Asia-Pacific data centers are swinging into investors' view. We estimate more than US$100 billion will be invested in such facilities in the region over the next five years. The spending will capitalize on strong data growth and the rise in AI, cloud computing and digitalization.
Rated telecom companies in the region are also increasingly investing in, and operating, data centers. They will be the growth engine for many telecoms and real estate companies.
According to estimates from S&P Global Market Intelligence 451 Research, data center capacity in Asia-Pacific will likely grow 17% annually (compounded) through to 2029. The recent US$16 billion acquisition of Asia-Pacific based operator AirTrunk by Blackstone Inc. and Canada Pension Plan Investment Board, underscores the importance of the Asia-Pacific market.
Through this boom, operators will need to manage operating risks, cost volatility, obsolescence, resource constraints and evolving regulations. As such, investors are asking us about the risks of investing in this relatively new asset class. From a corporate rating perspective, we address their queries below.
Frequently Asked Questions
What are the main trends for data centers in Asia-Pacific?
In a nutshell, accelerated expansion. We expect emerging markets in Asia-Pacific to outpace established markets in capacity growth over the next three to five years (see table 1).
Key emerging markets include India, Indonesia, Malaysia, Philippines, Thailand and Vietnam. Key established markets include Australia, China, Hong Kong, Japan, Singapore and South Korea.
Emerging Asia-Pacific countries are increasingly an attractive alternative to developed markets for three reasons:
- Lower costs in emerging Asia-Pacific to develop and operate data centers;
- Significant growth in data demand due to digitalization and favorable demographics within emerging Asia-Pacific; and
- Government support for the building of local data centers as part of their push for data sovereignty.
Table 1
Johor Bahru, in Malaysia, for example, has become a hot landing spot for new data centers. The Johor Bahru sites can be a cheaper alternative to Singapore for regional data traffic, with more affordable land and power. The government is supporting the data center developments by building power and connectivity infrastructure.
An increasing focus on data sovereignty (see table 5 in the Appendix) has spurred the building of onshore data centers to store government data and sensitive personal information. This will also result in less reliance on foreign-based data center operators.
For example, the Australia government has moved some sensitive data out of data centers operated by Global Switch Holdings Ltd., after a China-backed consortium bought a 49% stake in the company.
Are the business risks lower for data center operators focused on established Asia-Pacific markets?
Yes, in general. Operators with data centers mainly in established markets face lower operational risk than equivalent facilities in emerging Asia-Pacific. The former benefit from lower country risks, which translate into a relatively stable policy environment, a well-established power and connectivity infrastructure, and a more digitalized economy.
Data centers in tier-one cities (Singapore, Tokyo and Sydney, etc.) will likely maintain low vacancy rates and higher pricing power. This is due to their strategic location close to end users that are generating and consuming data. This adjacency factor will be critical for workload requiring low latency and seamless connectivity. Scarce land and power resources in key cities will keep supply limited.
Chart 1
Workload with lower latency requirements in established markets will be pushed to tier-two or tier-three cities, easing resource constraints. For example, Japan is offering subsidies to decentralize data-center development, such that new centers will be built away from Tokyo and Osaka. Data centers in tier-two or tier-three cities typically have lower land and construction costs compared with tier-one cities.
The competitive landscape in emerging markets is less predictable given the fast pace of development in those regions, and the influx of international players. For example, Johor Bahru has a project pipeline of 1.67 gigawatts (GW) of total IT load capacity, which is markedly higher than its current capacity of 231 megawatts (MW) as of the first half of 2024, according to property broker Cushman and Wakefield. We see a risk of transitional oversupply when such capacity enters the market.
How do the revenue models of data center operators affect the quality of their earnings?
The characteristics of data center earnings depend heavily on whether there is a wholesale or retail focus. The two models differ in terms of the customer mix, contractual terms, service offerings and associated risks.
