top of page
TSM Insurance Services logo

How to Pass a California Government Insurance Review on the First Submission

  • Writer: TSM Insurance
    TSM Insurance
  • 2 days ago
  • 8 min read

Updated: 6 hours ago

You have done the hard work. You found the perfect Request for Proposal (RFP) from a California government agency. You spent weeks developing a technical solution, calculating your pricing, and refining your proposal narrative. You submitted the bid, and you won.


But before you can sign the contract and start billing, there is one final hurdle: the insurance review.


For many government contractors, this is where the celebration stops and the headache begins. You send over your Certificate of Insurance (COI), expecting a quick rubber stamp. Instead, you get a rejection email from the compliance officer or a third-party risk management platform like Ebix or Exigis.

  • "Missing Waiver of Subrogation."

  • "Additional Insured endorsement not attached."

  • "Cyber Liability limits insufficient."

  • "Auto Liability missing Hired/Non-Owned coverage."


Suddenly, you are scrambling. The contract award is contingent on providing compliant insurance within 10 days. If you miss the deadline, the agency can—and often will—rescind the offer and move to the next bidder.


Passing a government insurance compliance California review doesn't have to be a gamble. It requires understanding exactly what the agency is asking for and ensuring your policy matches their matrix before you even submit the bid.


In this guide, we provide a comprehensive RFP insurance checklist designed specifically for vendors bidding on contracts with California municipalities, counties, and special districts. We will break down the minimum limits, the mandatory endorsements, and the specific cyber triggers that cause most rejections.


Phase 1: The "Must-Have" Limits Check

The first thing a compliance officer looks at is the numbers. If your limits are too low, they stop reading immediately. Do not assume your standard business policy is enough. Government contracts almost always require higher limits than the private sector.


General Liability: The $2M/$4M Standard

Most small business policies come with limits of $1,000,000 per occurrence and $2,000,000 aggregate.For many California government contracts, this is no longer sufficient.

  • The Requirement: Many RFPs now demand $2,000,000 per occurrence and $4,000,000 aggregate.

  • The Fix: You may need to increase your primary limits or purchase a Commercial Umbrella / Excess Liability policy to bridge the gap.

  • The Pitfall: Ensure the aggregate limit applies "Per Project" or "Per Location." Agencies want to know that claims from your other jobs won't erode the protection available to them.


Automobile Liability: The $1M Combined Single Limit

If your employees drive to the government site, or even if they just drive their own cars to a meeting, this applies to you.

  • The Requirement: $1,000,000 Combined Single Limit (CSL).

  • The Pitfall: Personal auto policies (split limits like 100/300/50) are not accepted for commercial contracts. You need a Commercial Auto policy.

  • Hidden Requirement: "Hired and Non-Owned Auto" coverage. This covers you if you rent a car or if an employee uses their personal vehicle for work. If this box isn't checked on your COI, you will be rejected.


Workers' Compensation: Statutory Limits

  • The Requirement: Statutory Limits (whatever the state requires) + Employer's Liability limits of at least $1,000,000.

  • The Pitfall: Many standard policies have Employer's Liability limits of $500,000. Bumping this to $1 million is usually cheap, but forgetting to do it is a common reason for rejection.


Cyber Liability: The New $5M Hurdle

This is the area causing the most friction today.

  • The Requirement: $5,000,000 per claim / aggregate for contracts involving PII, PHI, or critical infrastructure.

  • The Pitfall: Submitting a policy with a $1M or $2M limit. Increasing this to $5M takes time and underwriting approval. Do not wait until the last minute.

To see how we help businesses structure these liability towers, visit our Business Insurance page.


Phase 2: The Mandatory Endorsements Checklist

Limits are just numbers. Endorsements are legal changes to the policy that give the government agency rights. This is where 80% of insurance review government contracts fail.

You cannot just say you have these endorsements; you usually have to attach the actual policy forms (e.g., CG 20 10) to the certificate.


