top of page

Frequently Asked Questions

1. What is the role of the Communications Authority of Kenya in managing the ICT regulatory sandbox?

The Communications Authority of Kenya (CA) facilitates and oversees the ICT Regulatory sandbox. The Authority provides guidance, sets parameters of the regulatory sandbox, and determines which regulatory requirements can be relaxed or waived during the testing phase. The  Authority will also closely monitor participants' progress, assess potential risks, and ensure compliance with consumer protection and data privacy requirements.


2. What are the criteria for selecting participants in the CA regulatory sandbox?


The regulatory sandbox is open to either local or international organizations, including incubators, that are willing to provide innovative technology solutions on a pilot basis. The application should meet the following criteria: innovation, consumer benefit, need for a sandbox, test readiness, consumer protection, risks and mitigation, and exit strategy. The application should include evidence of preliminary testing, a plan for mitigating risks, and a clear exit strategy. The innovation should be genuine in order to address a problem, establish a need for a sandbox, and be ready to be tested.


3.  How can I apply to participate in the CA regulatory sandbox?


Applicants can submit their applications through the ICT regulatory sandbox portal. The applications should   outline their innovation, its potential benefits, the regulatory challenges they expect to encounter, and other relevant details. The applications will be reviewed by the Authority and evaluate its suitability for the ICT sandbox program. 


4.  Can I seek investment or funding while participating in the CA regulatory sandbox?

Yes, innovators can seek investment or funding from potential investors while operating within the sandbox. However, the Authority does not guarantee that the innovation will be granted full commercial authorisation or transition to the applicable licensing framework at the end of the testing period. 


5. Are there any limitations or restrictions in the CA regulatory sandbox?

The ICT regulatory sandbox aims to provide flexibility and regulatory relief, however there are often certain limitations and restrictions in place. These include customer numbers, transaction types, suitability assessment, customer consent, handling customer information, financial promotion, customer agreement requirements, money laundering prevention, counterterrorism financing measures, capital requirements, geographic boundaries, financial reporting requirements, and safeguards to protect customer interests and market safety. The Authority can cancel or vary conditions or restrictions at any time throughout the proposal's lifecycle. The participants must adhere to the ICT regulatory sandbox guidance notes.

6. How are consumer protection and data privacy ensured in the CA regulatory sandbox?

The Authority has a Cyber Security department which ensures the security of consumer information. It enables timely and effective detection, prohibition, prevention, response, investigation and prosecution of computer and cybercrimes and facilitates international cooperation in dealing with computer and cybercrime matters.


The ICT Regulatory sandbox prioritises consumer protection and data privacy, with participants required to comply. The Authority closely monitors these aspects and may have additional mechanisms for data anonymization.


7. How are intellectual property rights protected during the sandbox period?


Intellectual property rights are generally respected and protected within the ICT regulatory sandbox. Participants are advised to consult legal professionals and take appropriate measures to safeguard their intellectual property (IP) before entering the sandbox. This may involve filing patents, trademarks, or copyrights as necessary. However, it's essential to review the specific IP-related provisions and guidelines of the ICT Regulatory sandbox program to ensure adequate protection.

8. What are the reporting and disclosure requirements during the sandbox period?

Participants in the ICT regulatory sandbox is required to submit interim reports to the Authority, detailing performance indicators and milestones. They should also address misconduct, fraud, operational incidents, customer complaints, regulatory requirements, and proposed organisational changes. The frequency and details of these reports will be agreed upon by the Authority. 


Participants must also submit a final report to the Authority detailing key outcomes, performance indicators, incident reports, and customer complaint resolution strategies. If failed, lessons learned, and successful, the plan for transitioning to commercial scale. These reports outline the progress of their innovation, any challenges or risks encountered, consumer feedback, and other relevant information

Additionally, the Authority maintains confidentiality and proprietary status for non-public information received from Applicants or Participants in Regulatory Sandbox applications or tests, not disclosing it unless required by law or agreed upon in writing.      


