How to Read a COI Like a Pro

The certificate of insurance is perhaps one of the most important documents that exists in the world of contingent workforce management. Whether you’re working with independent contractors, sub-contractors, vendors or suppliers, there’s a good chance that anywhere between 5 and 5,000 of them pass through your compliance department on any given day. The problem is, most compliance professionals aren’t insurance experts. And while the ACORD 25 form looks fairly straightforward, there are important nuances in every insurance policy that can leave your company open to massive liability gaps if you don’t know what to look for.

This article will teach you how to quickly and accurately read a certificate of insurance, the nuances to look for when you’re checking compliance, and how to quickly tell if a COI is fraudulent. For a detailed look at the different terms you’ll see on a COI, like waiver of subrogation, additional insured, or umbrella liability, read Is this COI compliant? Decoding the key terms that make up an insurance policy.

Insurance Compliance

When you’re scanning a COI to make sure that it’s “compliant,” you’re looking for a few things. First and foremost, that it’s a valid certificate (i.e. neither expired nor fraudulent). With fraudulent COIs on the rise (and relatively easy to create), this first criteria can be more difficult to verify than it may seem. You’ll find a quick fraud check at the end of this article, but if you’re looking for a more detailed guide check out How to Spot a Fake COI

Secondly, you’re making sure that it meets the insurance requirements stated in a contract. These can be as simple as “has insurance,” or they can have layers of limits and endorsements that must be met. For example, if the requirement is to have General Liability insurance with a $1 Million per occurrence limit and a $2 Million aggregate limit, listing your company as an additional insured, with a waiver of subrogation in their favor, having the right coverage and limits does not automatically make them compliant. 

The First Step

Before you do anything else, the first and most crucial step is to make sure that the business name in the Insured Box matches the one in your contract. This is important for a few reasons. First, it’s one of the fastest ways to spot a fraudulent COI. Contractors attempting to create their own fake COI using a template they’ve found online will often mistakenly put their name (rather than their business name) in the insured box.

Second, this is the “legal entity” name used throughout the insurance policy documents, which states who the policy actually covers. If there is a claim, the business that the claim is filed against must match the one listed in the policy documents, or the coverage won’t apply. 

For example, let’s say you enter into a contract with Clark’s Consulting Firm, LLC.

This would be fine:

  • Clark’s Consulting Firm

These may be problematic:

  • CCF
  • CCF, LLC
  • Clark Kent
  • Clark’s Consulting

Speed Reading Tips

The key to reading a COI quickly and effectively is to know what you’re looking for. If you need to know the overall general liability limit, but don’t need to know the breakdown of medical expense and damage to rented premises limits, focus your attention on only the aggregate box. 

However, make sure you’re not sacrificing thoroughness for speed. You may not need to memorize the insurance agent’s fax number, but you should be 100% certain that there is valid contact information listed.  

The best strategy for efficiently screening COIs is to make yourself a detailed checklist. That way, you’ll be able to check the important nuances quickly and methodically. Creating and establishing a pattern for yourself will also help you spot fraudulent COIs more accurately, as you’ll quickly recognize when something is out of the norm. 

Breaking Down the Requirement

Let’s say you are checking a COI to see if it meets the following requirement:

The contractor must have general liability insurance with limits of not less than $1,000,000 per occurrence, and $2,000,000 in the aggregate, and professional liability insurance with limits not less than $1,000,000. The policy must name Company A and its affiliates and assignees as additionally insured. The certificate holder should read as the following: Company A, 123 Main Street, Madison, WI 53703.

Starting from the top, your checklist could look like this:

*Pay attention to the items with a star – we’ll use these to quickly identify fraudulent COIs

1 – Date

2 – Producer

3 – Insurance Agent Information*

4 – Insured Box

5 – Insurers Affording Coverage*


6 – Insurer Letter Listed

7 – Policy Number

8 – Effective Date

9 – Expiration Date

10 – $1M Occurrence

11 – $2M Aggregate


12 – Insurer Letter Listed*

13 – Policy Number*

14 – Effective Date

15 – Expiration Date

16 – $1M Occurrence

17 – $1M Aggregate

18 – Additional Insured Language

19 – Certificate Holder Information

20 – Certificate is signed

21 – Signature matches agent information.

The Compliance Checklist

Sample certificate of insurance compliance checklist for onboarding coordinators.

Click to enlarge & save image.

Compliance Tip: A common misconception when reading a certificate of insurance is that the ADDL INSD box has to be checked for the additional insured endorsement to be valid. What this box actually indicates is whether there is a blanket additional insured endorsement on the policy. This endorsement allows the contractor to add unlimited additional insureds to their policy at no extra cost, as opposed to adding each individually. It’s perfectly fine to have a COI which lists your company as an additional insured in the description of operations box (18) but has nothing in the ADDL INSD box. 

Spotting a Fake COI

There are 6 quick ways to spot a fake Certificate of Insurance. For a more detailed list of hidden tricks and nuances to look out for – including visual examples – read How to Spot a Fake COI.

1 | The ACORD LOGO. The vast majority of certificates of insurance from reputable insurance companies will use the ACORD 25 form. Check for the logo and trademark in the top right and bottom of the document

2 | Agent Contact Information. Contractors filling this form out themselves often mistakenly put their own contact information in this section.

3 | INSR LTR: This is the box where the Insurer Letter from the “insurer(s) affording coverage” section should go. However, most non-insurance professionals don’t automatically think to put anything in this box if they’re filling in a template themselves. 

example fraudulent certificate of insurance

4 | Zeros. Certificates of insurance have spaces for coverages like automobile and workers’ compensation, even if the policy doesn’t have those coverages. The limits section for these coverages should be blank. If there are zeros listed to indicate no coverage, it’s likely that a non-professional filled in the form.

5 | The Document is Editable. When insurance agents send the final certificate, it should always be a non-editable PDF. If you’re able to edit any of the information in the COI, you have no way of knowing that the contractor didn’t do the same. Even if it looks legitimate, you can always reach out to the agent and request a on-editable COI.

6 | Fonts and Sizes. The final, easiest way to know if you’re looking at a fake COI is if it just looks off. Mismatched fonts and sizes (particularly in the Insured box or date sections) are a sign that the document may have been tampered with.

What To Do About It

The items on this list by no means guarantee that the COI is fake. Likewise, a fake COI can have each of these items perfectly up to code. The best thing to do if you’re unsure about a document is to reach out to the insurance contact listed in the top right. 

A second popular option is to outsource COI screening. The best solutions will combine software with human expertise, to ensure that every anomaly is spotted. 

Bunker’s COI screening and verification has saved our members 30 minutes per COI, and increased compliance by 40%. Our proprietary software screens every certificate of insurance, creating a digital version that can be shared and updated in real time. Then, our team of licensed insurance advisors verify that each and every certificate meets the exact contract requirements – enhancements, waivers, and all – and notifies your team when they’re compliant and ready to get to work!

Because Bunker is also a licensed digital insurance broker, we’re able to verify compliance twice as fast, and at about half the cost, of other tools. 

If you’re ready to say goodbye to ACORD forms and fraudulent COIs, email us at, or give us a call at (877) 968-9108!

Suggested for You:

COI Compliance, key terms in an insurance policy
Is This COI Compliant? Key Terms in a Liability Insurance Policy
Is this COI fraudulent
How to Spot a Fake COI
Should Your Independent Contractors Have Cyber Insurance?