators to renewable-procurement strategies, time-matched clean energy, or jointly developed power projects — terms that belong in any serious cloud contract negotiation. The same scrutiny applies to the AI capabilities vendors are bundling in: their compute footprint is part of your Scope 3, and should be priced and disclosed accordingly, a point that connects directly to our analysis of AI in procurement decision-making.
Negotiating ESG Without Losing Leverage
The failure mode is treating ESG as a separate, late-stage add-on that the vendor grants as a favour in exchange for price concessions elsewhere. Embed sustainability criteria in the RFP and the renewal from the start, so carbon transparency and renewable commitments are part of the package you are already negotiating — not a second negotiation conducted from a weaker position. Fold the ESG data deadlines into your procurement calendar so they are tracked like any other contractual milestone. Done early and integrated, green procurement is a selection lever that strengthens your position; done late and bolted on, it becomes a concession you pay for. To build ESG requirements into your IT contracts without surrendering commercial leverage, request a confidential briefing.