Blog
ESG software vendors will tell you their platform solves everything. One meeting, a slick demo, a promise of automated reporting. And most sustainability managers we work with are still drowning in spreadsheets.
Companies rush to tooling before they understand what they actually need from it. So before you spend an afternoon comparing feature lists, take a step back and look at the data first.
ESG data is not like financial data. A CFO knows exactly what to report and where to find it. Revenue, costs, margin. The format has been standardised for decades.
Sustainability data works differently. The scope shifts depending on what you need to report, who is asking, and which regulations apply to your company. "A lot of organisations don't yet know which data they need to pull in to generate a report," says Tim Sterckx. "Ask five people what data they need for a CO2 footprint and you'll get five different answers. And they're all right."
That complexity tells you what your real requirements are before you start evaluating tools. And those requirements vary considerably depending on the size of your company, the complexity of your data, and what you need to report on.
Does the tool actually cover what you need to report on? This sounds obvious, but the answer is often unclear because sustainability managers are not always sure what data needs to go in before a report can come out.
If your goal is a full CSRD-compliant sustainability report, the requirements are different than if you simply want to track your greenhouse gas footprint. Define what you are trying to achieve first. Then check whether a given solution can actually deliver that.
Who is going to use this day to day? A solution that requires technical expertise to run is a problem when the person extracting reports is someone without an IT background. It matters whether the tool works for the people who will actually use it, not just whether it works in a demo environment.
Data location matters too. "There are very interesting tools for ESG, but with some of them your data ends up sitting in India or the US," Tim points out. "A lot of European companies simply won't go there." Where your data is stored is as much a cybersecurity question as a compliance one. The further your data travels, the more your security and data protection requirements come into play, so it deserves attention early.
The big, established data and software platforms tend to have solid ESG capabilities that keep improving, but their licensing can run into six figures a year, and they are not the only expensive option on the market. That kind of budget is not available to most mid-sized companies. A custom solution built on tools you already license might cover your current needs for a fraction of the cost.
ESG SaaS platforms are multiplying fast, and some may not exist in three years. Before committing, look at funding, longevity, and whether you can get your data back out if things go wrong. "You need to ask about data import and export in the first meeting. It might feel like an afterthought, but it is actually the most important question."
The most common assumption companies make is that ESG regulations only apply to the companies that fall directly under them. That is rarely how it plays out.
Take the CSRD. Large enterprises subject to it need sustainability data from their entire supply chain to meet their own reporting obligations. That means they ask their suppliers for it, whether those suppliers are legally required to report or not. A small manufacturer with 40 employees and no direct compliance obligation can still find itself fielding detailed ESG questionnaires from its three biggest clients.
The DPP (Digital Product Passport) works the same way. It requires manufacturers to document the full material origin and CO2 impact of their products, traced back through their suppliers. The EUDR (EU Deforestation Regulation) requires proof that imported goods have not contributed to deforestation, which pulls sourcing partners into the picture. The CSDDD tightens what companies can actually claim about their sustainability performance, meaning that "most sustainable product on the market" needs to be backed by audited data or dropped entirely.
We have seen this play out firsthand. A company gets SBTi validated without ever having set out to. Partners made it a condition of contract renewal. That is how this pressure moves through a supply chain: one company's compliance obligation quickly becomes another company's commercial problem.
Beyond formal obligations, EcoVadis scores are increasingly used by large buyers as a baseline requirement for new supplier relationships. None of this is legally mandated for smaller companies. But if your clients are asking for it, the effect is the same.
Cronos ESG starts every tooling engagement with a discovery workshop. The goal is to map the current data landscape, understand what is causing friction, and figure out what is actually needed before recommending anything.
Three types of people should be at the table, and the third is almost always forgotten.
The sustainability manager is the obvious starting point. They know the pain and they know what they need the tool to do.
Someone at C-level, often the CFO, is worth having for two reasons: they understand the compliance pressure and the financial consequences of getting it wrong, and they can approve a budget.
The IT manager is the one who gets left out. That is a problem, because the IT manager knows the existing systems, the security requirements, and the company's technology roadmap. "We had a client building an ESG solution inside SAP, investing real budget," Tim recalls, "until the IT manager walked in and mentioned they were migrating away from SAP to Microsoft. That conversation should have happened at the start."
We start with a discovery workshop to map your current ESG data landscape before recommending anything. The output is a clear picture of where you stand, what you need, and how to get there within your budget and existing systems.
