AI agency RFP template

Most AI agency RFPs we see fall into one of two failure modes. They are either thinly veiled feature lists copied from a software RFP template, or they are 60-page procurement monsters that no senior practitioner will read. This page is the version we wish more buyers would send. It is also the one our internal sales team relaxes when they receive, because it tells us the buyer is serious.

Use it on us. Use it on our competitors. Use it on the agency your brother-in-law recommended. The point is to compare like-for-like and to give every vendor a fair shot at showing their actual work.

When to send an RFP

Not every AI engagement deserves an RFP. The instrument is designed for situations where the cost of a wrong vendor choice is high enough to justify two weeks of process. Three tests:

• Dollar threshold. Engagement value above roughly $100,000 across the first phase, or any retainer over $15,000 per month for more than six months.
• Stakeholder count. More than two people inside your company need to agree on the choice. The RFP becomes the artifact that lets non-technical stakeholders feel ownership of a technical decision.
• Procurement requirement. Your finance or legal team will not approve a vendor over a certain spend without a documented selection process. Comply, and use the documentation as forcing function.

For everything below those thresholds, a structured discovery call with three pre-screened vendors is usually a better tool. Send each vendor the same one-page brief, run a 60-minute call on the same week, and compare notes. That process closes in ten days; an RFP closes in five weeks at best.

What to include: 28 sections

A complete AI agency RFP has roughly 28 sections grouped into six categories. You can collapse, reorder, or extend them; the point is to make sure nothing important is missing.

Category A: About us

1. Company overview. Two paragraphs. What we do, who we sell to, headcount, geographic footprint.
2. Why we are doing this now. The business trigger. A new product, a regulatory change, a margin compression event, a competitor move.
3. Internal stakeholders. Named decision-makers, their roles, who has final sign-off, who will own the relationship after award.
4. Existing tech environment. Cloud provider, identity provider, data warehouse, observability stack, any existing AI platforms in use.
5. Constraints we cannot move. Compliance regimes, data-residency requirements, language requirements, accessibility requirements.

Category B: The work

6. Problem statement. One paragraph in plain English. What is broken, who feels it, what success looks like in their words.
7. Scope of work. Bulleted list of deliverables, sequenced by phase. Be specific enough to invite pushback.
8. Out of scope. Equally important. Tell vendors what you are not buying so they do not pad the proposal.
9. Success metrics. The leading and lagging indicators you will track. If you cannot name them, the vendor cannot design for them.
10. Acceptance criteria. What has to be true at the end of each phase for you to sign off and pay.
11. Existing artifacts. Wireframes, prior consultant reports, internal data schemas — what the winning vendor will inherit on day one.

Category C: The vendor

12. Company background. Years in business, AI specialization since, founders, ownership structure.
13. Proposed team. Named individuals, titles, percentage time, and links to their public work or sanitized examples.
14. Relevant case studies. Three engagements in adjacent verticals or with comparable scope. Outcomes, not adjectives.
15. Methodology. Their end-to-end delivery process. Phases, gates, who participates in each.
16. Tooling and stack. Models, frameworks, observability, evaluation. Their default stack and where they deviate.
17. Subcontractors. Any work that will be outsourced, who to, how it is governed.

Category D: Commercial

18. Pricing. Fee structure with assumptions stated. Fixed, T&M with ceiling, or productized — and why.
19. External pass-through costs. Model API spend, hosting, third-party tools. Estimated monthly range with assumptions.
20. Payment terms. Milestones, invoicing cadence, accepted payment methods, currency.
21. Contract. Standard MSA, willingness to use ours, redline turnaround time.
22. IP ownership. Who owns prompts, code, dashboards, model fine-tunes. Default position and negotiation room.
23. Exit and transition. Notice period, handoff package, transition support pricing.

Category E: Risk and compliance

24. Security posture. Certifications held or in progress, encryption posture, access control, audit logging.
25. Data handling. Where our data lives, retention, deletion, no-training guarantees from underlying model providers.
26. Insurance. Professional liability and cyber liability limits, named carrier.

Category F: Process

27. Submission instructions. Format, length cap, deadline, contact for questions, Q&A cutoff date.
28. Selection timeline. Shortlist date, finalist presentations, reference checks, award date, kickoff date.