Table 2
Comparison of the wholesale and the retail colocation models | ||||||
---|---|---|---|---|---|---|
Wholesale colocation/hyperscale | Retail colocation | |||||
Size of investment due to power capacity | Larger | Smaller | ||||
Concentration of tenants | High | Low | ||||
Longevity of contract (years) | 5-15 | 2-4 | ||||
Level of facility customization | High | Low | ||||
Revenue model | Mainly rental--lease of space or power | Mix of rental and other services | ||||
Some data centers possess characteristics that could further differentiate them, including use of a power shell, edge data centers, carrier hotels or data center of information communication technology providers. Source: S&P Global Ratings. |
The hyperscale or wholesale colocation model generally offers operators a high predictability of earnings and cash flow. Our analysis views such features as credit positive.
This model, combined with a high ownership of assets, may support a higher leverage tolerance at a given rating level. A high ownership of assets may help an operator eliminate the risk surrounding renewal of property and land leases, and offer greater financial flexibility for fundraising. Digital Realty Trust Inc. (BBB/Stable/--), a U.S.-based data center operator, has such qualities, for example.
This is because wholesale contracts are long, with customers committing to a fixed payment or a minimum payment even if their actual usage falls short. There is also a high penalty for prematurely terminating contracts.
The high switching costs could reduce renewal risks. This is because, in making the move their customers would need to replicate or relocate vast amounts of physical hardware, network systems and storage infrastructure.
For the retail colocation model, the renewal risks and cash flow predictability could vary depending on factors such as the level of interconnectivity and--to a smaller extent--the existence of bundled services. These interconnections, which aim to create network effects by building direct, secured connections among customers, are hard to replace. They also attract customers that would like to establish connections within an operator's network.
Large retail colocation providers or operators with significant retail colocation exposure are creating a stickier customer base with interconnection. Examples include Equinix Inc. (BBB/Stable/--), a U.S. based data center operator. Smaller retail colocation providers may not be able to offer a competitive interconnection services.
The retail colocation model requires less investment and lower levels of customization. Otherwise, retail contracts are shorter, exposing operators to shifts in demand and market volatility. They also offer services that have lower earnings predictability than the rental of space and power. This may include remote technician services, network monitoring and cloud services.
Most of the retail colocation centers are speculative builds without sizable pre-committed capacity. If operators can't ramp up their utilization, this will hurt margins and cash flow.
What risks do wholesale operators face given their high tenant concentration?
Wholesale operators' data centers are often customized to fit customer requirements. The value of operators' assets would fall if their key customer faced financial distress; it could be costly to reconfigure the data center to match a new customer, should the old one drop out.
The strong credit qualities of customers can substantially mitigate counterparty risk. Most clients of wholesale operators are cloud providers or large internet companies. The entities are cash generative and would likely be able to honor their lease contracts. The contract termination clause will add another layer of protection for early termination.
There are other risks. For example, customers have significant bargaining power regarding pricing. It's common to see a few large customers, usually hyperscalers or large internet/media companies, taking up most of a facility or even an operator's total capacity. In many cases, these important customers are also offtakers for new projects and when expanding into new regions.
Such bargaining power is apparent in Asia-Pacific markets that have lower utilization rates and abundant new supply, such as China. This may squeeze operators' margins both on new developments and during renewals.
Some hyperscalers are also building their own data centers in strategic locations. This could increase renewal risks for their service contracts with operators. This so-called insourcing gives hyperscalers more control over their data center infrastructure. For instance, Meta Platforms Inc. completed its data center in Singapore in 2022.
Hyperscalers will likely weigh such benefits against other considerations, such as the pace of expansion and local knowledge.
How well can data center operators pass through costs and protect their margins?
In our view, wholesale operators generally have better cost pass-through ability. This is through terms that are embedded in their lease contracts that otherwise expose them to more cost fluctuations over the long duration of the contract. We believe such arrangements add resilience to profits and cash flow.
Wholesale/hyperscale operators typically use so-called triple-net and modified gross leases, which require the tenants to reimburse the manager for electricity and other costs. Under both types of leases, tenants are responsible for all costs related to the provision, installation, and the upkeep of their equipment and network connectivity.
