Plain language summary: Risiti is for issuing real invoices for real business transactions. Don't use it for fake invoices, tax fraud, or anything illegal. If you misuse the platform, we will suspend your account and report you to KRA and/or the police.
1. Permitted Use
Risiti is designed for one purpose: generating legitimate, eTIMS-compliant electronic tax invoices for real business transactions conducted by registered Kenyan businesses.
You are permitted to use Risiti for:
Issuing eTIMS-compliant invoices for goods sold or services rendered to customers in Kenya.
Registering your inventory items with KRA via the item catalog feature.
Sharing KRA-verified invoices with your customers via SMS, WhatsApp, or PDF download.
Checking the eTIMS compliance status of your suppliers.
Exporting your invoice data for your own record-keeping, accounting, or tax filing.
Using invoice templates to speed up invoicing for recurring customers or product types.
2. Prohibited Use
The following uses are strictly prohibited and constitute grounds for immediate account suspension, reporting to authorities, and civil or criminal legal action.
Fraudulent invoicing. Issuing invoices for transactions that did not occur, for inflated amounts, for fictitious goods or services, or for the purpose of creating false business records.
Tax evasion. Using Risiti to facilitate, conceal, or assist in any form of tax evasion or manipulation of tax records, in violation of the Tax Procedures Act, 2015.
Money laundering. Using invoice records to disguise the proceeds of criminal activity, in violation of the Proceeds of Crime and Anti-Money Laundering Act, 2009.
Unauthorized account sharing. Sharing your Risiti account credentials with third parties who are not authorized representatives of your registered business.
Platform abuse. Attempting to hack, reverse-engineer, scrape, exploit, or disrupt the Risiti platform, its APIs, or underlying infrastructure, in violation of the Computer Misuse and Cybercrimes Act, 2018.
Malware or cyberattacks. Using the platform to transmit malicious code, viruses, or to conduct cyberattacks against KRA, Safaricom, other users, or any third party.
Unauthorized resale. Reselling, sublicensing, or providing third-party access to Risiti's features or your account without PesaStack's prior written consent.
False identity or misrepresentation. Registering with false KRA PIN credentials, impersonating another business, or misrepresenting your identity or business type.
Automated abuse. Using bots, scripts, or automated tools to bulk-generate invoices, scrape data, or spam the platform in ways that degrade service for other users.
3. Consequences of Misuse
If PesaStack determines, in its reasonable judgment, that you are violating this Acceptable Use Policy:
Immediate suspension: Your account will be suspended without notice pending investigation.
Permanent termination: Verified misuse will result in permanent account closure with no refund of subscription fees.
Reporting to KRA: PesaStack is legally obligated to report suspected fraudulent eTIMS activity to the Kenya Revenue Authority. We will do so.
Reporting to law enforcement: Where misuse involves criminal conduct (fraud, money laundering, cybercrime), PesaStack will report the matter to the Directorate of Criminal Investigations (DCI) or other relevant Kenyan authorities.
Civil liability: PesaStack reserves the right to pursue civil damages for any losses incurred as a result of your misuse of the platform.
4. Reporting Misuse
If you believe another user is misusing Risiti — including fraudulent invoicing or impersonating a business — please report it to us immediately:
All reports are treated confidentially. We will investigate and take appropriate action.
5. Updates to This Policy
PesaStack may update this Acceptable Use Policy as the Service evolves or as Kenyan law requires. Material changes will be communicated via email and in-app notification with at least 30 days' notice. Continued use of Risiti constitutes acceptance of the updated policy.