- A Certificate of Insurance is a summary document, not a grant of coverage. The underlying policy and its endorsements are what actually provide coverage.
- For high-value contracts, request the endorsement forms in addition to the certificate.
- Certificates should be verified — for correct entity naming, endorsement references, effective dates, and carrier ratings — against the contract requirements, not against a generic "looks compliant" standard.
The Certificate of Insurance (usually the ACORD 25 form in the United States) is the single most-exchanged document in commercial vendor compliance. Millions of them are issued every year, most of them reviewed by someone who does not fully understand what the form does and does not prove.
This guide covers what a COI actually is, what it evidences, what it does not evidence, and how compliance teams should use it as part of a broader verification process.
What a COI Is
A Certificate of Insurance is a document issued by an insurance broker or agent that summarizes the insurance coverage a policyholder currently has in force. It shows the policyholder, the carrier, the policy numbers, the effective dates, the coverage types, and the limits.
It also indicates — via checkboxes and Description of Operations text — whether specific endorsements are in place: Additional Insured status, Waiver of Subrogation, Primary & Non-Contributory treatment. On the ACORD 25, these are represented by checkboxes and free-text.
What a COI Is Not
A COI is not the insurance policy. It is not a legally-binding grant of coverage. It does not modify or extend the underlying policies. The certificate itself carries a disclaimer stating exactly this: "This certificate is issued as a matter of information only and confers no rights upon the certificate holder."
The actual coverage lives in the underlying policy and its endorsements. If the certificate says Additional Insured status exists but the underlying policy does not carry the endorsement, the certificate is wrong and the coverage does not exist. This is why compliance programs for high-value contracts request the endorsement forms themselves — not just the certificate.
How Certificates Are Issued
Certificates are issued by the insured's broker or agent, usually in response to a request from a client who requires evidence of coverage. The broker fills in the ACORD 25 form based on the coverage currently in force and the specific certificate holder and Additional Insured wording requested.
Speed and accuracy vary. Established brokers with modern agency management systems can issue certificates in minutes. Smaller brokers may take days. Certificates with complex Description of Operations text — multiple Additional Insureds, specific endorsement form references, project-specific wording — take longer and are more likely to contain errors.
How to Read a COI
See the dedicated Certificate of Insurance Checklist for a full field-by-field walkthrough. In summary: check the header, the coverage grid, the Description of Operations, and the certificate holder wording. Verify limits, endorsement references, and effective dates against the contract requirements.
Common Failure Modes
- COI issued with checkboxes marked for AI and Waiver but no supporting endorsement wording in the Description of Operations.
- COI naming the wrong legal entity as certificate holder or Additional Insured.
- COI with expired effective dates or effective dates that do not align with the contract term.
- COI issued by an unlicensed producer or with missing broker contact information.
- Altered or forged COIs — a genuine risk on high-value contracts.
Common commercial agreements
COI parsing, verification, and gap analysis
CoverageReady parses uploaded COIs — including scanned and OCR'd certificates — into structured data. Every field of the ACORD 25 is captured, including the Description of Operations text.
The parsed data feeds the gap engine, which compares each field against the requirements extracted from the associated contract. Missing endorsement references, mismatched certificate holder names, expired effective dates, and below-limit coverages are all flagged with contract citations.
For unusual certificates (non-ACORD forms, foreign certificates, non-standard carrier formats), the system falls back to broker verification with the source clause attached rather than force-passing an ambiguous reading.
CoverageReady scans for the specific trigger phrases, endorsement form numbers, and entity references that indicate this requirement, capturing the exact clause and location within the contract.
Every extracted requirement links back to the highlighted clause in the source contract, so reviewers can verify the AI's interpretation without re-reading the full document.
- Requirement
- Understanding Certificates of Insurance
- Source clause
- Insurance Requirements §5.2
- Match status
- Pending broker review
High-confidence extractions auto-populate the compliance report. Anything below the confidence threshold is routed to broker review with the source clause attached.
- 1Extract every insurance requirement from the contract with a citation back to the source clause.
- 2Parse the vendor's Certificate of Insurance and endorsements into normalized coverage records.
- 3Compare requirements to coverage record-by-record — limits, endorsements, entities, and evidence.
- 4Flag any gap, mismatch, or low-confidence extraction for broker review before finalizing the report.
Frequently asked questions
Is a Certificate of Insurance legally binding?
No. The certificate is informational. The underlying policy and its endorsements are what actually provide coverage. The certificate is proof that the broker believes the coverage exists.
Can a broker refuse to issue a certificate?
A broker can decline to issue a certificate with wording the underlying policy does not support. This is why compliance requests sometimes trigger the broker to add an endorsement before issuing the certificate.
How do I know if a Certificate of Insurance is genuine?
Verify the broker exists and is licensed, confirm the carrier is real and rated, and for high-value contracts request the underlying endorsement forms directly. Forged certificates exist and have caused real losses.
A Certificate of Insurance is a summary document, not a grant of coverage. The underlying policy and its endorsements are what actually provide coverage.
For high-value contracts, request the endorsement forms in addition to the certificate.
Certificates should be verified — for correct entity naming, endorsement references, effective dates, and carrier ratings — against the contract requirements, not against a generic "looks compliant" standard.
Related resources
Continue building expertise with hand-picked references across the CoverageReady Knowledge Center.
See it working on your own contract
Upload a contract or COI and CoverageReady will extract the requirements, compare them to your active certificates, and flag every gap — with citations back to the source.
CoverageReady provides AI-assisted extraction, organization, and compliance tools designed to help users review commercial insurance requirements more efficiently. CoverageReady does not provide legal advice, insurance advice, or policy interpretations. Users should always consult qualified legal counsel or insurance professionals when making contractual or coverage decisions.