Vendor scoring rubric

A scoring rubric exists to make the comparison defensible rather than vibes-based. Six dimensions, weighted to reflect the realities of AI delivery. Adjust the weights to your situation but keep the dimensions.

• Team strength (30%). Named individuals, depth of relevant experience, time commitment. The single best predictor of outcome.
• Methodology fit (20%). Does their process match the messiness of your problem? Productized for productizable work, bespoke for bespoke work.
• Case study credibility (15%). Recent, comparable in scope, with verifiable outcomes — not just logos.
• Commercial clarity (15%). Pricing structure, pass-through costs, IP terms, exit terms. Clarity here is a proxy for organizational maturity.
• Risk posture (10%). Security, data handling, insurance. Lower weight only because most credible vendors clear the bar.
• Cultural fit and responsiveness (10%). The Q&A process is the audition. Slow, evasive, or templated answers tell you what working together will feel like.

Score each dimension 1 to 5 across all responding vendors, multiply by the weight, and total. Anything within 5 percent of the leader belongs in the finalist round. The scores are not the decision — they are the artifact that shows you ran a real process.

Red flags in vendor responses

Patterns that should make you pause regardless of how polished the proposal feels.

• Anonymous team. No named individuals, only roles. The bait-and-switch starts here.
• Recycled case studies. The same case study appears in their public marketing without a single fact changed for your context. They did not actually map their work to your situation.
• No range on external API spend. A serious AI shop has run the numbers. A vague "we will monitor it" is a future surprise invoice.
• Refusal to commit on IP ownership. Read the fine print. If they own the prompts and the code, you have rented a system rather than bought one.
• No exit clause or punitive exit clause. Anything that locks you in for more than 12 months without a unilateral termination right is a defensive structure that protects them, not you.
• Lowest bid by a wide margin. Either they misunderstood the scope, or they plan to expand it via change orders. Both end at the same overrun.
• Highest bid with no rationale. Premium pricing is fine. Premium pricing without a stated reason — senior team, vertical depth, included migration — is just optimism.
• Submission misses the deadline by hours. If they cannot deliver a proposal on time, the project deliveries will follow the same pattern.

How to negotiate the SOW that follows

The RFP gets you to a chosen vendor. The SOW is where the actual relationship is defined, and most buyers leave money and protection on the table because they treat it as a legal formality. A few moves that compound:

• Phase the work. Pay for discovery and design as a small fixed-price phase, with the right to walk before committing to build. The agency that resists this has not done discovery before.
• Tie payments to acceptance, not calendar. Milestone payments should release on signed acceptance against the criteria from RFP section 10. If acceptance is fuzzy, the milestone is fiction.
• Insert a model-deprecation clause. The provider will deprecate the model you launched on within 12 to 18 months. Specify whether migration is included or quoted at a published rate.
• Cap external spend with notice. Set a monthly ceiling on pass-through API costs, with a written notice required before the agency runs you over.
• Negotiate IP by artifact type. You probably want full ownership of the prompts and the data schema. You may not need full ownership of internal tooling the agency reuses across clients. Be specific.
• Define the postmortem cadence. Quarterly written reviews of what worked, what did not, and what changed. This is the artifact that compounds the relationship.
• Pre-negotiate the exit. A 30-day handoff package with documentation, prompt library, deployment scripts, and credentials transfer. Price it now while leverage is balanced; price it at termination and you will pay double.

Honest concession

Running a proper RFP costs you four to six weeks of internal time and roughly forty hours of senior attention across the process. For sub-$100k engagements that is not a good trade. The 25-question evaluation checklist gets you most of the way at a tenth of the time cost. Use the full RFP only when the dollars and the stakeholders justify it.

Further reading

• What is an AI agency — the foundational definition.
• How much does an AI agency cost — the pricing context the RFP assumes.
• AI agency evaluation checklist — the lighter-weight diligence tool.
• Build vs buy vs agency — decide before you write the RFP.
• AI automation ROI — the math the RFP outcomes have to clear.
• Best AI tools 2026 — context on what your shortlisted agencies actually build with.