Vendor Insurance Verification Process: What Insurance Agencies Must Know

The vendor insurance verification process is broken at most businesses. According to myCOI 2025, 34% of certificates of insurance contain expired policies at the time of collection. That single failure point exposes your clients to uninsured losses, contract disputes, and litigation that their own GL policy will be forced to absorb.

This guide walks through the complete verification process step by step, covers the most common failure modes agencies see in the field, and explains how COI management software closes the gaps that manual review consistently misses.

Key Takeaways

1. 34% of COIs contain expired policies at the time of collection, per myCOI 2025 - making expiration date verification the single most common failure point in vendor credentialing.
2. Additional insured status listed on a COI does not confirm it exists on the policy. The endorsement must be verified separately; IIABA 2025 reports that missing AI endorsements are the leading cause of coverage disputes after vendor losses.
3. AM Best A- or better is the industry standard minimum for approved vendor carriers, per IRMI 2025. Carriers rated B+ or below present meaningful insolvency risk on long-duration projects.
4. GL limits should be at least 2x the contract value for general contractors and service vendors, according to ISO 2024 underwriting guidance for commercial lines clients.
5. Carrier name mismatches between a COI and the actual policy affect an estimated 8% of certificates annually, per NAIC 2025 data on certificate irregularities.
6. Automated COI tracking platforms reduce manual verification errors by up to 70%, according to IIABA 2025 technology adoption benchmarks for independent agencies.

Why Vendor Insurance Verification Fails Without a Process

Most businesses collect COIs as a checkbox exercise. A vendor emails a PDF, someone files it, and the project starts. Nobody checks whether the limits match the contract, whether the certificate holder name is correct, or whether the policy expired six months ago.

The consequences land on your client. When a vendor causes a loss and their coverage is inadequate or nonexistent, the client's own GL policy responds first. That triggers a premium increase. Worse, if the client did not require adequate insurance in the contract, their subrogation rights against the vendor may be compromised.

The vendor insurance verification process is not a compliance formality. It is a risk transfer mechanism that only works when executed correctly.

Step 1: Collect the COI from the Vendor's Broker

Request the certificate directly from the vendor's broker, not from the vendor. Vendors sometimes submit outdated COIs they already have on file. Requesting from the issuing broker reduces that risk significantly.

Specify exactly what the certificate must show. Provide the vendor with a written requirements document listing: the required coverage types, minimum limits, the certificate holder name and address exactly as it should appear, and any endorsement requirements. Vague requests produce vague certificates.

Set a hard deadline. Verification cannot begin until the COI is in hand, and many projects stall because the certificate request was made too close to the vendor start date.

Step 2: Verify Limits Against Contract Requirements

Pull the vendor contract and compare its insurance requirements line by line against what the COI shows. This sounds obvious, but it is skipped in the majority of manual verification workflows.

Check each coverage type: commercial general liability, business auto, workers compensation, umbrella/excess, and any specialty lines the contract requires (professional liability, cyber, etc.). Verify both per-occurrence and aggregate limits separately. A vendor may carry $1M per occurrence with a $1M aggregate that is already half-exhausted - the certificate will not show that.

Confirm the limits satisfy your client's contractual minimums. If the contract requires $2M/$4M GL and the COI shows $1M/$2M, that is a gap requiring correction before work begins.

Step 3: Confirm Carrier AM Best Rating

The carrier listed on the COI must meet your client's minimum financial strength standard. IRMI 2025 recommends a minimum AM Best rating of A- (Excellent) for most commercial vendor programs. For long-term contracts or high-value projects, A (Excellent) or better is the appropriate standard.

Look up the carrier on the AM Best website using the exact carrier name shown on the COI. Do not rely on the carrier's marketing name or brand - verify the specific legal entity. Insurance groups operate multiple carrier entities, and the entity named on the COI determines the applicable rating.

Flag any carrier rated below A-. Some specialty coverage lines may not be available from A-rated carriers. In those cases, the client needs to make an informed, documented acceptance decision before work begins.