1. Additional Insured (AI)

What it is: It adds the government agency to your policy as an insured party. If they get sued because of your negligence, your policy defends them.The Checklist Item:

  • Does the endorsement specifically name the agency (e.g., "County of Sacramento")?

  • Or, does it have a "Blanket" status (e.g., "Any person or organization where required by written contract")?

  • Crucial Check: Does it cover "Ongoing Operations" (Form CG 20 10) AND "Completed Operations" (Form CG 20 37)? Most construction and service contracts require both. If you only provide Ongoing Operations, you are non-compliant.


2. Waiver of Subrogation (WOS)

What it is: You agree that your insurance company cannot sue the government agency to recover money they paid out on a claim, even if the government was partially at fault.The Checklist Item:

  • Is the "SUBR WVD" box checked on the ACORD form?

  • Is the actual endorsement form attached?

  • Crucial Check: Do you have this for General Liability AND Workers' Compensation? Government agencies are strict about Workers' Comp waivers because they don't want your injured employees suing them.


3. Primary and Non-Contributory

What it is: This clause states that your insurance pays first (Primary) and that the government's own insurance will not be asked to chip in (Non-Contributory).The Checklist Item:

  • Is this language explicitly written in the Description of Operations box?

  • Is the endorsement attached?


4. Severability of Interests (Separation of Insureds)

What it is: This ensures that the policy applies separately to each insured against whom a claim is made. Essentially, if you sue the government (who is an Additional Insured on your policy), the policy still protects them.The Checklist Item:

  • Check your standard policy conditions. Most modern ISO forms include this, but strict compliance officers may ask you to point it out in the policy language.


5. Notice of Cancellation

What it is: The government wants to know if your insurance is cancelled.The Checklist Item:

  • Standard requires 30 days notice.

  • Crucial Check: Does the RFP require notice for non-payment of premium? Usually, carriers only give 10 days for non-payment. Ensure your COI reflects the reality (10 days for non-payment, 30 days for other reasons). Promising 30 days for non-payment when the policy says 10 is a material misrepresentation.


Phase 3: The Cyber & Tech E&O Deep Dive

If your contract involves software, data, consulting, or healthcare, the RFP insurance checklist for Cyber is extensive. General Liability endorsements do not work here. You need a standalone, specialized policy.


1. The "Tech E&O" Trap

Does the RFP ask for coverage for "professional negligence," "errors and omissions," or "failure of technology services"?

  • Check: Does your policy say "Technology Errors and Omissions" or just "Network Security"?

  • Why it matters: If you accidentally crash their server (no hackers involved), a standard Cyber policy won't pay. You need Tech E&O.


2. Ransomware and Data Exfiltration

  • Check: Does the policy cover Ransomware to the full policy limit?

  • Check: Does it cover "Data Exfiltration" (theft of data without encryption)?

  • Pitfall: Look for sub-limits. If you have a $5M policy but a $50k sub-limit for ransomware, you will be disqualified.


3. Breach Notification Costs (First Party)

  • Check: Does the policy cover the cost of notifying individuals (postage, printing)?

  • Check: Does it cover credit monitoring services?

  • Check: Is this coverage "Outside the Limit" or part of the aggregate? RFPs prefer it to be in addition to the liability limit, or for the limit to be high enough to absorb it.


4. Regulatory Fines & Penalties

  • Check: Does the policy affirmatively cover fines from HIPAA, CCPA, or other regulatory bodies?

  • Check: Is there a "consumer redress fund" exclusion? (You want to ensure this is covered where insurable).


5. Social Engineering / Wire Fraud

While not always in the strict compliance matrix, this is a massive risk.

  • Check: Does the policy cover "Invoice Manipulation" or "Funds Transfer Fraud"? Government vendors are prime targets for phishing scams that redirect payments.


For detailed insights on navigating these specific tech requirements, review our guide on Cyber Liability.


