MSP Legal Corner: What Is A Master Services Agreement?

Learn what's included in a master services agreement, what you need to decide when building one and why it's important to protect your managed service provider.

As a managed services provider, you need many legal documents that inform what you do and how your business is structured. One of the most important documents is the master services agreement, which covers the scope of work, services rendered, payment terms and processes you use with your customers.

Understanding what a master services agreement covers and how to avoid common pitfalls is a responsible step for both new and existing managed service providers. (Please note that the information provided in this post does not constitute legal advice. You should consult with your own attorney or lawyer to ensure compliance with the laws in your jurisdiction.)

What Is a Master Services Agreement?

Many people conflate master services agreements with contracts. However, they are different entities. With a master services agreement, the parties cover the entire scope of the relationship. For managed service providers, the agreement spells out the scope of services provided and obligations by both parties. Among the most common sections of an MSP are:

  • Statements of work that define the scope of the Confidentiality guidelines
  • Delivery requirements
  • Geographic locations where work will be done
  • Dispute resolution should conflicts need to be resolved
  • Intellectual property rights
  • Payment terms and schedules
  • The legal venue (usually the state) where legal issues will be adjudicated
  • Warranties, including what goods and services are covered and for what duration
  • Work definitions through which both parties agree what constitutes acceptable work

The totality of these sections of the master service agreement is designed to give all partners a fair and clear understanding of all components of the relationship.

The master services agreement really is a template that overlays the entire relationship of the parties," noted Thomas Fafinski, founder of Virtus Law, which specializes in legal services for managed service providers, in a recent podcast. "A good metaphor is to think of the constitution which says what the government will do and can do.

"That's kind of what the master services agreement is," Fafinski continued. "It's a constitution between the parties who sign up for it. They are saying these are the rules of our game. ... These are the rules that we're going to play by as it relates to any of those listed services."

What Are Some of the Common Pitfalls When it Comes to Master Services Agreements?

All too often, according to Fafinski, MSPs end up patching together master service agreements without taking a high-level approach to creating an agreement that makes sense. Sometimes that patchwork approach can be fine, but often MSPs find themselves looking over their shoulders in fear, especially as it comes to cybersecurity matters, due to items that are not included, vague or open to interpretation, within the agreement.

Cybersecurity has become so prevalent today that the threats are complex and broad in scope. Some of the security provisions are things that the MSP should be responsible for, such as continuously monitored firewalls or automatic patching of operating systems. Others, however, are completely out of their control, especially when it comes to creating a safe physical environment. For example, the MSP cannot be responsible for making sure the doors are locked or that the security systems to protect on-site data centers are in place.

However, it's important that you make sure your master services agreement is clear on these matters. Customers could claim ignorance in such cases. If the master services agreement and scope of work documents are not explicit in such matters, you could find your MSP vulnerable.

"If you don't have the contract language and the master services agreement wrapped around those issues, then you can become liable for things that you have absolutely no control over,' said Fafinski.

Why Not Just Bake In These Details into an Agreement for Services?

The great advantage of using a master services agreement is that it covers the totality of the relationship with a customer. With just an agreement for services, you're fine ... until the customer wants to add another service, such as adding a new server or migrating a software app to a cloud-based version.

"If it's not covered under the existing transactions in the services relationship, we have to start over from zero. We have to negotiate everything that's in there and what we're going to do with it," Fafinski said.

Adding amendments is not a good solution, either. You can end up with multiple amendments instead of one overarching agreement covering all terms and conditions.

What Are Some of the Most Important Provisions For Your Master Services Agreement?

"The art of crafting the appropriate master services agreement is to understand which terms are most important given the relationship that the MSP is likely to have with their customers," Fafinski advises.

Creating a 20-page master services agreement is easy. It would cover every possible component of a provider's relationship with their customers," Fafinski said. Instead, MSPs should realistically decide on what is best to be covered and include it in the agreement.

One important consideration is an assignability clause, which allows the MSP to transfer the contract rights to another party. At a time when mergers and acquisitions activity is high among MSPs, assignability adds value. Multiyear contracts are now the norm with MSPs and with longer-term contracts comes a higher level of attraction to partners or buyers.

Another important consideration is the limitation of liability clause. You want to be sure that your agreements contain the scope of financial obligations that an MSP has in the case of an incident. Usually, that amount is determined by the size and scope of the customer relationship and may be reduced by any insurance payments that cover losses.

Another important component is the limitation of remedy provision, which requires a customer to give your MSP a chance to correct what is claimed to be wrong before moving to a different provider. This provision protects the MSP from a customer that just wants to switch and creates a claim of breach of contract by giving you time to address it.

You should also include a provision that prohibits your customers from hiring existing staff. It's a common issue when a company that started working with your MSP with 20 employees has grown and wants to bring in in-house staff. Who better to hire than someone who has worked on their account via their MSP. Some of these arrangements include a clause that if the customer hires away an employee, they will need to pay a percentage of the salary (often 30 percent, which is what recruiters usually get for placing a new employee) to your MSP.

What Makes For a Strong, Solid Master Services Agreement?

Your master services agreement should be written in clear terms, without a lot of legalistic jargon. Cutting and pasting from sample agreements found online can spell problems down the road with contradictory language. One common area that trips up MSPs is defined terms for items covered in the agreement and in the work to be done.

MSPs should also not include these agreements as part of their marketing. When the marketing department makes claims in their language that contradict or add confusion to definitions in the agreement, you're inviting trouble down the road.

Your MSP offers valuable products and services to its customers. Making sure those products and services are delivered properly in the ways that customers expect and understand is critical. That's why it's imperative to have a well-constructed, thorough and easy-to-understand master services agreement in place.

At Ulistic, we help managed service providers with the marketing of those products and services that improve business outcomes. We help with SEO, website development and content marketing. Grade your MSP website now at

Thomas M. Fafinski

Thomas M. Fafinski is the co-founder of Virtus Law PLLC, a Minneapolis-based boutique firm. Among the firm's specialties is working with managed service providers. Fafinski earned his bachelor's degree in finance from the University of St. Thomas and graduated 13th in his class, cum laude, from the Mitchell Hamline School of Law. In addition to his legal work, he is an adjunct instructor in law and real estate for Kaplan Professional. He is a director of Junior Achievement of the Upper Midwest.


Time For A New MSP Marketing Company?

MSP Marketing Services Guaranteed To Increase Rankings, Exposure and More
Join Now
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram