How to Review a COI: A Step-by-Step Guide for Construction Professionals

Knowing how to review a COI is one of the most practical skills any general contractor, project manager, or compliance officer can develop. A Certificate of Insurance (COI) is the primary document that proves a subcontractor carries the coverage your contract requires. But a certificate is only as valuable as the review process behind it. An unreviewed or improperly reviewed COI is nearly as risky as having no certificate at all.

Whether you manage two subcontractors or two hundred, the following guide walks you through every element of a COI review, explains what red flags to watch for, and shows you how to build a repeatable process that protects your projects and your business.

Understanding the ACORD 25: The Standard COI Form

Most certificates of insurance in the construction industry are issued on the ACORD 25 form, a standardized document developed by the Association for Cooperative Operations Research and Development. Recognizing the layout of this form speeds up your review considerably.

The ACORD 25 is divided into distinct sections:

• Producer Information: The insurance agency or broker that issued the certificate. This is not the insurance carrier itself.
• Insured Information: The named insured, which should match the legal entity name on your subcontract agreement exactly.
• Coverage Sections: Separate rows for Commercial General Liability (CGL), Automobile Liability, Workers' Compensation and Employer's Liability, Umbrella/Excess Liability, and any other listed policies.
• Certificate Holder: The party who receives notice of cancellation. In most construction scenarios, this should be your company and possibly the project owner.
• Description of Operations: A free-text field where endorsements, additional insured status, waivers of subrogation, and project-specific language are noted.

Understanding this structure before you begin a review means you can move through the document efficiently and know exactly where to look for the information that matters. For a broader look at what documents belong in your compliance file, visit our page on Contractor Compliance Documentation.

Step-by-Step: How to Review a COI Correctly

A thorough COI review covers seven core checkpoints. Work through each one systematically every time you receive a certificate.

1. Confirm the Named Insured Matches Your Contract

The name in the "Insured" box must exactly match the legal name of the subcontracting entity you have under contract. A COI issued to "Smith Electrical LLC" does not cover "Smith Electrical Services Inc." even if both companies are owned by the same person. Mismatched names are a common loophole that can void coverage claims.

2. Verify Coverage Types Against Your Contract Requirements

Your subcontract agreement should specify minimum insurance requirements. Compare those requirements line by line against the coverage listed on the COI. At minimum, most construction contracts require:

• Commercial General Liability with a per-occurrence limit of at least $1,000,000 and a general aggregate of $2,000,000
• Workers' Compensation at statutory limits for the state where work is performed
• Employer's Liability at a minimum of $100,000 per occurrence
• Commercial Auto Liability covering owned, hired, and non-owned vehicles
• Umbrella or Excess Liability if your contract requires it

If any required coverage type is missing from the COI, do not allow the subcontractor to begin work until a corrected certificate is produced. Learn more about standard thresholds in our Certificate of Insurance Requirements for Construction guide.

3. Check Policy Effective and Expiration Dates

Every policy listed must be active on the date the subcontractor begins work and must remain active through the project's completion. If a policy expires before your project ends, flag it immediately and request proof of renewal before that expiration date arrives. Do not assume a policy will automatically renew. Set calendar reminders 30 days in advance of each expiration date so you can follow up proactively rather than discovering a lapse after an incident occurs.

4. Confirm Additional Insured Status

Simply being listed as the certificate holder does not make you an additional insured. Additional insured status must be granted by endorsement to the underlying policy and referenced explicitly in the "Description of Operations" box on the ACORD 25. Look for language such as: "[Your Company Name] is included as Additional Insured on a primary and non-contributory basis per endorsement CG 20 10 and CG 20 37." If this language is absent, request a corrected certificate and a copy of the actual endorsement from the subcontractor's insurer.

5. Look for a Waiver of Subrogation

A waiver of subrogation prevents the subcontractor's insurance carrier from pursuing recovery against your company if they pay a claim. This is a standard requirement in most construction contracts. As with additional insured status, a waiver of subrogation must appear in the Description of Operations box and be backed by a policy endorsement. Do not rely on a generic or pre-printed statement without verifying that an actual endorsement exists.

6. Validate the Certificate Holder Information

Your company name and address should appear correctly in the Certificate Holder box. Errors here can affect your right to receive cancellation notices. Some contracts also require the project owner or lender to appear as a certificate holder, so review your contractual obligations to confirm who must be listed.

