Client sent a 40-page MSA in English — what to check in one evening without a lawyer
An MSA (Master Service Agreement) is the framework that later SOWs or purchase orders attach to. A US or EU client emails a PDF in English with "Please sign by EOD". You open it, see 35 pages of small print, and wonder: sign and move on, or spend the evening reading?
Option two is almost always cheaper. Below is a 12-point checklist worth running before you sign. This is not legal advice, but it filters out most traps freelancers and small vendors hit.
MSA vs SOW
MSA — general terms: payment, IP, liability, confidentiality, termination.
SOW (Statement of Work) — one project: scope, timeline, deliverables, budget.
Typical flow: sign the MSA once → sign a short SOW per project. The risk: the MSA lasts years while you read each SOW more carefully. A mistake in the MSA hits every future project with that client.
Checklist: 12 items before signing
1. Scope and change control
Search for: scope of services, change order, written approval.
Red flag: the client can expand work via Slack or email, but you only get paid for the "original scope".
OK: any scope increase needs a written change order with price and timeline.
2. Payment: Net 30, Net 60, milestones
Search for: payment terms, invoice, net 30, upon acceptance.
Red flag: payment "upon final acceptance" with no review deadline — the client can delay acceptance for months.
OK: milestones every 2–4 weeks; acceptance within 5–10 business days or deemed accepted.
3. IP and work made for hire
Search for: work made for hire, assign, intellectual property, pre-existing materials.
Red flag: all code/design belongs to the client from creation, including your libraries and pre-project work.
OK: client gets rights to project deliverables; your pre-existing IP stays yours with a license to the client.
For developers this is often item #1.
4. Indemnification
Search for: indemnify, hold harmless, defend.
Red flag: you indemnify the client for any third-party claim, including misuse of your work by the client.
OK: indemnity limited to your negligence and scope; capped amount.
Many people skip this clause because the language is boring — that is a mistake.
5. Limitation of liability
Search for: limitation of liability, cap, consequential damages.
Red flag: liability cap is $0 for you, or only "fees paid in last 3 months", while indemnification is uncapped.
OK: cap equals contract value or 12 months of fees; mutual exclusion of consequential damages.
6. Warranty and "as is"
Search for: warranty, fitness for a particular purpose, as is.
Red flag: you warrant the product "will run error-free in production 24/7" without an SLA.
OK: 30–90 day warranty on bugs in your code, not the client's infrastructure.
7. Termination
Search for: termination for convenience, termination for cause, notice period.
Red flag: client can terminate anytime without paying for work done; you can only terminate for cause after a long cure period.
OK: termination for convenience with payment for work performed; symmetric terms.
8. Non-compete and exclusivity
Search for: non-compete, exclusive, non-solicitation.
Red flag: you cannot work with the client's competitors globally for two years.
OK: non-solicitation of the client's employees is common; broad non-compete is often negotiable.
9. Confidentiality
Search for: confidential information, return of materials, survival.
Red flag: "everything you saw at the client is confidential forever", including general industry knowledge.
OK: clear definition, standard exclusions (public domain, independently developed), 2–5 year term.
10. Governing law and jurisdiction
Search for: governing law, jurisdiction, dispute resolution, arbitration.
Red flag: Delaware / New York courts while you are abroad — dispute cost starts at $15k before merits.
OK: arbitration (AAA, ICC) or a conscious acceptance of the risk. For smaller deals, contractor-country law is sometimes negotiable.
11. Independent contractor status
Search for: independent contractor, employee, benefits, tax.
Red flag: client controls your schedule, requires exclusivity, provides equipment — tax authorities may reclassify as employment.
OK: explicit IC status, you pay your own taxes, you control how work is done.
12. Assignment
Search for: assign, change of control.
Red flag: client can assign the agreement to any acquirer without your consent; you cannot use a subcontractor even with approval.
OK: client assignment with notice; subcontracting with consent not unreasonably withheld.
How to run the checklist in one evening
Step 1. Ctrl+F in the PDF: indemnif, liability, terminate, assign, work for hire, payment, governing.
Step 2. List each hit: quote → meaning → OK / negotiate / stop.
Step 3. Send 3–5 redlines to the client — not "I won't sign", but "proposed edits to sections 4.2, 7.1, 12.3". Western companies expect this.
Step 4. Mark unclear items "need a lawyer"; do not sign silently.
For a 30–40 page MSA, expect 1.5–3 hours with this list. Without it — either eight hours or zero (and a surprise later).
When the checklist is not enough
- Contract value > $50k or multi-year exclusivity
- Uncapped indemnification + US governing law + you carry client compliance
- MSA plus equity / revenue share / joint IP
- Client is in a regulated industry (fintech, health, gov) and pushes compliance onto you
For a typical $5–30k freelance deal, checklist + targeted redlines often suffices.
Phrases that sound harmless
| Phrase in MSA | What it often hides |
|---|---|
| Services shall be performed in a professional manner | Standard, but no acceptance criteria = dispute over "professional" |
| Contractor shall comply with all applicable laws | You may carry client's GDPR/HIPAA burden |
| Time is of the essence | Delay = material breach, client may withhold payment |
| Survival | Indemnity and confidentiality live 3–5 years after end |
| Entire agreement | Verbal promises from sales do not count |
Next step
If the MSA is already in your inbox — do not postpone. Run the checklist today. If English is slow to read, start with a structured risk summary so you know which sections to dig into.
Upload PDF or DOCX to Contractoor — highlighted risks in plain language plus translation to RU/KZ/UZ/ID. Three free analyses, no card.
Need a stamped translation for a bank, visa, or court? Certified translation request
Informational content only, not legal advice. Consult a qualified lawyer in your jurisdiction before signing.