Step 4: Verify Policy Expiration Dates

Check every policy expiration date on the COI, not just the GL policy. Workers compensation, auto, and umbrella policies often have different renewal dates. A COI can show a current GL policy alongside an expired auto policy - and the expired auto policy is the one that applies when the vendor's driver backs into your client's property.

Per myCOI 2025, 34% of COIs in circulation contain at least one expired policy. This is the most common and most preventable failure in vendor insurance verification.

Set a tickler to request renewal certificates before each policy expiration date. Do not wait for the vendor to volunteer them. The vendor's contractual obligation to maintain coverage does not mean they will proactively notify your client when a policy lapses.

Step 5: Check for Required Endorsements

This is the step where the most dangerous verification failures occur. A COI may indicate that additional insured status has been granted, but the actual endorsement on the policy determines the scope of that coverage.

ISO CG 20 10 (ongoing operations) and CG 20 37 (completed operations) provide different coverage than a blanket additional insured endorsement. The distinction matters when a loss occurs after the project ends.

Request copies of the actual endorsements, not just the certificate notation. For high-risk vendors or large contracts, verify that:

• The additional insured endorsement names your client specifically (or uses a blanket form that qualifies them)
• The waiver of subrogation endorsement covers the specific operations described in the contract
• Primary and non-contributory language is present if the contract requires it
• Any notice of cancellation provisions match what the contract specifies (typically 30 days)

Per IIABA 2025, missing or mismatched additional insured endorsements are the leading source of coverage disputes following vendor-related losses.

Step 6: Flag Gaps and Request Corrections in Writing

Document every discrepancy in writing. Do not allow work to begin on verbal assurances that the vendor "will fix it." The correction must be in hand before the project starts.

Send the vendor a written deficiency notice with a specific deadline for correction. If corrections are not made by that deadline, escalate to the client's contract manager. The decision to proceed with an unqualified vendor is a business decision, not an insurance decision - but it must be made consciously and documented.

Common gaps to flag in writing:

• Limits below contract minimums
• Missing coverage types (e.g., professional liability not on COI)
• Expired policies on any coverage line
• Certificate holder name incorrect or missing
• No additional insured endorsement, or wrong endorsement form
• No waiver of subrogation endorsement
• Carrier rated below A-
• Policy period does not cover the full contract period

Vendor Insurance Verification Checklist

The Three Verification Failures That Create the Most Claims Exposure

Accepting Expired COIs

The 34% expired policy rate from myCOI 2025 is not a fringe problem. It is the default outcome when businesses collect COIs once at contract signing and never verify again. Policies renew annually. Contracts run for years. Without a system to track renewal dates and request updated certificates, expired coverage is inevitable.

The fix is not more diligence from the same people doing manual tracking. The fix is a system that automatically flags approaching expirations and sends renewal requests before the lapse occurs.

Missing Additional Insured Endorsements

A COI that says "Additional Insured: XYZ Corp" in the description of operations box is not the same as an additional insured endorsement. That description box is filled in by the issuing agent and has no legal effect on the policy. The endorsement attached to the policy is what matters in a claim.

IIABA 2025 documents this as the most common source of coverage disputes: the client believes they are an additional insured, the vendor's carrier denies the claim because no endorsement exists, and the client's own policy pays. Then the client's carrier attempts subrogation and discovers the same problem.

Carrier Name Mismatches

Insurance groups operate multiple carrier entities. A COI may list "Travelers Property Casualty Company of America" while the actual policy is written by "The Travelers Indemnity Company." In most cases this does not affect coverage. But per NAIC 2025, carrier name mismatches affect approximately 8% of certificates annually, and in some cases the listed carrier is not the actual policy carrier.

Verify the carrier's NAIC number against the policy declarations when the carrier name raises any question about financial strength or identity.

How COI Management Software Automates the Verification Process

Manual verification at scale is operationally unsustainable. An agency managing COI compliance for a client with 200 active vendors faces thousands of individual verification tasks annually. Each policy renewal, each new vendor, each contract amendment generates new verification requirements.

