Recently, data centers have taken center stage in commercial real estate markets worldwide due to the exponential growth of data generation and the broad migration to cloud computing, remote work, and artificial intelligence (AI). Indeed, McKinsey & Co. projects global annual spending on data center construction will reach $49 billion by 2030--a compound annual growth rate of 5.4% from 2022 to 2030.

When rating transactions or companies backed by data center assets, S&P Global Ratings uses one of four main analytical approaches: ABS, CMBS, corporate/REIT, or project finance. The approach we choose depends on a number of factors, most notably the financing vehicle. Strong rent growth and robust returns have distinguished the data center sector in recent years. Nonetheless, data center properties are susceptible to certain risks, which we factor into our analysis.

Boom Times For Data Centers

As demand for big data analytics, machine learning, and low-latency data transmission increases, the need for data centers--the backbone of digital infrastructure across the globe--has risen in tandem. According to estimates from S&P Global Market Intelligence 451 Research, there were well over 2,000 operational data centers in the U.S. and more than 8,000 worldwide as of fourth-quarter 2023. And about 300 more are planned or under construction in the U.S. alone.

The Financing Avenue Largely Determines Our Approach

When an operator of data centers issues the debt itself, we apply our corporate ratings criteria.

A CMBS or ABS analysis is suitable when conditions such as legal risk are consistent with a structured finance rating, including a bankruptcy-remote special-purpose vehicle (SPV). Under such conditions, ownership of a commercial mortgage lends itself to the application of our CMBS methodology, whereas direct ownership of data centers favors the ABS framework. When the conditions aren't consistent with a structured finance rating (including in emerging economies that don't support such vehicles), another methodology may be more appropriate.

We could also use our project finance approach to rate a secured data center financing issued by a limited-purpose entity or its holding company. Factors leading us to take this approach include unmitigated construction risk, conditions--including legal risk--that aren't consistent with a structured finance rating approach, and significant exposure to operational risk (including where there is no clear replacement counterparty).

To date, most data center-backed transactions have been structured as ABS, which offer operators a scalable, long-term financing option through a master trust set up. In addition, many ABS bond investors value data centers given their generally stable cash flows. The table provides five examples of transactions and the associated criteria:

Some further explanation:

• In Example 1, we apply our project finance criteria because of the unmitigated construction risk. We'd still use this approach if the issuer wasn't bankruptcy-remote but could nevertheless meet the ring-fencing requirements in our project finance criteria.
• Examples 2 and 3 show how much bankruptcy-remote status influences our approach. Typically, to apply structured finance criteria, we look for an issuer to be considered a bankruptcy-remote SPV.
• Example 4 demonstrates that we use our relevant CMBS criteria to analyze commercial mortgage assets.
• In Example 5, we apply our corporate methodology because the issuer is a REIT.

It's important to note that our project finance criteria and structured finance criteria have different assumptions about refinancing risk. For example, in structured finance, we rate to the legal final maturity of the issued debt. By contrast, our project finance criteria may recognize that the debt may be refinanced through the useful life of the underlying exposure.

Our Analytical Approaches

Below is a summary of each of these approaches. For more details, we recommend reading the specific criteria articles (see the "Related Criteria" section).

Corporate finance

We employ our corporate ratings methodology to assign credit ratings to data center operators. We use the criteria in "Key Credit Factors For the Real Estate Industry," Feb. 26, 2018, to determine the ratings on operators that majority-own a portfolio of data centers generating cash flows from property leases with maturities largely greater than one year. Alternatively, we apply "Sector-Specific Corporate Methodology," April 4, 2024, when rating data center operators that don't own the majority of the real estate or earn a significant proportion of revenue from managed services.

Step 1: Analyze the operator's business risk profile.  To do this, we use a variety of real estate-specific variables. These include asset location and age, tenants' creditworthiness and diversity, lease contract lengths, customer churn rates, level of interconnection, and other operating metrics that aid in ascertaining the quality of the operator's data center portfolio relative to that of its peers.

Step 2: Analyze the operator's financial risk profile.  We evaluate the data center operator's cash flow generation and timing in relation to its financial obligations, referencing a variety of credit ratios to develop a rigorous perspective.

Step 3: Account for factors outside the operator's business and financial risk profiles.  Outside of the business and financial risk assessments, we contemplate additional factors that could modify the operator's rating anchor, such as the potential for group or government influence, a comparable ratings analysis, and management and governance practices.

