Red Flags in AI Consulting Proposals (and How to Spot Them)

Most bad AI consulting engagements were predictable from the proposal. The patterns are visible if you know what to look for. Per ECA Partners' framework for vetting AI consultants, the most common warning sign is "Solution-First, Problem-Second Approach" — and per Botscrew's analysis, vague success metrics and technology-first framing are the proposal-stage tells. The most common buyer mistake is not unfamiliarity with consulting but reading the proposal too charitably — assuming "we'll work it out during execution" instead of treating the proposal as the firm's best effort to define the engagement.

This article is the eight red flags that separate proposals likely to deliver from ones likely to disappoint.

Red flag 1: Vague scope with optimistic timeline

The proposal commits to "build an AI-powered solution to address your priority use case" in 8 weeks for $80K, but the actual scope of the use case is not concretely defined.

Why it's a red flag: the firm is committing to a timeline before they understand the work. Either they're planning to pad and pocket the difference, or they're underestimating and will deliver under-scoped work to hit the deadline. Both outcomes are bad.

What to require instead: scope defined as specific deliverables (eval set with 200 examples, RAG retrieval pipeline integrated with [named system], model card document, deployment to production with monitoring) rather than outcomes ("AI solution that solves your problem").

Red flag 2: Missing or hand-waved eval methodology

The proposal mentions "we will measure model quality" without specifying methodology. Or it lists generic metrics (accuracy, F1) without describing the eval set.

Why it's a red flag: per Anthropic's guidance on building effective AI systems, evaluation discipline is the difference between AI engineering and AI demos. Firms without specific eval methodology don't actually do this work.

What to require instead: a concrete eval set construction process, hold-out test design, regression testing approach, and methodology for involving domain experts. Eval methodology should be a named workstream, not a sentence.

Red flag 3: No named team

The proposal lists firm credentials and senior partner bios but doesn't commit to who will actually deliver.

Why it's a red flag: the bait-and-switch pattern. Senior consultants in the proposal phase get swapped for juniors at execution. By month three the team has half-rotated. The original commitment is forgotten.

What to require instead: named individuals with committed allocation percentages and their continuity stated explicitly in the contract. If the firm refuses to name the team, that's the answer.

Red flag 4: Generic compliance language

The proposal mentions "compliance review" or "governance considerations" without specifying which regulations apply or how the work will produce auditable artifacts.

Why it's a red flag: per the NIST AI Risk Management Framework and increasingly the EU AI Act, AI deployments need formal governance documentation. Firms that use generic language usually don't know which regulations apply to your sector.

What to require instead: specific named regulations (HIPAA for healthcare, GLBA for finance, EU AI Act high-risk classification, etc.), specific deliverables (regulatory map, audit trail spec, model card, incident response plan), and an assigned governance workstream owner.

Red flag 5: Fixed-fee on undefined scope

The proposal commits to a fixed total price before scope is concretely defined, and "we'll refine scope during discovery" is the answer to scope questions.

Why it's a red flag: when a firm commits to a price before understanding the work, they protect their margin by cutting work rather than adjusting price. The cuts usually come from evaluation, governance, and integration depth — the unglamorous but essential parts.

What to require instead: either fixed-fee on tightly-defined scope where every deliverable is specified, or time-and-materials with milestone-based controls. Fixed-fee on vague scope is the worst of both worlds.

Red flag 6: Demo-grade work positioned as production

The proposal includes a "working prototype in 2 weeks" or "production-ready demo" or similar language that conflates pilot with production.

Why it's a red flag: production AI systems require infrastructure for monitoring, observability, deployment, rollback, security, audit logging, and integration with operational systems. None of this fits in 2 weeks. A 2-week deliverable is a pilot, and pilots that aren't designed to graduate to production usually don't.

What to require instead: explicit separation of pilot phase and production phase. If the engagement claims to deliver production-ready in 4-6 weeks for a use case requiring real integration, scrutinize the integration scope carefully.

Red flag 7: No reference to specific systems

The proposal describes integration in generic terms ("we'll integrate with your existing systems") without naming specific systems by brand.

Why it's a red flag: integration is the work that kills most AI engagements. A firm that hasn't explicitly considered your specific stack is planning to learn on your dollar.

What to require instead: integration scope by named system (your CRM brand, your data warehouse, your help desk software, your monitoring stack). Time and complexity estimates per integration. Acknowledgment of which integrations the firm has done before vs which are new.

Red flag 8: No payment structure tied to milestones

The proposal asks for upfront payment or large early-stage payments without milestone-based structure.

Why it's a red flag: payment structure reveals the firm's confidence in their delivery. Firms confident they will deliver are willing to tie payment to milestones. Firms with high attrition or shaky execution prefer to be paid before performance is measurable.

What to require instead: payment in 3-5 milestones tied to specific deliverables (eval set complete, model passes quality gate, integration tested, governance package signed off, production deployed with monitoring). 20-30% on signing is reasonable; 80% before delivery is not.

Patterns that compound

Red flags rarely appear alone. The proposals that fail tend to have multiple flags from the same family:

The under-scoped family: vague scope + fixed fee + demo-grade work positioned as production + no specific systems. This is a firm planning to deliver less work than the scope implies, knowing the buyer won't catch the gap until late.

The bait-and-switch family: no named team + generic compliance language + missing eval methodology. This is a firm planning to staff with juniors who will deliver what they can without the discipline that separates AI engineering from demos.

The trap family: fixed-fee on undefined scope + upfront payment + no milestone structure. This is a firm structuring to extract value before the buyer can measure delivery.

When you see the family pattern, walk away regardless of price.

What good proposals actually look like

The proposals that deliver have the same shape across firms: concrete scope as deliverables, eval methodology as a named workstream, named team committed to the engagement, specific regulations and integration points, milestone-based payment structure, honest acknowledgment of risks, and explicit out-of-scope items. They are sometimes longer than vague proposals, sometimes shorter — the length isn't the signal. The specificity is.

The honest takeaway

Bad AI consulting engagements are predictable from the proposal if you read for the patterns. Eight red flags filter most bad engagements. Buyers who read proposals carefully spot the patterns and walk. Buyers who read charitably get the engagement they were warned about.

The proposal is the firm's best effort. Treat it that way. If the proposal has the red flags, the engagement will have them too — only worse, because by then the contract is signed.