Table 3
Comparison of operators' typical cost and pricing characteristics | ||||||
---|---|---|---|---|---|---|
Wholesale colocation/hyperscale model | Retail colocation model | |||||
Major operating costs | Utilities (including power), property operating and maintenance | Utilities (including power), labor, property rent, operating and maintenance | ||||
Electicity cost fluctuations | Pass through to customers | Borne by operators; may have price escalation clause if electricity costs rise above a certain threshold | ||||
Price adjustments | Infrequent due to longer contracts | More frequent due to shorter contracts | ||||
Source: S&P Global Ratings. |
In countries such as China, where competition is intense, wholesale operators such as GDS Holdings Ltd. and Chindata Group Holdings Ltd. generally offer contracts at a fixed price with limited or no escalation. This exposes the companies to inflation risk.
Operating costs for data centers in Asia-Pacific are set to rise. Our economists expect inflation to be 2.1%-2.4% per annum over 2024-2026. In countries such as India the rate may climb as high as 4.5%-4.6%.
Utilities (including power) costs are the largest operating expense for wholesale/hyperscale data centers. Staff costs are also a big expense for retail-colocation entities.
Most retail colocation does not have direct cost pass-through. That said, some of the operators embed options into their terms, allowing them to raise prices if power costs rise above a threshold. Otherwise, the shorter contracts typical in this space allow operators to reprice more frequently to reflect higher costs, if feasible, given competitive pressures.
Why do we view obsolescence to be a key risk?
New technology and consumer preferences are constantly changing the types of workloads and the requirements of the facilities to carry out those workloads. Entities must refit data centers to match demand changes; this poses operational risks.
The shift to hyperscale data centers due to cloud migration will squeeze demand for small and midsize wholesale data centers. These smaller facilities often cannot meet the needs of cloud service providers; some enterprise customers may move to cloud-service providers, causing customer churn. The rise in high-performance computing, especially in generative AI and machine learning, may pressure operators to upgrade data centers, adding cost and execution risk.
Operators may face other limitations, including a lack of access to additional water for cooling, and power supply. Their buildings may also be ill-suited to the requirement of high-density data centers.
Many operators are now implementing flexibility in their designs, involving reserve infrastructure and land. We would consider the degree of this so-called future-proofing in our assessment of the asset quality of data center operators, among other factors such as location and specifications.
Are data centers vulnerable to cyberattacks?
Yes. Cyberattacks can threaten information security and the availability and performance of data centers. According to data provided by Guidewire, a third-party researcher, cyber risks in Asia-Pacific are just as high, if not higher, than in the U.S. or Europe. A successful cyberattack may inflict significant reputational and operational hits on operators and their tenants (see "Asia-Pacific Corporate Cyber Risks: What You Don't Know Can Hurt You," June 10, 2024).
In June 2024, a ransomware attack shut down a data center owned by the Indonesian government, resulting in disruptions of public services including digital services for immigration, and the loss of information.
How do power availability and green targets affect data center operators?
Power availability and reliability are the top constraints for new supply in the region. For instance, Singapore has limited the building of new data centers, due to the scarcity of land and power. China has also limited new builds in regions with power and water shortages.
Increasingly, we expect to see more data centers powered by renewable energy, even if that may be less prioritized during this initial rush to build facilities.
Chart 2
Data centers with high green standards and access to renewable energy have the upper hand in contract negotiations. Most major economies in Asia-Pacific and large enterprises have established carbon reduction targets. As such, governments are increasingly turning to more sustainable service providers. Enterprises such as the major cloud-service providers (i.e. Amazon Web Services Inc. and Alphabet Inc.) have also set ambitious carbon reduction targets.
The more efficient data centers are typically better placed to manage regulatory shifts. In Chinese cities such as Shanghai, regulators are prompting the closure of some older facilities where power usage effectiveness exceeds 1.7. In May 2024, Singapore announced guidelines requiring greater energy efficiency at existing data centers, and to increase use of green energy.
