3 Must-Have Clauses for Your MSA - monjur

Your Master Services Agreement (MSA) is more than a formality. It’s your first line of defense. A strong MSA helps you prevent misunderstandings, enforce payments, and stay compliant. But many small businesses are missing critical protections.

Here are the three most important clauses your MSA should always include:

Protection from Criminal Acts of Third Parties

Cyberattacks, vendor outages, and criminal breaches are real threats. But without the right clause, clients may assume these risks fall on you. Your MSA should clearly state that you are not liable for criminal actions beyond your control, including breaches caused by third-party vendors or external attackers.

Shared Responsibility for Backups and Data

Even if you provide a primary backup service, your client needs to undertake to take a secondary or tertiary backup of key data.

Regulatory Risk Language

Laws like HIPAA, GLBA, and the FTC Safeguards Rule require very specific protections. Your MSA should show that you understand these standards and that your clients have responsibilities too. This sets expectations early and reduces your liability.

No Responsibility for Ignored Security Advice

If you recommend MFA, backups, or other critical security measures and your client declines, your MSA should clearly state that you are not liable for the consequences. This avoids blame when a breach occurs due to their refusal to follow best practices.

How Monjur Helps

Every MSA delivered through Monjur Pilot includes:

Attorney-reviewed clauses for cyber risk, vendor failures, and regulatory alignment
Language that evolves automatically as rules change
Smart Hyperlinks, so these protections show up wherever your contracts live

Want to see how your current MSA compares? Download the Free MSA Checklist and protect your next deal.