9. What happens after the completion of the CA regulatory sandbox program?


Once the regulatory sandbox program concludes, participants transition out of the sandbox and enter the commercial market. The regulatory outcomes can vary depending on the results and feedback gathered during the testing phase. The Authority may decide to modify existing regulations, create new ones, or grant specific licences or exemptions based on the insights gained from the sandbox. Participants are then expected to comply with the relevant regulations as they continue their operations.


10. Can I extend the duration of the sandbox program if I need more time to test my innovation?

The possibility of extending the duration of the ICT regulatory sandbox program can vary depending on the specific program and its guidelines. Participants can request extension before the sandbox expiration date with valid justification, granted on a case-by-case basis. In some cases, extensions may be granted if participants require more time to test their innovations or achieve specific milestones adequately. However, it is essential to consult with the Authority​


​11. Can I operate outside the CA regulatory sandbox while testing my innovation?


The ICT Regulatory sandbox allows participants to test their innovations, but the Authority may set specific conditions for transparency and consumer expectations such as the need to communicate that the product or service is being tested to ensure transparency and manage consumer expectations. Innovators are encouraged to operate within the sandbox for benefits like reduced time-to-market, more innovative products, and potential failure consequences.

12. How can I stay updated on the progress and outcomes of the ICT regulatory sandbox program?


The ICT regulatory sandbox provides regular updates through dedicated channels established by the Authority which includes: Automated emails, banners, pop up messages, chat box and the official website. The updates will include key milestones, regulatory changes, and success stories of the participants.

13. Can I collaborate or partner with other participants in the regulatory sandbox program?


The Authority encourages collaborations and partnerships between participants in the ICT regulatory sandbox to foster knowledge sharing, joint testing, and the development of complementary innovations.

14. What happens if my innovation fails during the sandbox period?


The ICT Regulatory sandbox is designed to facilitate experimentation and innovation, recognizing that not all ideas will succeed. If an innovation fails during the sandbox period, participants can learn from the experience and gather valuable insights. The Authority will offer guidance or assistance in understanding the reasons for failure and identifying potential improvements.


15. What are the potential regulatory outcomes or decisions that can arise from the sandbox testing phase?


The regulatory outcomes and decisions resulting from the sandbox testing phase can vary. Based on the insights gained, the Authority may choose to modify existing guidance notes, develop new ones, introduce specific licensing frameworks, or create tailored exemptions for certain types of innovations. The exact outcomes depend on the specific objectives of the sandbox program and the regulatory authority's assessment of the innovations and their impact.

16. How does a regulatory sandbox program foster collaboration between regulators, innovators, and other stakeholders?


The ICT Regulatory sandbox programs facilitate collaboration by providing a structured platform where regulators, innovators, and other stakeholders can interact. This collaboration occurs through ongoing discussions, feedback mechanisms, regular reporting, and consultations. By fostering open communication channels, regulators can gain valuable insights from innovators, enabling them to understand emerging technologies better, assess regulatory challenges, and develop more effective policies.

17. Can I continue testing my innovation in the CA regulatory sandbox if it involves cross-border operations?

The ability to test innovations involving cross-border operations within the ICT regulatory sandbox can vary depending on the jurisdiction and the specific program. Some regulatory sandboxes may have provisions that allow participants to test cross-border services or products, provided they comply with relevant laws and regulations in both their home country and the target jurisdiction. It is crucial to review the program guidelines and consult with the regulatory authorities to understand the scope and limitations related to cross-border operations.

18. How can I ensure compliance with regulations once I transition out of the regulatory sandbox?


Transitioning out of the ICT Regulatory sandbox requires careful consideration of compliance with relevant regulations. The Authority will provide participants with guidance and support during this phase, including information on the regulatory requirements they must fulfil once they leave the sandbox. 


19. Does the ICT Regulatory sandbox foster international cooperation and knowledge exchange?


The ICT Regulatory sandbox serves as a platform for international cooperation and knowledge exchange. The Communications Authority of Kenya (CA) shares best practices, experiences, and insights. International cooperation will help regulate, align their approaches, learn from each other's successes and challenges, and promote harmonisation of regulatory frameworks across borders. Knowledge exchange can also enhance innovation ecosystems and foster cross-border collaborations in emerging technologies and industries.

bottom of page