Dieter, people talk about “workforce compliance” all the time. What does it actually mean on a data centre build?
When we talk about workforce compliance, we mean something very practical. It is the set of controls that proves every person and every company on site is legally entitled to be there, correctly engaged, and properly documented.
That starts well before anyone turns up at the gate and it continues throughout the build. In practice, it covers right-to-work and immigration status, posted worker requirements, tax and social security evidence such as A1s, safety certifications like VCA, and the due diligence of subcontractors across all tiers. Most importantly, it is about being inspection-ready at any moment, not scrambling after the fact.
Why has this moved from a back-office issue to something that can stop a project?
Because enforcement has changed. Across Europe, labour compliance is no longer handled quietly through correspondence. Authorities now turn up on site, often in joint teams, and they expect to see clear evidence immediately.
Large data centre projects are particularly visible. They involve deep subcontracting chains and a high proportion of foreign or posted labour. That makes them natural inspection targets. When something is missing or unclear, the impact is no longer just a fine. It can be restricted access, halted work or loss of confidence from regulators and insurers. At that point, compliance becomes a delivery risk.
What is really at stake for owners, developers and Tier-1 contractors?
Three things stand out.
First, schedule certainty. If workers are not cleared properly, they cannot access site. That quickly turns into lost days and lost momentum.
Second, reputation and trust. Regulators, local authorities, investors and communities all expect visible and defensible controls. Saying you are compliant is no longer enough.
Third, chain liability. In several European jurisdictions, problems at lower tiers can escalate upwards. Wage issues, posting failures or misclassification do not stay neatly contained with a subcontractor. They travel up the chain to the party with visibility and financial substance.
Many contractors say they manage workforce compliance themselves. Why is that often not enough on hyperscale programmes?
It is rarely about effort or intent. The issue is incentives and role conflict.
When the same organisation is responsible for delivering the programme and assuring compliance, problems tend to be treated as sequencing issues rather than risk signals. Escalation can be delayed because no one wants to slow the job. From an authority’s perspective, self-assessment also carries less credibility.
An owner-side or independent workforce compliance function changes that dynamic. It separates compliance control from construction execution and aligns decisions with enterprise risk.
What does “good” workforce compliance actually look like on site?
You can feel it in how the site operates.
There is clear pre-mobilisation mapping of contractors, worker types, nationalities and legal bases to work. There is a single onboarding workflow with defined evidence requirements. Gatekeeping works consistently, meaning no valid evidence equals no access, but without chaos at the turnstiles.
Ongoing monitoring is just as important. Expiries are tracked, anomalies are corrected quickly, and audits are routine rather than reactive. When authorities arrive, documentation is available, current and coherent.
Some people worry compliance slows things down. Does it?
Only when it is done late.
When compliance is pushed upstream, it actually protects momentum. If checks happen days before a worker’s first shift, the gate remains a control point rather than a bottleneck. You also see less rework. Contractors understand what good looks like, failed inductions fall away, and issues are resolved before they become incidents.
That has been our experience on large Dutch programmes, where early verification and structured workflows improved readiness and reduced disruption at scale.
Where do projects most often go wrong with cross-border labour?
The problems are remarkably consistent.
Posting notifications are late or incomplete. A1s or permits expire quietly. Pay and working-time records do not align with local requirements. Workers are classified in ways that do not withstand scrutiny when looked at closely.
None of these issues are exotic. They are the result of speed, pressure and fragmented responsibility. The way to prevent them is disciplined control. Clear requirements, verification before access, and targeted audits where risk is highest, especially during labour surges or when new vendors join the programme.
Why do you place so much emphasis on subcontractor chain mapping?
Because that is where risk hides.
On data centre builds, you often see multiple tiers – sometimes 8 deep – repeated vendors across different packages, and rapid onboarding waves. Regulators focus on exactly those areas. They want to know who employs whom, who supervises the work, and who is responsible for pay, time and safety obligations.
When you map the chain properly, it becomes manageable. You can see depth, overlaps and weak points early and address them before they attract attention.
What evidence is there that this approach actually works?
Our Netherlands delivery provides a good illustration. On our Hyperscale-aligned programmes, an owner-side workforce compliance model has supported tens of thousands of worker verifications and hundreds of subcontractors across multiple sites.
The practical outcomes mattered more than the metrics. Workforce readiness was consistently high, onboarding became faster and more predictable, documentation accuracy improved significantly, and anomalies were corrected quickly. Crucially, compliance issues did not escalate into site shutdowns or enforcement actions. That’s the real test.
Looking ahead, what regulatory and enforcement trends should the industry be preparing for in 2026?
The direction of travel is very clear.
Across Northern Europe and key EU markets, we are seeing more joint inspections, greater focus on posted and foreign labour, and stronger powers to escalate from non-compliance to stop-work scenarios.
Denmark is a good example, with new tools allowing authorities to halt work across entire subcontractor chains after repeated serious violations. Sweden has demonstrated a willingness to run large, multi-agency controls on hyperscale-adjacent sites.
Finland has increased attention on working-time records and paid entitlements in foreign subcontractor contexts. In the Netherlands, enforcement around false self-employment has resumed, bringing renewed scrutiny to engagement models. Belgium continues to focus heavily on social dumping through targeted inspections.
For data centre programmes, the implication is straightforward. Inspection readiness must be continuous. Workforce compliance has to be treated as a core delivery control, not a retrospective reporting exercise.
Final thought. How should leaders think about workforce compliance today?
Workforce compliance is not bureaucracy. It’s resilience.
It is what allows projects to move quickly without breaking trust with regulators, workers, insurers or investors. In a sector building Europe’s digital backbone at unprecedented speed, compliance is not a brake on progress. It is the discipline that makes progress durable.
