A number of stakeholders want offensive clauses in the Finance 2025 to be deleted.

They cited the proposal to allow the Kenya Revenue Authority (KRA) to have access to personal financial data and the recommendation to have Value Added Tax status on the transportation of sugarcane from farms to milling factories should be deleted.

They also named the proposal to introduce excise duty on a variety of imported materials, the suggestion seeking to remove 15 per cent tax for real estate developers, the one seeking reclassification of motorcycles, electric bicycles and electric buses and the one seeking to extend timelines for review of tax overpayment claims from 90 days to 120 days as clauses that should be removed from the bill.

Tax-free limits

In addition, they also want the bill to maintain the tax-free limits applicable to the first Ksh300,000 and Ksh600,000 on pension withdrawals and not limit the exemption on income/withdrawals to the first Ksh300,000.

They further want the proposal to abolish the 15 per cent preferential corporate tax rate for local motor vehicle assemblers in their first five years of operation, extendable for another five years if they achieve 50 per cent local content in the ex-factory value of vehicles deleted.

In their recommendations submitted to the National Assembly’s Finance and Planning Committee that is conducting public hearings on the bill, the Law Society of Kenya (LSK), KPMG, Cliffe Dekker Hofmeyr’s (CDH’S),Yellow Card, Andersen and ALN Kenya — Anjarwalla and Khanna said there is need for amendments to do away with some of the proposals.

The entities took issue with the suggestions giving powers to the commissioner to automatically access trade secrets and personal data information, saying it poses a risk of data breaches for taxpayers as well as  fails to impose on KRA, the onus to provide technical and organizational safeguards to ensure that the personal data collected from taxpayers is well protected, a move that is contrary to the data protection principles.

The Bill which was tabled in Parliament last month has given KRA powers access to personal financial data such as M-Pesa transaction and bank accounts as it will require individuals to integrate or share their data regarding business’ activities.

If approved, the proposal Bill will grant KRA the power to compel businesses to share transactional information relating to their operations.

Reads the Bill: “Section 59A of the Tax Procedures Act is amended by deleting subsection (1B),” the Draft Finance Bill 2025 reads in part.

The aforementioned subsection (1B) under the Tax Procedures Act highlights that: “The commissioner shall not require a person to integrate or share data relating to (a) trade secrets; and (b) private or personal data held on behalf of customers or collected in the course of business.”

Last year, KRA failed in its attempt to gain access to detailed corporate transactional data and trade secrets through proposed legal amendments after the same committee blocked the initiative.

But in it recommendations, LSK, argued that the provision is overly broad as it gives KRA or any other authority undertaking tax enforcement a blanket mandate to access a wide range of data held by both private and public persons as well as enables KRA to access virtually any database in Kenya yet processing of such big datasets would require artificial intelligence and technologies that require caution and overpayment claim

Reads the submission by LSK: “LSK recommends deletion of this proposal. In the alternative, the LSK proposes that Parliament should create separate provisions under each tax law specifying the specific entities and thresholds under which KRA may request access for purposes of tax assessment and/or or enforcement and incorporate protection of due process to avoid arbitrary demands.”

KPMG said that the amendments pose a risk of data breaches as well as fail to impose on KRA the onus to provide technical and organisational safeguards to ensure that the personal data collected from taxpayers is well protected.

Privacy breaches

Andersen in Kenya, led by Managing Director Philiph Muema, also called for the deletion of the said clause, saying the proposal poses significant risks—ranging from intellectual property theft and data privacy breaches, while CDH, led by its partner Ale Kanyi, said the proposal raises serious concerns regarding data protection, confidentiality, and commercial competitiveness.

ALN Kenya-Anjarwalla and Khanna called for the deletion of the said proposal on the grounds it allows the commissioner to have unchecked access to highly sensitive business and personal information,n which not only risks breaching constitutional protections but also disregards key principles under the Data Protection Act.