Phase 4: Workers' Compensation & Auto Specifics

These seem simple, but they trigger surprising rejections.


Workers' Comp for Sole Proprietors

The Scenario: You are a consultant with no employees.The Problem: California law requires Workers' Comp for employees. If you have none, you can usually waive this.The Fix: You must submit a "Waiver letter" stating you have no employees. However, some government entities (like transit districts) are aggressive and require you to buy a "Ghost Policy" (a minimum premium policy) just to be safe, in case you hire someone mid-contract. Check the RFP language: "Sole proprietors must provide evidence of coverage" vs "Sole proprietors exempt."


Auto Liability for Non-Drivers

The Scenario: You are a software coder working remotely. You never drive to the government office.The Problem: The RFP boilerplate requires $1M Auto Liability.The Fix:

  1. Ask for a Waiver: Submit a request to the contract officer stating no driving is involved.

  2. Hired/Non-Owned Only: Buy a standalone Hired & Non-Owned Auto policy (cheap) to satisfy the requirement without insuring a specific vehicle.


Phase 5: The "Description of Operations" Box

The text box at the bottom of the ACORD Certificate is where compliance officers look for specific "magic words."


The Checklist Item:

  • Does it reference the specific project name or contract number?

  • Does it explicitly state: "The County of [Name], its officers, agents, employees, and volunteers are named as Additional Insureds regarding General Liability and Auto Liability per attached endorsements."

  • Does it state: "Waiver of Subrogation applies in favor of the Certificate Holder."

  • Does it state: "Coverage is Primary and Non-Contributory."


Pro Tip: Copy and paste the exact text requested in the RFP insurance exhibit into this box. Do not paraphrase. Compliance officers are often non-insurance experts checking a list; if the words don't match, they reject it.


How to Prepare BEFORE You Bid

The biggest mistake vendors make is waiting until they win to look at the insurance requirements. This leads to two disasters:

  1. Profit Erosion: You find out the required insurance costs $5,000 more than you budgeted, wiping out your margin.

  2. Disqualification: You find out you are uninsurable at the required limits (e.g., due to a past claim or weak cybersecurity).


Your Pre-Bid Workflow:

  1. Download the Insurance Exhibit: It is usually "Exhibit C" or similar in the RFP.

  2. Send to TSM Insurance: Email it to your broker immediately. Ask: "Can we meet these limits? What will it cost?"

  3. Factor Costs: Add the cost of the premiums (or the additional premiums for endorsements) into your bid price. This is a legitimate cost of doing government business.


Why TSM Insurance is Your Compliance Secret Weapon

Passing a California government insurance review is not about luck; it is about precision.

At TSM Insurance, we have been navigating the complexities of California public entity contracts for 100 years. We don't just sell you a policy; we help you interpret the contract.

We know that a "Waiver of Subrogation" isn't just a checkbox; it's a legal agreement that affects your rights. We know that "Claims-Made" vs "Occurrence" triggers matter for Professional Liability. We know which carriers will write the specific "Vicarious Liability" endorsements that counties demand.


Don't let a paperwork error cost you a million-dollar contract.

We offer a pre-submission review service for our clients. Send us the RFP insurance requirements, and we will tell you exactly what you need, what it costs, and how to present it on the certificate to ensure you pass on the first submission.


Ready to bid with confidence?

Contact TSM Insurance today for a comprehensive review of your government contract insurance requirements. Let us handle the compliance so you can focus on the work.


Comments

We would love to hear from you, tell us how we can help!

INTERESTED IN:

Meet Our President

Guy.png

Guy Miligi

Guy brings over 25 years of proven leadership in the insurance and financial services industry. He has a deep understanding of both the strategic and operational sides of the business. 

Our Company

Meeting at the office

About TSM Insurance

Guy brings over 35 of proven leadership in the insurance and financial services industry. With a deep understanding of both the strategic and operational sides of the business

bottom of page