What Is a Certificate of Insurance: A Comprehensive Analysis for Brokers

A certificate of insurance (COI) is a one-page summary document that provides evidence that an insurance policy exists. It shows the policyholder's name, the insuring company, the types of coverage in force, coverage limits, effective and expiration dates, and any additional insureds named on the policy.

A COI is not the policy itself. It does not create, modify, or extend coverage. It is evidence of coverage, similar to how a vehicle registration card is evidence that a car is registered but not the title to the vehicle.

The US insurance industry issues over 500 million certificates annually, according to ACORD's 2025 industry data. For commercial insurance agencies, COI issuance is one of the highest-volume operational tasks they perform, touching nearly every commercial account multiple times per year.

Key Takeaways

• The US insurance industry issues over 500 million certificates of insurance annually, per ACORD 2025 industry data
• Manual COI processing takes 15 to 30 minutes per certificate on average, while automated COI processing takes 2 to 5 minutes, per BrokerageAudit 2026 operational benchmarks
• The error rate on manually processed COIs runs 8% to 12%, dropping to 1% to 2% with automated systems, per Applied Systems Agency Universe Study 2025
• An agency processing 50 certificates per week spends 750 to 1,500 hours annually on manual COI work, equivalent to 0.4 to 0.7 full-time employees
• Agencies issuing COIs with material errors face E&O liability: the average certificate-related E&O claim costs $8,400 to resolve, per a 2025 survey reviewed by BrokerageAudit
• Certificate holders cannot make claims against a policy by virtue of being named on a COI; only additional insureds named in policy endorsements have direct coverage rights

What Information Does a Certificate of Insurance Contain?

The standard certificate form is ACORD 25 for property and casualty insurance. Commercial clients, lenders, and contract parties use this form as the baseline evidence of coverage. Agencies issue thousands of ACORD 25s annually.

The ACORD 25 contains:

Producer Information: The name, address, and phone number of the insurance agency issuing the certificate.

Insured: The named insured on the policy (the policyholder). The certificate holder provides this information to show their vendor or contractor's coverage.

Insurers: The name and NAIC code of each carrier providing coverage listed on the certificate.

Coverages: Each line of coverage in force, including:

• Commercial General Liability (occurrence or claims-made)
• Automobile Liability
• Workers Compensation and Employers Liability
• Umbrella/Excess Liability
• Other specified coverages

Policy Numbers: The specific policy number for each coverage listed.

Effective and Expiration Dates: The coverage dates for each policy listed.

Limits: Per occurrence, aggregate, and any applicable sublimits for each coverage.

Certificate Holder: The party requesting the certificate. Certificate holder status alone does not give the holder rights under the policy.

Description of Operations: Free-text field that specifies the project, location, or relationship for which the certificate is being issued, and notes any required endorsements.

Signature: The authorized representative's name, typically the issuing agent.

What a Certificate of Insurance Is NOT

Understanding what a COI does not do is as important as understanding what it does. Many coverage disputes arise from misunderstandings about the certificate's legal effect.

A COI does not guarantee coverage. The certificate reflects the policy information at the time of issuance. If the policy is cancelled or modified after issuance, the certificate does not update automatically. A party holding an apparently current certificate may discover after a loss that coverage had lapsed.

A COI does not create additional insured status. Listing an entity in the certificate holder box does not make them an additional insured. Additional insured status requires an endorsement to the underlying policy. The certificate can reflect existing additional insured status, but it cannot create it.

A COI does not extend coverage beyond the policy. Some contracts specify certificate language that goes beyond what the underlying policy actually provides. The policy controls. A certificate stating that "coverage is primary and non-contributory" is not binding unless the policy contains a primary and non-contributory endorsement.

A COI does not waive policy defenses. The insurer can still deny a claim on policy grounds even if a certificate was issued confirming coverage.

Types of Certificates and When Each Is Used

ACORD 25: Property and Casualty

The standard certificate for all P&C lines. Used universally for commercial general liability, auto, workers compensation, umbrella, and most specialty lines. This is the certificate that 90%+ of commercial contract requirements specify.

ACORD 24: Property

Used when a lender or contract party needs evidence of commercial property insurance specifically. Typically required by mortgage lenders, equipment lessors, and parties with a financial interest in insured property.

