Service Level Agreement (Kenya)

A Service Level Agreement in Kenya sets out the rights, duties and consideration binding the parties to it.

Service Level Agreements are used across multiple sectors of the Kenyan economy. In the telecommunications sector, licensed operators under the Kenya Information and Communications Act Cap. 411A are subject to Quality of Service (QoS) regulations issued by the Communications Authority of Kenya (CA), and their SLAs with enterprise customers must align with CA-prescribed minimum standards. In the financial services sector, banks and payment service providers subject to Central Bank of Kenya oversight under the National Payment System Act No. 39 of 2011 use SLAs to govern outsourced technology and processing services, consistent with the CBK Outsourcing Guidelines for Institutions Regulated by the Central Bank of Kenya.

In the public sector, the Public Procurement and Asset Disposal Act No. 33 of 2015 and the Public Procurement and Asset Disposal Regulations 2020, administered by the Public Procurement Regulatory Authority (PPRA), require that contracts for goods and services above the prescribed threshold include clear performance standards and remedy mechanisms. SLAs for government ICT contracts in Kenya follow the guidelines of the ICT Authority, established under the Kenya Information and Communications Act Cap. 411A to coordinate government technology procurement.

Cloud and software-as-a-service (SaaS) SLAs in Kenya must also address the Data Protection Act No. 24 of 2019, administered by the Office of the Data Protection Commissioner (ODPC). Where the service provider processes personal data as a data processor, the SLA or the accompanying data processing agreement must specify security standards, incident response times for data breaches (notification within 72 hours to the ODPC under the Data Protection (General) Regulations 2021), and data retention and deletion obligations.

The Consumer Protection Act No. 46 of 2012, administered by the Competition Authority of Kenya (CAK), is relevant where SLAs are offered to consumers on a standard-form basis. Unfair terms that exclude or limit the service provider's liability in ways that are contrary to good faith and that cause a significant imbalance in the parties' rights may be declared void by the CAK or the High Court of Kenya under the Consumer Protection Act. The CAK has jurisdiction to investigate complaints about non-performance of SLA obligations by service suppliers.

An SLA in Kenya is typically a separate schedule to a master Service Agreement, allowing the performance metrics to be updated periodically without requiring a full contract renegotiation. The master agreement governs the overarching commercial relationship, while the SLA sets the current performance commitments and service credits. The parties should include a review mechanism — for example, an annual SLA review at which metrics are recalibrated based on actual performance data — to keep the SLA commercially relevant.

The outsourcing of critical services in the banking and financial sector in Kenya is subject to additional regulatory oversight. The Central Bank of Kenya (CBK) Outsourcing Guidelines require regulated institutions — banks, microfinance institutions, and payment service providers — to conduct prior risk assessments before outsourcing material functions, to retain governance and audit rights over the outsourced service, and to confirm that the SLA includes provisions for business continuity and disaster recovery. The CBK Outsourcing Guidelines further require that the SLA allow the CBK to conduct on-site examinations of the service provider's operations that relate to the regulated institution. For insurance companies regulated by the Insurance Regulatory Authority (IRA) under the Insurance Act Cap. 487, similar outsourcing requirements apply. These sector-specific obligations mean that a Kenya SLA for a financial services client must go beyond standard commercial terms and incorporate regulator-mandated provisions — a task for which the forms-legal.com Kenya Service Level Agreement template provides the correct structural foundation.

A Service Level Agreement in Kenya is required whenever a business relies on a service provider for a critical operational function and needs contractual assurance — backed by financial remedies — that the service will be delivered at a consistent, measurable standard.

An SLA is needed when a company outsources IT infrastructure, data centre hosting, or cloud services to a third-party provider. Without an SLA, downtime or degraded performance causes business disruption with no contractual remedy beyond a general damages claim under the Law of Contract Act Cap. 23, which requires proof of actual loss — a difficult and slow process before the Commercial Division of the High Court of Kenya.

An SLA is required when a bank or payment service provider outsources core banking systems, mobile banking platforms, or payment processing to a technology vendor. The Central Bank of Kenya's Outsourcing Guidelines require regulated institutions to maintain written SLAs with service providers that specify performance standards, security requirements, business continuity obligations, and the institution's right to audit and terminate.

An SLA is needed when a large enterprise contracts with a logistics provider, facilities management company, or professional services firm for ongoing services. The SLA translates the commercial expectation — delivery within 24 hours, office cleaning five days per week, payroll processing by the 25th of each month — into measurable obligations with financial consequences for non-performance.

An SLA is required in government procurement contracts under the Public Procurement and Asset Disposal Act No. 33 of 2015. The PPRA standard bidding documents for IT and professional services require SLA schedules with defined KPIs, reporting obligations, and remedy mechanisms. Without an SLA, the procuring entity cannot hold the supplier accountable to performance standards.