COI management software addresses this in several concrete ways:

Automated expiration tracking. The platform monitors every policy expiration date and sends renewal requests automatically to the vendor and the issuing broker before the policy lapses. This eliminates the 34% expired COI problem at its source.

Limit comparison against contract requirements. The client's contract requirements are stored in the platform. When a new COI is received, the platform compares stated limits against those requirements and flags deficiencies without manual line-by-line review.

Endorsement tracking. Advanced platforms track whether required endorsements have been received and verified, not just whether the COI mentions them. This closes the additional insured endorsement gap that manual review consistently misses.

Carrier rating integration. Some platforms integrate AM Best data to flag carrier ratings below the client's minimum automatically. This eliminates the manual lookup step.

Audit trail. Every verification action is logged: when the COI was received, who reviewed it, what was flagged, what correction was requested, when the correction was received. This documentation is critical if a coverage dispute goes to litigation.

Per IIABA 2025, agencies that deploy COI management platforms reduce manual verification errors by up to 70% and reduce time spent on COI compliance by an average of 60%.

How Agencies Turn This Process Into a Client Service

The vendor insurance verification process is not just an internal workflow. It is a service your agency can offer to commercial clients with large vendor networks.

Businesses with 50 or more active vendors face a compliance burden their own staff cannot handle efficiently. An agency that offers structured COI management - collecting certificates, verifying compliance, tracking renewals, flagging gaps - delivers measurable value beyond placing coverage.

This service also generates ongoing revenue. COI management renews with each policy year and expands as the client adds vendors. IIABA 2025 data shows that agencies offering COI management services retain commercial accounts at a 23% higher rate than those that do not.

The verification process in this guide is the foundation of that service. Document it, systematize it, and deliver it consistently to every commercial client with a vendor network.

Frequently Asked Questions

What is the vendor insurance verification process? The vendor insurance verification process is the structured workflow businesses use to confirm that vendors and contractors carry adequate insurance before allowing them to perform work. It covers collecting COIs from the issuing broker, verifying limits against contract requirements, confirming carrier AM Best ratings, checking policy expiration dates, and verifying that required endorsements exist on the actual policy - not just on the certificate.

How often should vendor insurance be verified? Verification should occur at initial vendor onboarding and at every policy renewal date. Because most commercial policies renew annually, an active vendor with three separate policies (GL, auto, WC) may require three separate renewal verifications per year. COI management software automates this tracking and sends renewal requests automatically before expiration.

What does it mean when a COI lists a client as additional insured? A COI notation in the description of operations box that lists additional insured status does not confirm an endorsement exists on the policy. The endorsement itself must be requested and reviewed. Per IIABA 2025, missing additional insured endorsements are the most common source of coverage disputes following vendor losses.

What AM Best rating should vendor carriers meet? IRMI 2025 recommends a minimum AM Best rating of A- (Excellent) for vendor insurance carriers. For high-value or long-term contracts, A (Excellent) or better is the appropriate standard. Carriers rated below A- should be flagged for client review before the vendor is approved to begin work.

What should agencies do when a vendor cannot meet insurance requirements? Document the gap in writing and notify the client's contract manager. The client has several options: require the vendor to obtain additional coverage before starting, reduce the contract scope, require the client's own umbrella to extend, or accept the documented risk. The decision belongs to the client - the agency's role is to make the gap visible and documented.

How does COI management software improve the vendor insurance verification process? COI management software automates expiration tracking, compares COI limits against stored contract requirements, tracks endorsement receipt and verification, integrates carrier rating checks, and maintains a complete audit trail. Per IIABA 2025, agencies using these platforms reduce manual verification errors by up to 70% and cut COI compliance time by an average of 60%.

Ready to automate your vendor insurance verification process? See how BrokerageAudit's COI Manager handles the entire workflow: Explore COI Manager

Written by Javier Sanz, Founder of BrokerageAudit. Last updated April 2026.