From 2026, ESG and emissions reporting will operate under a very different set of expectations. What has historically been treated as a disclosure and narrative exercise is becoming a matter of assurance, control, and evidence.
This shift is being driven by regulation rather than preference.
Regulatory Drivers
In Europe, the Corporate Sustainability Reporting Directive (CSRD) introduces mandatory, assured sustainability reporting for a wide range of organisations.
In the UK, climate and energy reporting is aligning closely with ISO 14064-3, the international standard governing greenhouse gas verification.
In the United States and India, regulators are strengthening requirements around climate data governance, internal controls, and physical provenance.
At the same time, NIS2 and equivalent critical-infrastructure regulations are raising expectations around the security, resilience, and integrity of operational data.
Across all jurisdictions, it is no longer sufficient to explain what has been reported. Organisations must now demonstrate how data was measured, secured, and verified at source — and that it has been protected throughout its lifecycle.
What CSRD Requires — and Why Data Foundations Matter
CSRD significantly raises the bar for sustainability reporting in Europe. It requires organisations to:
CSRD Requirements
Apply internal controls to sustainability data, comparable to those used for financial reporting
Maintain traceability, linking reported figures back to source data
Support external assurance, moving from limited towards reasonable assurance over time
Ensure consistency, auditability, and governance across reporting periods
Crucially, CSRD does not sit in isolation. Sustainability data increasingly falls within the scope of enterprise risk management and operational resilience, particularly where it relates to energy, water, and critical assets.
The implication is clear: sustainability data can no longer be assembled retrospectively or managed informally. It must be produced, governed, and secured by design.
What ISO 14064-3 Requires — and How It Complements CSRD
ISO 14064-3 is the verification standard used by auditors to assess greenhouse gas statements. While CSRD defines the reporting obligation, ISO 14064-3 defines how assurance is tested.
To support reasonable assurance under ISO 14064-3, organisations must demonstrate:
ISO 14064-3 Requirements
Primary measurement, captured directly from assets rather than inferred from spend or averages
Defined boundaries, clearly linking emissions to assets, processes, and locations
Geospatial provenance, providing physical evidence of where measurements originate
Data integrity and immutability, ensuring information cannot be altered after capture
Known uncertainty, replacing assumed accuracy with quantified data quality
In practice, ISO 14064-3 examines whether reported figures are supported by a continuous and trustworthy chain of evidence.
This requirement intersects directly with security expectations: if data can be altered, spoofed, or accessed without control, it cannot be reasonably assured.
Why Traditional ESG Data Collection Falls Short
Most ESG reporting processes were designed for periodic disclosure rather than continuous verification. They typically rely on:
Traditional Approaches
Infrequent electrical and water submeter reads
Daily, weekly, or monthly aggregation
Spreadsheet-based consolidation
Manual explanation during audit
By the time this data is collected and reconciled, it already reflects the past. More importantly, the evidence trail is fragile. Data is reconstructed months after the event, engineers are drawn into audit support, and external consultants are often required to validate assumptions.
From both an assurance and security perspective, this approach is increasingly risky. Manual handling increases the attack surface, weakens traceability, and conflicts with NIS2 expectations around controlled access, integrity, and incident resilience.
The Central Role of Continuous Electrical and Water Submetering
Electrical and water submeters sit at the centre of emissions reporting, operational performance, and resilience. Yet in many estates they remain low-resolution devices, read once per day or less.
Low-frequency submetering creates a resolution gap:
Resolution Gap Consequences
Electrical start-up peaks and load imbalances are missed
Short-duration water losses and leaks go undetected
Emissions are averaged rather than attributed to activity
Early maintenance signals appear and disappear between readings
From an ISO perspective, this increases uncertainty and weakens traceability. From a NIS2 and operational-security perspective, it also limits visibility into abnormal or malicious behaviour.
How Altior Supports CSRD, ISO 14064-3, and NIS2 Expectations
Altior is designed to help organisations meet assurance and security requirements simultaneously by changing how data is captured, rather than by replacing existing infrastructure.
Altior operates as a non-invasive digital layer across electrical and water submetering estates. It does not require meters, PLCs, or control systems to be replaced. Instead, using clip-on sensing, gateways, and protocol adapters, it enhances existing infrastructure with higher resolution and contextual insight.
Altior creates a digital abstraction of assets and submetered circuits. This abstraction is a mathematical representation of an asset's logical and thermodynamic behaviour, built from measured operational data.
Each data point is:
Data Point Characteristics
Captured and time-stamped at source, supporting audit requirements
Cryptographically secured, protecting integrity in line with NIS2 expectations
Linked to a specific asset or submeter, supporting boundary definition
Anchored to a physical location, using GPS where required to establish provenance
Transferred via controlled, outbound-only data paths, aligned with NSA-style security principles of least privilege, compartmentalisation, and defence in depth
This produces a continuous, verifiable record that aligns with:
Alignment With Standards
CSRD governance and control expectations
ISO 14064-3 verification criteria
NIS2 requirements for data integrity, access control, and operational resilience
Benefits Beyond Compliance
A data foundation built for assurance and security also delivers tangible operational value.
ReportingContinuous, provenance-rich data reduces reliance on manual reconstruction, lowers assurance costs, and strengthens audit confidence.
MaintenanceHigh-resolution electrical and water signatures reveal abnormal loads, pump inefficiencies, valve failures, and early signs of leakage or degradation.
OptimisationTemporal visibility exposes avoidable peaks, wasted water, and inefficient operating windows that low-frequency data cannot reveal.
Risk ReductionReducing manual handling and enforcing secure data paths lowers cyber risk and aligns sustainability data with critical-infrastructure security standards.
Preparing for 2026 and Beyond
CSRD, ISO 14064-3, and NIS2 together reflect a broader shift in expectations. Sustainability data — particularly energy and water data — is becoming regulated, security-sensitive operational data.
Meeting these requirements does not require dismantling existing infrastructure. It requires a way to capture continuous, secure, and verifiable submetering data with clear provenance and strong security controls.
Altior provides that capability, extending the life of legacy electrical and water submeters while turning operational reality into secure, audit-ready evidence.