ACORD 27 and ACORD 28: Evidence of Personal Property Insurance

ACORD 27 is a binder (temporary coverage evidence). ACORD 28 provides evidence of personal property coverage. Used primarily in personal lines, particularly for mortgage lenders requiring homeowners insurance evidence.

Evidence of Insurance (EOI)

Some commercial contracts and lender requirements use a more detailed evidence document than the standard ACORD certificate. An EOI typically includes specific policy language extracts, endorsement copies, and declarations pages rather than just the one-page summary.

The Certificate Issuance Process

Receiving and Reviewing Requests

Certificate requests come from multiple sources: clients who need to fulfill contract requirements, contract holders requesting evidence of their vendor's coverage, project owners requiring certificates from all contractors, and lenders requiring evidence from property owners.

Each request should specify the certificate holder, the required coverage types and limits, any endorsements required (additional insured, primary/non-contributory, waiver of subrogation), and any project-specific information for the description of operations field.

Review every request before issuance. Common errors caught at intake:

• The requested coverage type is not on the insured's policy (e.g., requesting professional liability on a policy that only has CGL)
• The required limits exceed the policy limits
• The required additional insured endorsement is not on the policy
• The effective date requested is earlier than the policy effective date

Verifying Policy Information

Before issuing a certificate, verify the information against the actual policy in your AMS. Do not issue from memory or from a prior certificate. Policies change: endorsements are added or removed, limits change at renewal, carriers change.

Common verification points:

• Policy number matches current policy in AMS
• Effective and expiration dates are current (prior year certificate still in the file is not current)
• Coverage limits match the policy declarations
• Additional insured status matches the current policy endorsements
• Primary/non-contributory and waiver of subrogation match the current policy endorsements

Completing the Description of Operations

The description of operations field is where agencies add specific information required by the contract: project name, job site address, additional insured endorsement form number, and any other required language.

Read the contract requirements carefully before completing this field. Some contracts require specific wording. Using general language where specific wording is required creates a non-compliant certificate.

Issuing the Certificate

Issue the certificate from your AMS certificate module. This verifies policy data populates from the live policy record and reduces manual transcription errors.

Save a copy of every issued certificate in the client's record with a timestamp. When a dispute arises about what was on a certificate at a given date, the agency needs timestamped records.

Send the certificate to the requestor by the delivery method they specified. Most requests now require email delivery with the certificate attached as a PDF.

Certificate of Insurance Benchmarks

For an agency processing 50 certificates per week, reducing average processing time from 20 minutes to 3 minutes with automation saves 710 hours per year. At $25 per hour staff cost, that is $17,750 annually.

E&O Risks in Certificate Issuance

Certificate issuance is one of the primary sources of agency E&O claims. Common claim scenarios:

Issuing a certificate that overstates coverage. Checking an additional insured box on the certificate when no AI endorsement exists on the policy. The certificate recipient relies on that representation. A claim arises. The AI endorsement was never actually placed. The certificate holder has no coverage and sues the agency.

Issuing certificates with incorrect limits. Transposing digits in limit amounts. Entering prior year limits without checking current policy declarations. The certificate shows $2M aggregate when the policy carries $1M.

Failing to include required endorsements. The contract specifies primary/non-contributory and waiver of subrogation. The agency issues the certificate without verifying these endorsements are on the policy. They are not. A claim occurs.

Issuing a certificate after a policy has been cancelled. The agency issues a certificate on day 1 of a cancellation notice period. The cancellation takes effect on day 11. The certificate shows a future expiration. A claim occurs on day 15 on the lapsed policy.

Verbal authorization for certificates without documentation. A client authorizes a certificate verbally. The agency issues it. The client disputes the authorization later. Without written documentation, the agency has no defense.

Building an Efficient COI Process

Standard Request Form

Create a certificate request form that captures every field needed for issuance: requestor name, certificate holder information, coverage types needed, required limits, required endorsements, description of operations text, and delivery instructions.

A complete request form eliminates back-and-forth that adds 15 to 30 minutes to each certificate cycle. Agencies using standard request forms process certificates 40% faster than those handling freeform email requests.

Template Library

Build a template library for the most common certificate configurations: standard GL with no additional requirements, GL plus auto with blanket AI, construction project certificate template, lender certificate template.

Templates eliminate manual data entry for recurring certificate types. An agency with 20 active templates reduces certificate setup time by 60% to 70% per applied Systems data.

