How to Master Detecting Fraudulent Certificates in Your Agency

Detecting fraudulent certificates of insurance is one of the most consequential skills a commercial lines broker or certificate holder can develop. A fraudulent or altered COI presents exactly like a legitimate one until a claim occurs. At that point, the carrier has no record of the policy, and the party that accepted the certificate is left with an uninsured loss.

NAIC's 2024 fraud report estimates that certificate of insurance fraud costs the commercial insurance market $3.8 billion annually. Most fraud does not involve entirely fabricated documents. It involves altered certificates: a real ACORD 25 form from a legitimate policy, edited to show higher limits, additional coverages, or extended policy dates that the actual policy does not have.

Understanding what fraud looks like, how common it is, and what verification steps catch it before acceptance is the only way to protect your clients and your agency.

Key Takeaways

• NAIC 2024 estimates COI fraud costs the commercial insurance market $3.8 billion annually; most involves altered real certificates rather than completely fabricated documents.
• Construction and general contracting account for 34% of fraudulent COIs; trucking and transportation account for 28%; staffing companies account for 18% (NAIC 2024).
• The most reliable fraud detection method is direct carrier verification: call the carrier's policyholder verification line using a number you independently looked up, not the number on the certificate.
• Font inconsistencies within the same field on an ACORD 25 form are one of the clearest visual indicators of digital alteration.
• A carrier NAIC number that returns no result in NAIC's carrier lookup at apps.naic.org is a definitive fraud indicator.
• Digital COIs downloaded directly from carrier portals are harder to alter than PDF certificates transmitted by contractors; requiring portal-direct certificates reduces fraud risk significantly.

Why COI Fraud Happens

Contractors and vendors commit COI fraud for a straightforward reason: they need the work but cannot obtain legitimate coverage. The reasons for that may include a history of claims that makes them uninsurable at standard markets, prior policy cancellations, an inability to pay premiums, or prior fraud history.

Rather than lose the contract, the contractor obtains a real COI from a legitimate policy they hold (or held), edits it digitally to show the required limits or coverages, and submits it. The certificate holder sees what appears to be a valid ACORD 25 form. The carrier name is real. The policy number looks legitimate. The limits match the contract requirements exactly.

The fraud goes undetected until a claim occurs. At that point, the carrier reports no active policy with those limits, no record of the certificate holder as an additional insured, and no coverage obligation. The certificate holder bears the uninsured loss.

The scale of the problem is significant. Per NAIC 2024 data, fraudulent COI activity is concentrated in three industries: construction and general contracting (34% of cases), transportation and trucking (28%), and staffing agencies (18%). Any agency serving clients in those industries has elevated exposure to fraudulent incoming certificates.

Frequently Asked Questions About Detecting Fraudulent Certificates

How common is fraudulent certificate of insurance fraud?

COI fraud is significantly more common than most agencies and certificate holders expect. NAIC's 2024 fraud report puts total commercial insurance market losses from certificate fraud at $3.8 billion annually.

The fraud is concentrated by industry. Construction and general contracting account for 34% of fraudulent COIs identified in NAIC 2024 data. Trucking and transportation account for 28%. Staffing companies account for 18%. These three industries alone represent 80% of detected certificate fraud cases.

The reason for concentration in these industries: they operate with large subcontractor networks, high insurance requirements, and competitive bidding pressure that creates an incentive to understate coverage costs. A subcontractor who cannot obtain a $1,000,000 per occurrence GL policy at a competitive premium can edit an old certificate to show that limit instead.

Agencies serving clients who are general contractors, property managers, transportation companies, or staffing firms should treat incoming COI review as a fraud risk management function, not just an administrative task.

What are the signs that a certificate of insurance may be fraudulent?

The following 12 red flags indicate a certificate warrants additional verification before acceptance. Not every red flag confirms fraud, but each one should prompt direct verification with the issuing agency or carrier.

Red Flag Checklist:

1. Font inconsistencies within the same field: different font types or sizes in the coverage limit fields indicate digital editing. On a legitimate carrier-issued certificate, all text in a given section uses the same font.

2. Coverage limits that exactly match contract minimums in round numbers: real policies rarely show exactly $1,000,000.00 per occurrence unless that is the standard policy limit. A contractor whose policy has $985,000 limits does not get rounded up to $1,000,000 on the certificate. Exact round numbers that precisely match contract requirements are a common feature of altered certificates.

3. Carrier name that sounds legitimate but returns no NAIC number: altered certificates sometimes include a real-sounding carrier name that is not a licensed insurer. Look up every carrier in NAIC's database at apps.naic.org. No result means no legitimate carrier.

4. Policy dates that do not align with standard 12-month periods: a commercial GL policy that runs from March 15 to November 22 (a non-standard period) warrants explanation. Standard annual renewals run in 12-month increments. Non-standard dates can indicate a date field was edited.

5. Certificate issued by the insured, not the agent: legitimate COIs are issued by the insured's agent or broker. If the producer listed on the certificate is the contractor themselves, or if the producer information is blank or generic, the certificate may have been self-issued or altered.

6. Producer contact information that does not match a licensed agency: verify the producer name and address using your state's department of insurance license lookup. A producer who is not licensed is a fraud indicator.

7. Additional insured language in Description of Operations without a corresponding endorsement: the DOO box can be filled with any text. A legitimate AI endorsement requires the carrier to issue and attach it to the policy. If AI status is claimed only in the DOO and no endorsement is attached, the claim is unconfirmed.

8. Endorsements listed that do not match the coverage type: for example, waiver of subrogation requires a specific endorsement on a GL policy. If the DOO lists WOS but the GL carrier line shows an unusual or non-standard carrier, the endorsement claim should be verified directly.