Table 4
Government measures promoting energy efficiency for data centers | ||||||||
---|---|---|---|---|---|---|---|---|
Country | Announcement | PUE requirements or targets | Other key requirements or targets | |||||
Australia | In 2023, announced a new panel overseeing data center operators providing services to the government | <1.4 | Five-star NABERS energy rating or equivalent; a road map to meet net zero | |||||
China | In 2023, proposed a green standard for the government procurement of data center management services | <1.4 from June 2023 and <1.3 from 2025 onward | Ratio between annual water consumption and annual power consumption of IT equipment <2.5 L/kWh; renewable energy as a % of total energy consumption gradually increasing to 100% in 2032 from 5% in 2023 | |||||
In 2024, unveiled a national action plan on the green development of data centers | Reach <1.5 by end-2025 | Increase the utilization rate of renewable energy in data centers by 10% annually until end-2025 | ||||||
Singapore | Published green data center roadmap in 2024 | Upgrade all data centers to achieve less than or equal to 1.3 over the next 10 years | Upgrade all data centers to achieve total data center water consumption over energy consumption of IT equipment less than or equal to 2.0 m3/MWh, at 100% IT load, over the next 10 years | |||||
PUE--Power usage effectiveness. NABERS--National Australian Built Environment System. L--Liter. IT--Information technology. kWh--Kilowatt hour. m--Meter. MHw—Megawatt hour. Sources: Government websites, S&P Global Ratings. |
Appendix
Table 5
Cross-border transfer and data localization requirements for sample countries in Asia-Pacific | ||||||
---|---|---|---|---|---|---|
Country | Key governing laws | Key provisions on data soverignty | ||||
Australia | The Australian Privacy Act 1988 (1988) | Cross-border data transfers are permitted if there is a legal basis; the transfers must involve steps to ensure overseas recipients do not breach the requirements of the act, unless certain conditions apply. Data localization is required in specific sectors or states. | ||||
China | Personal Information Protection Law (2021), Cybersecurity law (2017), Data Security Law (2021) and industry-specific regulations | Cross-border data transfers out of China for data collected in China require security checks and other approvals. Authorities are proposing some relaxations and exemptions. Sectors such as finance, banking, technology, publishing and automative are required to store certain data (including personal data) within China. | ||||
Singapore | Personal Data Protection Act (2012) | Cross-border data transfers are only permitted if there is a legal basis, and the transfer is to a place with protections that are comparable to the standards set out in the Act. | ||||
Japan | Act on the Protection of Personal Information (2023) | Cross-border data transfers are only permitted if there is a legal basis, and if the transfers are to white-listed countries or third parties with protections that are comparable to the standards set out in the Act. | ||||
India | Digital Personal Data Protection Act (2023)* | The transfer of personal data for the purpose of processing outside India is permitted except to blacklisted countries. Certain sectors (mainly finance or other regulated sectors) have to store certain data in India. | ||||
Malaysia | Personal Data Protection Act (2010) | The country generally prohibits the transfer of personal data outside of Malaysia, with some exceptions. | ||||
Indonesia | Personal Data Protection Law (2022), MOCI Reg. 20/2016 | Transfers of personal data to third countries are only allowed if there is a legal basis and are to approved jurisdictions. Public Electronic System Operators need to store and process personal data in Indonesia. | ||||
Vietnam | Decree No. 13/2023/ND-CP (2023), Decree No. 53/2022/ND-CP (2022) | Overseas transfer of personal data is subject to the filing requirements; approval is needed for data classified as state secrets. Onshore and offshore providers of selected services (mainly telecommunications and internet services) need to store certain data in Vietnam. | ||||
*Still in consultation stage. Sources: Government websites, S&P Global Ratings. |
Editor: Jasper Moiseiwitsch
Digital Designer: Evy Cheung
Related Research
- Approaches For Rating Data Center Financings, Aug. 1, 2024
- The Four Main Approaches For Rating Data Center Financings, June 13, 2024
- Asia-Pacific Corporate Cyber Risks: What You Don't Know Can Hurt You, June 10, 2024
- Data Centers In South And Southeast Asia: Balancing Risk And Reward, Sept. 10, 2023
This report does not constitute a rating action.