Automated Certificate Systems

Automated COI tools build certificates directly from AMS policy data, apply templates, and deliver by email or client portal without manual data entry. The agency reviews and approves; the system handles the mechanical work.

Applied CSR24, Vertafore COI Express, and EZLynx COI tools integrate with their respective AMS platforms. BrokerageAudit provides automated COI workflows that integrate with multiple AMS platforms.

Self-Service for Routine Requests

For commercial clients with frequent certificate needs (contractors, property managers, staffing agencies), a client self-service portal that allows them to generate their own certificates for pre-approved templates eliminates the request entirely.

A contractor who can log into a portal and generate their own certificate for a new job site is a satisfied client who did not require any staff time. Agencies offering this capability retain commercial clients at higher rates than those requiring every certificate to flow through a CSR.

Common Certificate Mistakes and How to Avoid Them

Using old certificates as templates. Copying a prior certificate and updating dates without verifying all other fields is the fastest path to an error. Always pull fresh policy data from the AMS.

Checking endorsement boxes without verifying endorsements exist. The AI, waiver of subrogation, and primary/non-contributory boxes on ACORD 25 should only be checked if the endorsements are confirmed on the policy. Verify against the policy, not against prior certificates or memory.

Sending incorrect versions. File management errors can result in sending a certificate with corrections pending instead of the final version, or sending a prior year's certificate file. Use a versioned file naming convention.

Not logging certificates issued. Agencies that do not maintain a record of certificates issued cannot defend against claims that a certificate was issued with incorrect information. Log every certificate with: date issued, certificate holder, coverage period shown, and the issuing agent.

Approving certificate requests without sufficient review. Rush requests create pressure to issue quickly without thorough review. Build a minimum 15-minute review standard for every certificate. A missed endorsement discovered after a claim is far more expensive than a 15-minute issuance delay.

Frequently Asked Questions

What does a certificate of insurance show?

A certificate of insurance shows the named insured, the insurance carrier, the types of coverage in force (CGL, auto, workers comp, umbrella), policy limits, policy numbers, and effective and expiration dates. It may also show additional insureds, endorsements in place (primary/non-contributory, waiver of subrogation), and project-specific information in the description of operations field. It does not show full policy terms, exclusions, or conditions. For those, review the actual policy documents.

What is the difference between a certificate holder and an additional insured?

A certificate holder receives a copy of the certificate and cancellation notice. They have no rights under the policy if a claim occurs. An additional insured is named in a policy endorsement and has direct rights under the policy if sued for an occurrence arising from the named insured's operations. Most commercial contracts require the contracting party to be an additional insured, not just a certificate holder. Verify additional insured status by checking the policy endorsements, not just the certificate.

Can a certificate of insurance be faked?

Yes. Fraudulent certificates are issued more frequently than the industry acknowledges. Common scenarios: a contractor creates a fraudulent certificate to win a project without actually carrying the required coverage. Digital certificates are easy to alter with basic editing software. Verify coverage by calling the carrier directly or using a certificate verification service that connects to carrier policy systems rather than relying solely on the PDF document.

How long does it take to process a certificate of insurance?

Manual processing takes 15 to 30 minutes from request receipt to delivery. Automated processing using AMS-integrated certificate tools takes 2 to 5 minutes. Self-service portals where clients generate their own certificates take under 1 minute. For agencies processing 50 certificates per week, the difference between manual and automated processing is 700+ staff hours per year.

What is primary and non-contributory on a certificate?

Primary and non-contributory means the policyholder's insurance responds first to any covered claim before any other insurance the certificate holder carries contributes. This protects the certificate holder from having their own insurance depleted by claims arising from someone else's operations. The certificate can note this language, but the actual protection requires an endorsement on the underlying policy. Verify the endorsement exists before confirming primary/non-contributory on a certificate.

Does a certificate of insurance expire?

A certificate of insurance shows coverage for the policy period on the certificate. When the policy renews, a new certificate is needed to show the current policy period. Certificate holders should require updated certificates at each renewal and track expiration dates. Many commercial contracts require the contractor to provide updated certificates annually or when coverage changes. Agencies managing large commercial accounts should track all active certificate expiration dates and send proactive renewal requests 60 days before expiration.

---

See how BrokerageAudit automates certificate issuance and tracks compliance across your commercial book

Written by Javier Sanz, Founder of BrokerageAudit. Last updated April 2026.