Catherine Kariuki Mulika

Deputy Managing Partner, Head of Telecommunications, Media & Technology
T: +254 20 272 7171 C: +254 709 830 100 E: W:

Catherine is a results-focused lawyer. She demonstrates expertise, efficiency, and commercial awareness in dealing with all legal matters about technology, media, and the telecommunication industry.

She also provides advisory services on commercial law, fintech, mobile payments, data protection, cyber security support in digital forensics work, privacy, consumer protection, and intellectual property. Her strength in transactional work and regulatory compliance enables her to work seamlessly with several domestic and multinational companies towards regulatory compliance and business processes, and strategy support. 

Her approach is methodological and innovative, providing direct solutions to clients’ business problems. Her background being a trained and certified public accountant comes in handy when handling transactions with financing connotations. She works closely with industry stakeholders, such as FSIs, PSPs, regulators, telecom, and tech companies to come up with legal solutions for industry-specific issues. She has published several legal opinions on local and international platforms and regularly speaks at several FinTech symposiums, seminars, and workshops. She is a trained and certified Data Protection Officer. 

She has a CPA (II) qualification and is currently pursuing a master’s degree in finance. She is listed in Chambers the Global Fintech Legal 2023 edition as a leading individual in fintech.


  • LLB (Hons.)
  • Diploma in Law (KSL)


  • Law Society of Kenya
  • International Bar Association

Key Matters

1. NCBA Bank Kenya PLC (NCBA)

(The third largest bank in Kenya by assets) in connection with the bank’s organizational operations and overall compliance with the Data Protection Act, Kenya in partnership with Deloitte Kenya.
(Kenya’s largest telecommunications provider and one of the most profitable companies in East and Central Africa) in connection with its compliance with the Data Protection Act.
(Kenya’s flag carrier airline) to enable them as an entity to understand the implications of Kenya’s data protection regulations and the risks it presented to its offerings in Europe and regionally.
(A commercial bank and the largest mortgage finance company in Kenya) in connection with the review of the partnership arrangement with VISA, a regulated payment service provider for a payment gateway for international money transactions.
(A development agency based in Germany) on Agricultural Technology Entrepreneurship in Africa targeting entrepreneurs in the ag-tech space in Kenya, Nigeria, and Ghana serving different supply chain cycles within the ag-tech eco-system. This was in partnership with Deloitte Kenya.
(A listed Kenyan bank with branches spread across East Africa) in connection with conducting interactive sensitization and awareness workshops, and training the various business, legal, IT, and Banqtech teams within the bank. The sensitization involved all the key stakeholders within the organization as a pre-cursor to breaking down the regulatory privacy landscape, assessing gaps, grey areas, and hurdles in their digital offerings as well keeping with international best practices.
(A tier two Kenyan bank) in connection with the review and drafting of the organization’s core ICT contracts including software and hardware license agreements as well as the annual maintenance agreements.
(A chemical distributor, and a subsidiary of the Swiss multinational Sika Group), in connection with the overall compliance with the Kenyan Data Protection Act in their organizational operations.
(Kenya’s leading comprehensive optical care provider) in connection with the organization’s overall compliance with the Kenyan Data Protection Act in their organizational operations.
In connection with legislative review and drafting of the regulatory and legislative provisions that would affect the licensing of digital lenders under the Banking Act.
On its first-ever government-initiated Sandbox initiative under the Ministry of Information, Communication, and Technology (Whitebox Initiative). The Whitebox initiative would see the winning innovations procured by relevant government agencies for eventual funding, acquisition, and public use nationwide.
(The largest digital lender in Kenya) in connection with legal support and advisory on transactional issues and regulatory compliance in connection with its telecommunication network offerings, integrations, and partnership
(A leading global ICT provider) in connection with an in-depth review of the relevant laws against the day-to-day operations of Huawei Kenya to enable advice on areas of compliance or further risks arising from local data protection laws and a comparative analysis with the GDPR. As a follow up our team undertook an interactive session training with the client to address departmental queries arising from the advisory.
(An Agritech company) on the setting up of opportunities and structuring of their entities in Kenya and America. In addition, we were exclusively involved in their implementation and rollout all over Kenya, by drafting the necessary documentation and advising on regulatory requirements for their operations.
(A leading pan-African bank with operations in 36 countries across the continent) in connection with the provision and coordination of training of the bank’s senior legal advisors from all Ecobank affiliates across Africa. The training was on the legal framework of financial technology legislation, cybersecurity, and data protection. These general areas covered a myriad of laws that extended to electronic transactions, regulator guidelines, court procedures, and consumer protection. 




Implementing The Data Protection Act 2019: TripleOKLaw LLP and Deloitte Host Webinar on 19th August 2021

See Article


Privacy Regulation On The Internet Of Things (IoT)

See Article


TripleOKLaw LLP in Africa Top 50: Top African Law Firms List

See Article