Primary Credit Analyst: | Spencer Ng, Singapore +65 6597-6100; spencer.ng@spglobal.com |
Secondary Contacts: | Hwee Yee Ong, CFA, Singapore +65 6597-6193; hwee.yee.ong@spglobal.com |
Simon Wong, Singapore (65) 6239-6336; simon.wong@spglobal.com | |
Yijing Ng, Singapore (65) 6216-1170; yijing.ng@spglobal.com |
No content (including ratings, credit-related analyses and data, valuations, model, software, or other application or output therefrom) or any part thereof (Content) may be modified, reverse engineered, reproduced, or distributed in any form by any means, or stored in a database or retrieval system, without the prior written permission of Standard & Poor’s Financial Services LLC or its affiliates (collectively, S&P). The Content shall not be used for any unlawful or unauthorized purposes. S&P and any third-party providers, as well as their directors, officers, shareholders, employees, or agents (collectively S&P Parties) do not guarantee the accuracy, completeness, timeliness, or availability of the Content. S&P Parties are not responsible for any errors or omissions (negligent or otherwise), regardless of the cause, for the results obtained from the use of the Content, or for the security or maintenance of any data input by the user. The Content is provided on an “as is” basis. S&P PARTIES DISCLAIM ANY AND ALL EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR USE, FREEDOM FROM BUGS, SOFTWARE ERRORS OR DEFECTS, THAT THE CONTENT’S FUNCTIONING WILL BE UNINTERRUPTED, OR THAT THE CONTENT WILL OPERATE WITH ANY SOFTWARE OR HARDWARE CONFIGURATION. In no event shall S&P Parties be liable to any party for any direct, indirect, incidental, exemplary, compensatory, punitive, special or consequential damages, costs, expenses, legal fees, or losses (including, without limitation, lost income or lost profits and opportunity costs or losses caused by negligence) in connection with any use of the Content even if advised of the possibility of such damages.
Credit-related and other analyses, including ratings, and statements in the Content are statements of opinion as of the date they are expressed and not statements of fact. S&P’s opinions, analyses, and rating acknowledgment decisions (described below) are not recommendations to purchase, hold, or sell any securities or to make any investment decisions, and do not address the suitability of any security. S&P assumes no obligation to update the Content following publication in any form or format. The Content should not be relied on and is not a substitute for the skill, judgment, and experience of the user, its management, employees, advisors, and/or clients when making investment and other business decisions. S&P does not act as a fiduciary or an investment advisor except where registered as such. While S&P has obtained information from sources it believes to be reliable, S&P does not perform an audit and undertakes no duty of due diligence or independent verification of any information it receives. Rating-related publications may be published for a variety of reasons that are not necessarily dependent on action by rating committees, including, but not limited to, the publication of a periodic update on a credit rating and related analyses.
To the extent that regulatory authorities allow a rating agency to acknowledge in one jurisdiction a rating issued in another jurisdiction for certain regulatory purposes, S&P reserves the right to assign, withdraw, or suspend such acknowledgement at any time and in its sole discretion. S&P Parties disclaim any duty whatsoever arising out of the assignment, withdrawal, or suspension of an acknowledgment as well as any liability for any damage alleged to have been suffered on account thereof.
S&P keeps certain activities of its business units separate from each other in order to preserve the independence and objectivity of their respective activities. As a result, certain business units of S&P may have information that is not available to other S&P business units. S&P has established policies and procedures to maintain the confidentiality of certain nonpublic information received in connection with each analytical process.
S&P may receive compensation for its ratings and certain analyses, normally from issuers or underwriters of securities or from obligors. S&P reserves the right to disseminate its opinions and analyses. S&P's public ratings and analyses are made available on its Web sites, www.spglobal.com/ratings (free of charge), and www.ratingsdirect.com (subscription), and may be distributed through other means, including via S&P publications and third-party redistributors. Additional information about our ratings fees is available at www.spglobal.com/usratingsfees.