For years, sustainability reporting focused largely on what companies could measure within their own operations, such as energy use, waste and direct emissions.
Under CSRD (corporate sustainability reporting directive), that centre of gravity is shifting into the supply chain. Emissions, resource use, labour practices and risk exposures increasingly sit several tiers beyond the reporting entity itself. Companies are no longer being asked simply to disclose sustainability metrics; they must now support them with supplier data that is traceable and able to withstand audit scrutiny.
This shift doesn’t just raise expectations for reporting, it fundamentally changes how supply chain data must be collected, managed and trusted.
At its core, supply chain data management is about how organisations collect and manage supplier information to support both day-to-day operations and long-term decisions. Historically, that information has centred on cost, quality and delivery. Sustainability introduces a new layer: carbon intensity, material origin, process data, certifications and social indicators.
CSRD brings sustainability into the same accountability space as financial reporting. Yet our research shows that just 19% of business leaders fully trust their ESG data, compared with 68% who trust their financial data. That gap highlights the urgency of building financial-grade systems for sustainability information.
Data must be consistent and defensible. Achieving that requires clear structures, aligned processes and defined ownership across procurement, sustainability, finance and operations.
CSRD increases dependency on supplier data
CSRD doesn’t just expand disclosure requirements, it increases reliance on supplier data. Sustainability teams are becoming more dependent on procurement to gather ESG information from suppliers, many of whom are facing reporting requests for the first time, often from multiple customers and across overlapping frameworks.
The challenge is a structural one. Supply chains were not built with sustainability reporting in mind; they were built to move goods efficiently and at the right price. As a result, much of the data companies now need sits buried several layers down – patchy, loosely defined and difficult to validate with confidence.
A common misconception is that supplier ESG data simply needs to be collected. In practice, it must be aligned, checked and contextualised before it becomes usable. What companies receive is often estimated, based on differing methodologies, or tied to mismatched timeframes.
This creates a reliability gap between what is reported and what can be defended. Under CSRD, that gap becomes a material risk. Numbers need a clear trail behind them. Generic averages and opaque assumptions are increasingly difficult to justify, particularly as limited assurance is already required and deeper scrutiny will follow.
Some reports may appear complete on the surface but fail under audit or stakeholder challenge. That is where exposure lies.
Why spreadsheets and point tools break down at scale
Many organisations are trying to manage CSRD requirements using spreadsheets, email surveys and disconnected ESG tools. That may work during a pilot phase, but it quickly breaks down at scale.
Files drift across inboxes, assumptions become buried in formulas, and version control deteriorates. Over time, small errors compound into material risk.
Email-based supplier surveys create weak audit trails, while single-purpose tools solve narrow problems but rarely connect the full picture. As supplier numbers grow, control declines, teams spend more time chasing data than validating it, quality becomes reactive, and reporting turns into clean-up.
Audit-ready sustainability reporting depends on structured inputs and transparent methodologies. Supplier data must map to recognised frameworks, with calculation bases, emission factors and sources clearly documented. Validation should happen at the point of submission, not in the final weeks before a reporting deadline. Changes must be tracked transparently, not quietly overwritten.
The preparation window is closing
CSRD readiness is not a last-minute reporting exercise. It depends on the maturity of supplier data, the consistency of methodologies applied across tiers, and the infrastructure in place to collect and validate that information. None of this can be built in the final weeks before filing.
The organisations making real progress are treating CSRD as a supplier data transformation effort. They are mapping supplier dependencies, identifying weak points and putting structured collection and validation processes in place now.
Because once reporting is assured, the question is no longer whether you have a number, it’s whether you can stand behind it.
- Sustainability