The headlines have focused on the US’s retreat from sustainability regulation. From the withdrawal from the Paris Agreement to the Environmental Protection Agency announcing what it calls the “biggest deregulatory action in U.S. history” and proposed green energy funding cuts of $13 billion, it is tempting to read this as a clear indication of deregulation. But that reading misses what is actually happening: emissions governance has not retreated; it has fragmented. And for compliance teams, a fragmented regulatory landscape is in many ways harder to manage than a uniform one.

Read also: How Artificial Intelligence Is Reshaping Global Supply Chains

Across the US, states have moved to fill the legislative vacuum. Following the model set by California with SB 253 (the Climate Corporate Data Accountability Act) and SB 261 (the Climate-Related Financial Risk Act) in October 2023, a number of other states have picked up the sustainability mantle. 

New York, for example, reintroduced its Climate Corporate Data Accountability Act (S3456) in January 2025, requiring Scope 1 and 2 disclosure from 2027 and Scope 3 from 2028. The New York Senate passed a version of this legislation in February 2026, marking a meaningful step toward enactment. Colorado introduced House Bill 25-1119 in January 2025, requiring Scope 1 and 2 disclosure from entities with revenues above $1 billion starting in 2028, with a phased Scope 3 rollout beginning in 2029. New Jersey and Illinois have tabled comparable measures in recent sessions. For compliance teams, the practical consequence is a multiplying patchwork of overlapping disclosure timelines, revenue thresholds, and scope requirements; each requiring its own monitoring, its own data infrastructure, and its own audit trail.

This state-level activity mirrors the legislative architecture the EU has been developing for years, and which remains substantially in force despite ongoing revision. Businesses trading with Europe must navigate the EU Corporate Sustainability Reporting Directive (CSRD) and the EU Corporate Sustainability Due Diligence Directive (CSDDD), both of which were subject to the European Commission’s 2025 Omnibus proposal that narrowed their scope and adjusted certain timelines, but left the underlying direction of mandatory disclosure intact, as well as the EU Regulation on Deforestation-free Products (EUDR) for commodity-specific traceability obligations. Particularly important for procurement teams is the EU Carbon Border Adjustment Mechanism (CBAM), which concluded its transitional reporting phase at the end of 2025, with full financial obligations now in effect. CBAM places a direct carbon price on imported iron and steel, aluminum, cement, fertilizers, electricity, and hydrogen, targeting the emissions embedded in the production process itself. The logic across both the EU and the emerging US state landscape converges on the same underlying demand: traceable, defensible, auditable emissions data across the entire value chain.

Despite this, sustainability teams remain small and overstretched, with often just a handful of employees managing ESG reporting, supplier engagement, emissions accounting, and regulatory monitoring simultaneously. Reporting demands consume the bulk of both time and budget, leaving limited capacity for strategic decarbonization work. 

Nowhere is this gap more visible than in Scope 3 emissions, the indirect greenhouse gases generated across a company’s entire value chain, from upstream raw material extraction to downstream product use. These typically represent the largest share of a company’s total carbon footprint, and the hardest to measure reliably. Sphera’s 2025 Scope 3 Report reveals that of companies already reporting on greenhouse gas emissions, 79% now disclose across all three scopes, up from just 52% in 2024, a sharp rise that reflects regulatory pressure more than voluntary momentum. Yet 62% of those reporting on Scope 3 cite internal data quality as a major barrier, and 79% say obtaining supplier data remains a top challenge.

Without defensible, auditable data, the consequences are tangible: regulatory exposure under frameworks like CBAM and SB 253, greenwashing accusations, supplier disruptions as due diligence gaps surface under CSDDD, and internal paralysis as sustainability teams spend more time validating figures than acting on them. The organizations that remain in reactive mode will find themselves perpetually behind a curve that is accelerating faster than any single policy reversal.

The answer lies in building the data infrastructure that makes continuous compliance operationally achievable, and AI-powered procurement platforms are making that practical in ways that manual processes never could. The difference is not just speed. It is the ability to move from reactive data assembly to proactive risk detection across a supply base of hundreds or thousands of entities simultaneously.

Two examples illustrate what this looks like in practice:

The first is supplier certification monitoring. Under CSDDD and several state-level frameworks, a lapsed environmental or human rights certification at a tier-one supplier can create direct legal exposure for the buying company. Previously, identifying that risk meant periodic manual checks, by which point a lapse might already constitute a compliance breach. An AI-powered platform can monitor certification status continuously across the supply base, flagging an impending expiry week in advance and automatically triggering a renewal workflow with the supplier. What was once discovered during an audit becomes something corrected before it appears in one. The buying company maintains an always-current, audit-ready compliance record without dedicating headcount to maintaining it.

The second is Scope 3 Category 1 data collection, purchased goods and services, which typically represents the single largest source of Scope 3 emissions for manufacturers and retailers. Gathering this data traditionally meant issuing manual surveys across hundreds of suppliers, reconciling inconsistent formats over weeks, and then questioning the reliability of what came back. AI can change the collection and validation loop: standardized emissions data requests are pushed to suppliers automatically at the point of onboarding and at defined reporting intervals. AI models can cross-reference submissions against industry benchmarks and flag statistically anomalous responses: a supplier reporting emissions implausibly low for their sector, for instance — for human review before the data enters the reporting chain. The result is not just faster collection. It is a defensible, continuously validated emissions record that can be pulled for regulatory submission, customer due diligence, or internal strategy without a quarterly scramble to assemble it.

Taken together, these capabilities transform governance from a periodic reporting exercise into a continuous intelligence function; one that surfaces risk in real time, embeds sustainability criteria into sourcing decisions from day one, and integrates with existing ERP and procurement systems so the intelligence appears where decisions are actually made.

When the next regulatory cycle inevitably tightens, the organizations that read the current moment as an opportunity to pause their sustainability programs will find that their data foundations are not in place and their competitive position has quietly eroded. In an environment defined by regulatory complexity, rising scrutiny, and constrained resources, transparency is no longer a reporting function. It is a strategic capability.