Service levels that let you down, and how to spot them

Four traps to avoid in SaaS service level agreements

Too often, businesses accept vague or heavily qualified service level agreements (SLAs) without realising their limitations—until it’s too late. Around half of the SLAs we review are effectively unenforceable due to imprecise language or extensive exclusions. This can leave customers exposed, particularly where the service is business critical. If things go wrong, you may have no practical remedy.

Here are four common traps to watch out for when reviewing SLAs—especially in SaaS agreements.

Trap 1: Service levels aren’t binding

Suppliers often refer to service levels as “targets”, which suggests they are aspirational rather than contractual. This is a red flag: if a supplier merely aims to meet the service levels, you likely won’t be able to enforce them.

Similarly, where the supplier agrees only to use “reasonable endeavours” to meet a service level, they are unlikely to be liable unless you can prove they acted unreasonably—a difficult threshold to meet. In both cases, there’s no true commitment.

Trap 2: Availability is eroded by exclusions

Availability is typically the most important SLA in a SaaS contract. It refers to the percentage of time a service is expected to be operational during a defined period—commonly measured monthly and expressed as a percentage (e.g., 99.95% or above). For example, 99.97% availability allows for approximately 13 minutes of downtime per month without triggering a breach.

But many contracts undermine this guarantee with broad exclusions that remove key incidents from the definition of “downtime”, such as:

• Scheduled maintenance: Without controls (e.g., limits on frequency or timing), suppliers can take down the service at their discretion.
• Emergency downtime: If unexpected issues are excluded as “emergencies”, the availability commitment becomes meaningless—especially when suppliers already have a buffer (e.g., 0.03% per month) built in.
• Force majeure: While standard in contracts, these exclusions deserve extra scrutiny in SaaS agreements. A robust provider should have business continuity plans in place even for exceptional events. At minimum, they should commit to a recovery timeframe.
• Third-party failures: Many providers disclaim responsibility for issues caused by their cloud hosting partners (often AWS, Google Cloud or Microsoft Azure). From a customer’s perspective, this is untenable: you have no direct claim against those providers, so your SaaS supplier should remain accountable for the full service chain.

If your contract includes all of the above exclusions, the availability SLA may not be worth much in practice.

Trap 3: No meaningful remedy

Even if service levels are clear and binding, what happens if they’re breached? In many cases, it’s difficult to quantify specific losses—making damages hard to claim.

Termination rights might exist for repeated or material failures, but do you really want to end a business-critical contract over a missed SLA?

A better solution is a service credit regime: pre-agreed financial credits for each SLA breach. These:

• Don’t require proof of loss
• Are easy to enforce
• Avoid escalation to full-blown contract termination
• Incentivise suppliers to maintain performance

Trap 4: Vague definitions and opaque measurement

Some SLAs define “downtime” narrowly (e.g., full outages only) and exclude degraded performance, delays, or partial failures. If the supplier controls all monitoring and classification (e.g., what counts as a priority incident), they may underreport service issues.

Look for contracts that allow independent monitoring, or at least provide clear and objective definitions of availability and incident categories.

But Google says no!

Some SaaS providers will argue that they can’t improve service levels because they depend on third-party cloud platforms like Google, Microsoft, or Amazon. That’s worth pushing back on:

• If a provider offers a business-critical service, they should take responsibility for continuity—even if that means building redundancy or paying for premium infrastructure.
• In many cases, the cloud providers offer stronger SLAs than the SaaS providers built on top of them. Your supplier should at least match what’s available upstream.
• Large cloud providers also offer enhanced SLAs, security terms, and data protection options—especially for regulated businesses. It’s worth exploring whether your supplier can pass through those benefits.

What if your supplier won’t move?

If your supplier won’t offer meaningful service levels or remedies, consider your risk profile:

• For non-critical services, weaker SLAs may be acceptable.
• For business-critical systems—like e-commerce platforms or customer-facing portals—you may need to explore alternative suppliers or implement continuity strategies, such as dual vendors or internal failovers.

How we can help

This article highlights just a few of the common pitfalls we see in SaaS service level agreements. We regularly help clients review SLAs, benchmark supplier offerings, and negotiate terms that reflect their business priorities. If you’d like to discuss your own service contracts, our commercial team would be happy to support you.