Project finance

We apply "General Project Finance Rating Methodology," Dec. 14, 2022, and "Sector-Specific Project Finance Rating Methodology," Dec. 14, 2022, to determine the ratings on project finance data center transactions. The project finance framework focuses on the analysis of a project's operations and construction phases, and then we factor in any parent linkages and external influence to derive the issue credit rating--both for senior and subordinated debt.

Operations phase.  We assess the project's business and financial risks during the operations phase to evaluate the likelihood that the project will generate sufficient cash flows to meet its financial commitments.

Compared to our traditional project financings in other sectors that we rate, the business risk assessment for data centers will focus on the following:

Primary performance risk attributes:

• Data center location, age, size, and redundancies, if any;
• Lease performance regime;
• Scope;
• Variable power and water supply; and
• Regulatory risks.

Market risk attributes:

• Fully contracted versus leasing risk
• Creditworthiness of tenants

Counterparty attributes:

• Creditworthiness of the tenants.

Construction phase.  During the construction phase, we forecast whether the project will be adequately funded, completed on time, and capable of operating as designed to meet its contractual obligations. Given the low complexity of the civil works involved in the construction of data centers--particularly hyperscale facilities--we believe the construction difficulty for a data center is tantamount to that of the social infrastructure projects we've rated. However, construction might be more complex--depending on the property's size, location, and additional considerations, such as co-location with extensive solar power with battery storage--if these attributes result in a greater construction risk.

In our view, the key challenges during data center construction are managing the supply chain of equipment and interconnection with power and cooling sources in accordance with the construction schedule. We evaluate the project's budget and schedule to assess whether there's a sufficient buffer to absorb the impact of delays. The size, experience, creditworthiness, and risk sharing of construction contractors are also important factors in our analysis. Accordingly, we look at contractors' track records for completing similar projects on schedule and within budget and their performance completion package (to replace contractor, if needed) in completing construction.

ABS

Our ABS methodology analyzes data center assets and their cash flows/values via a seven-step process:

Step 1: Determine the utility score.  We assign each data center a utility score that reflects the property's long-term competitive profile.

Step 2: Determine property liquidation value and timing.  This step applies only if the issuer owns the data center and land, owns the data center with exposure to a ground lease that has a sufficiently long remaining term, or owns the land and not the data center. If the SPV doesn't own the data center or the land (more common for retail colocation), we may not assign a liquidation recovery value.

Step 3: Estimate future lease revenues and the size and stability of ancillary revenues.  We calculate base lease revenue collections starting with in-place contracts and apply a lease rate haircut upon expiration and each subsequent renewal.

Step 4: Apply a utilization stress to base revenue to account for downside risks.  We also apply it to lease revenue to capture the impact of any cash flow reductions.

Step 5: Assess the cost to the transaction of operating its data centers.  Data centers need advanced security systems and redundant mechanical, cooling, electrical, and network infrastructure, all of which require routine maintenance.

Step 6: Estimate exposure to broader market risks.  For example, if a data center's shell and core are still under construction or a significant portion of the data halls aren't complete, we consider what structural mitigants are in place.

Step 7: Consider our analysis alongside the wider analytical framework for rating securitizations.  We evaluate operational and administrative risk, counterparty risk, and legal and regulatory risk using our structured finance approaches.

CMBS

In our CMBS analysis, we estimate a data center's long-term sustainable net cash flow (NCF) and capitalize that figure by our published capitalization rates (currently 7.50%-9.00%) to determine property value. In addition, we assess the likelihood that future cash flow will be sufficient to service the commercial mortgages backing the CMBS transaction.

Step 1: Compute gross potential rent.  To derive gross potential rent (GPR), we sum the income generated by in-place lease agreements, ancillary services, expense recoveries (such as landlord reimbursements for tenant power consumption), and grossed-up revenue from vacant power capacity.

Step 2: Compute effective gross income (EGI).  We deduct a projected vacancy loss from the GPR to establish the EGI.

Step 3: Derive long-term sustainable net cash flow.  A data center's sustainable net cash flow (NCF) is EGI minus fixed and variable operating expenses and ongoing capital expenditures.

Step 4: Value the data centers using the income capitalization approach.  We divide long-term sustainable net cash flow by the appropriate cap rate (governed by the property's location and characteristics) to calculate S&P Global Ratings' data center property value. This is commonly 30%-40% lower than the appraiser's valuation.

Appendix: Key Terms Defined

Data centers can be categorized into three primary asset types--retail, wholesale, and powered shell--each of which is detailed below. However, some data centers possess characteristics that further differentiate them. These include hyperscale data centers, edge data centers, and carrier hotels.

