US federal agencies have proposed an interagency framework to accelerate permitting for modular data centers as part of a new national infrastructure initiative. The effort, involving the Department of Commerce, Department of Homeland Security (DHS), National Institute of Standards and Technology (NIST), and the Office of Science and Technology Policy (OSTP), aims to expedite project approvals while maintaining security and resilience standards. Key provisions include environmental categorical exclusions, accelerated National Environmental Policy Act (NEPA) reviews, and the application of federal security frameworks, with phased implementation planned through 2025 and early 2026.
Background
The initiative follows a July 2025 executive order directing the Federal Permitting Improvement Steering Council (FPISC) to identify "Qualifying Projects"-including data center developments exceeding $500 million or classified as critical infrastructure-and prioritize them under the FAST-41 process. This measure seeks to enhance transparency and shorten review timelines. The Environmental Protection Agency (EPA) has been instructed to strengthen regulatory provisions under federal environmental laws to further support these projects.
Details
The framework specifies that modular data centers meeting certain criteria-such as capital expenditures above $500 million, incremental electric loads exceeding 100 MW, or designation as critical to national security-are eligible for expedited review. These projects are tracked via the FAST-41 Permitting Dashboard within 30 days of identification to ensure timely permitting.
EPA is tasked with creating categorical exclusions under NEPA and accelerating actions under key environmental statutes, including the Clean Air Act, Clean Water Act, Comprehensive Environmental Response, Compensation, and Liability Act (CERCLA), and the Toxic Substances Control Act, to minimize regulatory delays.
Financial incentives, including grants, loan guarantees, and tax benefits, will be coordinated by Commerce and OSTP for qualifying modular data center projects. DHS and NIST will implement aligned security standards such as FedRAMP High Impact, Cybersecurity Maturity Model Certification (CMMC) Level 3, NIST SP 800-171, and FIPS 140-3 for high-risk, AI-capable infrastructure. Security and resilience metrics will be integrated into permitting decisions. These measures are based on federal recommendations issued in a January 2025 Federal Register notice and refined through subsequent executive actions.
Outlook
Implementation is expected in two phases: initial procedural guidance and exclusions by late 2025, followed by integration of security and resilience standards in early 2026. Data center developers and utilities may benefit from shorter permitting timelines and clearer compliance requirements. Local permitting authorities may need to adjust workflows to align with the federal framework. Incorporating performance metrics and increased dashboard transparency could inform future infrastructure planning.