An SLA is needed when a business provides software-as-a-service (SaaS) to multiple customers on a subscription basis. The SLA defines the uptime commitment, the service credit mechanism for outages, the support tier structure (response times by severity), and the exclusions from the uptime calculation — scheduled maintenance windows, force majeure events, and customer-caused outages. The SLA protects the provider from unlimited liability while giving customers certainty about minimum service standards.

Under the Companies Act No. 17 of 2015, the Registrar of Companies at the Office of the Attorney General maintains the register of Kenyan companies. Section 3 of the Law of Contract Act (Cap. 23) governs contractual obligations. The Competition Authority of Kenya (CAK) enforces the Competition Act No. 12 of 2010. The Kenya Revenue Authority (KRA) administers corporate tax under the Income Tax Act (Cap. 470). The High Court of Kenya has unlimited original jurisdiction under Article 165 of the Constitution of Kenya 2010.

A Kenya Service Level Agreement under the Law of Contract Act Cap. 23 must include the following key elements to be measurable, enforceable, and operationally effective.

Parties and Scope: Full legal names and addresses of the service provider and the client; the services to which the SLA applies (by reference to the master Service Agreement or a defined scope schedule); and the effective date.

Service Level Definitions: A precise definition of each performance metric — uptime (expressed as a percentage of total scheduled service time per calendar month), response time (time from incident report to initial provider response), resolution time (time from incident report to service restoration), transaction success rate, and throughput — with the measurement methodology and data sources specified. Ambiguous metric definitions are the most common source of SLA disputes in Kenya.

Performance Targets: The target level for each metric — for example, 99.9% uptime, 4-hour response for Priority 1 incidents, 99.5% transaction success rate — and the measurement period (monthly, quarterly). Where the Communications Authority of Kenya has prescribed minimum QoS standards for a regulated service, the SLA targets must meet or exceed those standards.

Service Credit Mechanism: A graduated table of service credits (monetary rebates from the service fee) triggered when actual performance falls below the target — for example, 5% monthly fee credit for uptime between 99.5% and 99.9%, 10% for uptime between 99.0% and 99.5%, and 15% for uptime below 99.0%. Service credits should be the client's sole and exclusive remedy for SLA failures unless the agreement provides otherwise, and should be capped to prevent service credits from exceeding the total monthly fee.

Exclusions and Planned Maintenance: Events that are excluded from the uptime and performance calculations — scheduled maintenance windows (with minimum advance notice requirements), force majeure events under Kenyan common law, failures caused by the client's equipment or actions, and failures attributable to third-party network providers or utility outages. Scheduled maintenance windows should be disclosed at least 72 hours in advance.

Incident Management and Reporting: The incident classification system (Priority 1 — service down, Priority 2 — significant degradation, Priority 3 — minor impact); the escalation path within the service provider's organisation; the communication channel (email, ticketing system, dedicated phone line); and the monthly service report format — including uptime statistics, incident log, service credit calculation, and trend analysis.

Remediation and Termination Rights: The client's right to terminate the master Service Agreement for cause after repeated SLA failures — for example, three consecutive months in which the uptime target is missed — without paying a termination fee, protecting the client from being locked into a consistently underperforming service.

Review and Amendment: The mechanism for annual SLA review, the process for agreeing amended performance targets, and the authority level required within each organisation to approve SLA amendments.

Governing Law and Dispute Resolution: The SLA and the master Service Agreement are governed by the laws of Kenya. Disputes may be referred to arbitration under the Arbitration Act No. 4 of 1995 before the Nairobi Centre for International Arbitration (NCIA), or to the Commercial Division of the High Court of Kenya. The forms-legal.com Kenya Service Level Agreement template includes all standard KPI definitions and service credit tables consistent with market practice in the Kenyan IT and professional services sector.

Business continuity and disaster recovery are increasingly required elements of a Kenya SLA, particularly in the financial services and technology sectors. The Central Bank of Kenya (CBK) Outsourcing Guidelines require that SLAs with outsourced service providers include provisions for business continuity planning, recovery time objectives (RTO), and recovery point objectives (RPO). The ICT Authority of Kenya, established under the Kenya Information and Communications Act Cap. 411A, recommends that government ICT SLAs include minimum RTO and RPO standards appropriate to the criticality of the service. Where the SLA covers cloud services, the provider's data centre location and data residency commitments under the Data Protection Act No. 24 of 2019 must also be specified.

Under the Companies Act No. 17 of 2015, the Registrar of Companies at the Office of the Attorney General maintains the register of Kenyan companies. Section 3 of the Law of Contract Act (Cap. 23) governs contractual obligations. The Competition Authority of Kenya (CAK) enforces the Competition Act No. 12 of 2010. The Kenya Revenue Authority (KRA) administers corporate tax under the Income Tax Act (Cap. 470). The High Court of Kenya has unlimited original jurisdiction under Article 165 of the Constitution of Kenya 2010.