Retail   data centers are occupied by numerous tenants with modest data storage and processing needs. Most retail facilities require about 0.5MW–5MW of uninterruptable power supply (UPS) capacity to sustain clients' computing hardware. (UPS power capacity refers to the maximum power a UPS system can distribute.) However, sizeable retail colocation complexes can command well over 10MW of capacity. Under the retail model, tenants co-locate their IT equipment under the same roof, leasing space in small increments (by the individual rack, cabinet, or cage, for example). Retail data centers are generally turnkey facilities, where the operator furnishes tenants with a built-out data center complete with redundant power and cooling configurations, generators, walled-off data halls, and racks/cabinets to store equipment. It's also common for operators to staff a retail colocation data center, affording tenants with maintenance support and 24/7 security.

Retail colocation operators usually offer short-term modified gross lease contracts (one to three years), under which the tenant pays a base rental rate (normally quoted in $/kW of allocated power capacity) plus the cost of their variable power usage. Operators may also charge cross-connection fees for tenants to interconnect. Tenants that do business together benefit from cross-connection, as it establishes a private low-latency link between their computing equipment, eliminating the need to transmit data over the public internet. In practice, retail colocation facilities function like data center hotels: Tenants don't customize their data center space (meaning lower up-front costs), and operators grant tenants a set of amenities--for a fee, of course.

Wholesale   data centers appeal to firms intending to store and process large volumes of data at the same location over a longer time horizon. Wholesale data center deployments are tenanted by fewer co-locating enterprises that commit to leasing large swaths of operating space. These facilities typically demand about 5MW–40MW of UPS power capacity. Like their retail counterparts, wholesale colocation data centers are largely turnkey, with some caveats. The operator provides tenants with a developed data center and access to cooling and power architecture, but the tenants are responsible for supplying racks, cabinets, and cables as well as staff to oversee routine maintenance and security.

Long-term (five to 20 years) modified gross leases and triple-net leases are typical with the wholesale colocation model. Because tenants have long-term interests in the property, they may customize leased operating space. Wholesale colocation lessees usually include larger companies, many of which have public credit ratings. Wholesale colocation tenants include Apple, CME Group, Uber, and BlackRock.

Powered shell   data centers are undeveloped or newly constructed industrial buildings with power and fiber network connectivity in place. Unlike turnkey data centers, these properties don't have data halls, UPS power configurations, cooling infrastructure, or racks/cabinets set up at lease inception. In most cases, powered shell data centers are leased to data center operators intending to sublease or tech titans with sufficient capital to develop the data center as they see fit.

Hyperscale   data centers differ from traditional wholesale colocation properties because of their immense size and hyperscaler tenants. Most market participants assert that a hyperscale data center must have at least 40MW of UPS power capacity and 10,000 square feet. However, many hyperscale facilities support power capacity of over 100MW and encompass over 1 million square feet. Typically, one to three cloud service providers (hyperscalers) occupy these colossal data centers, which empower them to scale their cloud management and AI business segments with surging demand. Over the past few years, Meta, Amazon, and Microsoft (among others) have competed to acquire as much data center space and power capacity as possible, placing upward pressure on hyperscale market rents. Competition is also fierce for state-of-the-art graphics processing units (GPUs), which handle generative AI workloads, machine learning computations, and proof of work (PoW) cryptocurrency mining.

Edge   data centers are small properties situated near populations of end users who reside close to the edge of a network. Edge data centers collect and process time-sensitive content requests from end users' Internet of Things (IoT) devices (smartphones, laptops, autonomous vehicles, gaming consoles, etc.), distributing content to clients with minimal latency and transmitting their time-insensitive data to larger data centers for analysis. Edge data centers are frequently constructed close to cell towers. They're critical in cultivating 5G density--the ability to serve more devices in a geographic area with low-latency content delivery.

Carrier hotels   aren't data centers in the traditional sense; rather, they're the central internet exchange points where metro fiber lines link with long-haul or sub-sea fiber. Carrier hotels are the primary nodes of a fiber network positioned in the heart of major metro areas, and data centers throughout an entire region funnel data through carrier hotels for long-distance dissemination. Several carrier hotels--such as 60 Hudson Street in Lower Manhattan--are venerable high-rise office buildings that were repurposed following the deregulation of the telecommunications industry in the mid 1990s. Carrier hotels contain meet-me rooms, where multiple telecom and network service providers physically interconnect equipment to exchange internet traffic across their fiber networks. Carrier hotels are often regarded as trophy properties, owing to the indispensable role they play in stitching internet networks together.