9. ACORD form version that is incorrect for the policy period: ACORD 25 has gone through multiple versions. If the form version listed does not correspond to the claimed policy period, it may indicate the form itself was copied from an older or different certificate.

10. Coverage limits that are identical across multiple certificates from different contractors: if a general contractor receives multiple COIs from different subcontractors and they all show the same limit numbers and carrier, the certificates may have been produced from the same template.

11. Watermarks, pixelation, or image compression artifacts around specific fields: digital editing of a PDF often leaves visible compression artifacts around edited text. Zoom in on limit and date fields. If those areas look different in quality from the surrounding text, the field may have been altered.

12. Policy number format inconsistent with the carrier's standard format: each carrier uses a consistent policy number format. If the policy number listed does not match the format used by that carrier, call the carrier to confirm the number is valid.

How do you verify whether a COI was actually issued by the carrier?

Three verification methods are available, in order of reliability:

Method 1: Call the issuing agency directly. Use a phone number you find independently, not the number listed on the certificate. The number on the certificate could be a fake forwarding number controlled by the fraudulent contractor. Look up the agency name using your state's department of insurance license lookup or a general web search. Call and ask the agent to confirm the named insured has an active policy with the limits and endorsements shown.

Method 2: Call the carrier's policyholder verification line. Look up the carrier using NAIC's database at apps.naic.org. Call the carrier's main number (not the number on the certificate) and request to speak with the policyholder verification department. Provide the policy number and named insured. Ask the carrier to confirm the policy is active, the limits are correct, and the certificate holder is listed as an additional insured if required.

Method 3: Use a COI verification platform that connects to carrier data feeds. Platforms like myCOI and TrustLayer verify certificates against live carrier data rather than reading the certificate text. This is the most scalable method for high-volume certificate holders.

Of these three methods, direct carrier confirmation is the most definitive. Any certificate that fails carrier confirmation should not be accepted.

Can a PDF certificate of insurance be digitally altered?

Yes. PDF editing is accessible through a wide range of software tools, including free browser-based editors. Any text field on a COI can be altered: limits, carrier names, policy dates, policy numbers, and endorsement notations in the Description of Operations.

Some tactics that reduce the risk of accepting an altered PDF:

Require certificates from carrier portals directly. Many carriers now offer online portals where certificate holders can download certificates directly from the carrier's system. A certificate downloaded from the carrier's own portal is harder to alter without detection because the metadata tracks the download source.

Look at document metadata. In Adobe Acrobat, go to File, then Properties, then Description. Check the "Created" and "Modified" dates. If the document was created recently but shows a policy period from years ago, or if it was modified after creation on a date that doesn't align with the certificate date, the metadata is inconsistent.

Use watermarked or electronically signed certificates. Carriers and agencies that sign certificates with digital signatures (Adobe Sign, DocuSign) make alteration detectable. A broken signature flag indicates the document was modified after signing.

Even with these tactics, no visual check replaces direct carrier verification for high-stakes contracts.

What should a company do if they receive a fraudulent certificate of insurance?

Take these steps immediately:

Step 1: Do not accept coverage or allow the project to start. If the certificate cannot be confirmed as legitimate, the contractor should not begin work. The liability exposure from allowing an uninsured contractor on site outweighs the inconvenience of a project delay.

Step 2: Contact the issuing agency directly. Use independently verified contact information, not anything from the certificate itself. Inform the agency that you received a certificate that you cannot confirm. Ask them to verify whether it was issued by their office.

Step 3: Contact the carrier directly. Call the carrier's policyholder verification line to confirm whether the policy number on the certificate corresponds to an active policy for the named insured.

Step 4: Report suspected fraud to your state insurance department. Every state has a fraud reporting mechanism. NAIC maintains a fraud referral system at naic.org. Filing a report creates a record that may protect you and alerts regulators to a pattern they may be tracking.

Step 5: Document everything. Keep copies of the certificate, all communications with the contractor, and all verification steps taken. This documentation is your defense if the situation results in a legal dispute.

Step 6: Consult your legal counsel. If the contractor was already on site and a claim has occurred, the situation becomes a coverage dispute and a potential fraud case. Legal counsel familiar with insurance fraud can advise on next steps.

Do not allow the contractor to provide a "corrected" certificate without independent verification. A fraudulent party who is caught can produce a second fraudulent certificate.

Which industries have the highest rates of COI fraud?

Per NAIC 2024 data, the three industries with the highest rates of fraudulent certificate activity are:

1. Construction and general contracting: 34% of fraudulent COIs. Subcontractor networks are large, turnover is high, and insurance requirements are often substantial (general liability, workers compensation, umbrella). Subcontractors who cannot qualify for coverage at required limits have strong financial incentives to alter certificates.

2. Transportation and trucking: 28% of fraudulent COIs. Commercial auto and cargo insurance requirements are high. Owner-operators running on thin margins sometimes operate with lower limits than required and alter certificates to meet broker or shipper requirements.

3. Staffing agencies: 18% of fraudulent COIs. Staffing firms face workers compensation requirements tied to payroll, which means premiums scale with revenue. Smaller staffing operations may alter certificates to show workers compensation coverage they cannot afford to maintain.

Agencies whose books include significant commercial accounts in these three industries should treat incoming COI verification as a high-priority compliance function, not a routine administrative task.

COI Fraud Red Flag Reference Table

BrokerageAudit's COI Manager verifies incoming certificates against carrier records directly, catching altered or fraudulent COIs before you accept uninsured vendor risk. See how it works →

Written by Javier Sanz, Founder of BrokerageAudit. Last updated April 2026.