7. Cross-Check Against Your Project-Specific Requirements

If your subcontract specifies particular project names, locations, or policy endorsements, verify that the Description of Operations references the correct project. Generic certificates not tied to your specific project can create coverage disputes. When coverage questions arise during a claim, having the project name on the certificate supports your position that coverage was intended to apply.

Red Flags and Common COI Review Mistakes

Even experienced project managers make COI review errors under time pressure. The following red flags deserve immediate attention:

• Policy numbers that have been altered or corrected by hand — a potential sign of document tampering
• Coverage limits that have been rounded to suspiciously even numbers without matching what the carrier actually offers
• An insurance agency email address or phone number you cannot independently verify
• A certificate that shows no carrier name or lists a carrier that is not licensed in your state
• Missing Workers' Compensation when the subcontractor employs workers — this is one of the most dangerous coverage gaps in construction
• Coverage that expired before the certificate was even issued, which sometimes occurs when producers issue backdated or incorrectly dated certificates

If you suspect a COI is fraudulent or inaccurate, contact the insurance carrier directly using a phone number obtained from the carrier's official website, not from the certificate itself. Our guide on Subcontractor Insurance Verification covers the verification process in depth.

Building a Repeatable COI Review Process

A COI review process is only as strong as its consistency. Ad hoc reviews create gaps. The most effective construction companies build structured workflows that treat COI collection and review as a non-negotiable step in subcontractor onboarding, not an afterthought.

Key elements of a repeatable process include:

• A standardized COI checklist used by every reviewer, every time
• A centralized digital repository where COIs are stored, indexed by subcontractor and expiration date
• Automated expiration date reminders sent 60 and 30 days before each policy renewal
• A clear policy that no subcontractor begins work until a compliant COI has been reviewed and approved
• Periodic audits of your COI files to catch documents that have lapsed without replacement

For companies preparing for insurance audits, having well-organized COI records is essential. Our resource on Construction Insurance Audit Preparation outlines what auditors typically look for and how organized COI files make the process significantly smoother.

When your COI management process is integrated with your broader compliance program, you reduce exposure, strengthen your position during claims, and demonstrate to owners and insurers that your operation takes risk management seriously. For a comprehensive overview of your obligations, explore our Construction Insurance Compliance resource.

Frequently Asked Questions About How to Review a COI

What is the most important thing to check when reviewing a COI?

The most critical element is confirming that policy effective and expiration dates cover the full duration of the project. Expired coverage is the single most common compliance failure found during construction insurance audits. Beyond dates, confirming that your company is properly listed as an additional insured with primary and non-contributory wording is equally essential for protecting your interests.

How do I verify that a COI is authentic and not fraudulent?

Contact the issuing insurance carrier directly using contact information you find independently through the carrier's official website, not from the certificate itself. Request a verification letter or coverage confirmation from the carrier, and cross-reference the policy number shown on the COI. If the carrier has no record of the policy number, treat the certificate as fraudulent and halt work immediately.

Do I need to be listed as an additional insured on a subcontractor's COI?

Yes. In virtually all general contractor and owner-subcontractor relationships, the upstream party should be listed as an additional insured on the subcontractor's general liability and, where applicable, commercial auto policies. This protects you from third-party claims arising from the subcontractor's work. Being only a certificate holder does not provide this protection and is a common misconception that leaves many contractors unknowingly exposed.

How often should I collect updated COIs from subcontractors?

Collect a new COI before work begins on any project and again whenever a policy renews, which is typically annually. For multi-year or long-duration projects, build expiration tracking into your compliance calendar and request renewals 30 days before each policy expires. Never wait for the subcontractor to provide updates proactively — most will not unless prompted.

What happens if a subcontractor's coverage lapses mid-project?

A coverage lapse mid-project exposes you to significant liability. Any incident occurring during the lapse period may not be covered by the subcontractor's insurer, potentially leaving your own policy or personal assets as the fallback. Most well-drafted subcontract agreements include a right to suspend or terminate the subcontractor's scope of work until compliant insurance is reinstated. Exercise this right without delay when you discover a lapse.

Get Expert Help with Your COI Review Process

Reviewing COIs correctly and consistently takes time, expertise, and a reliable system. If your team is struggling to keep up with certificate collection, expiration tracking, or compliance verification across multiple subcontractors, we can help. Contact us today to discuss how our COI management services can reduce your risk and free your team to focus on building.