2026-06-18 · 6 min read

How Do You Track Vendor Certificates of Insurance?

When you hire a vendor or subcontractor, the certificate of insurance lands in your inbox, you glance at it, save the PDF, and move on. It feels handled. Most of the time it isn't.

The real question isn't "did I get the COI?" — it's "is that COI still valid, and does it actually meet my requirements?" Those are two different problems, and the gap between them is where uninsured losses live.

Why does manual COI tracking break down?

A spreadsheet reminds you to look. It doesn't look for you. That's the flaw.

The COI itself sits in a folder or an email thread. The spreadsheet holds a date someone typed in. The two drift apart fast:

Expiry dates get entered wrong, or not at all
A policy gets renewed but nobody swaps the new PDF in
The reminder fires, you're busy, you snooze it
Nobody re-reads the coverage — only the date

With ten vendors it's annoying. With a hundred subs across active sites or properties, it's structurally impossible to keep current by hand. The document overload that buries COI tracking is the same force that buries vendor statements and invoices — the paperwork outgrows the person assigned to it.

What actually makes a COI non-compliant?

An unexpired certificate can still leave you exposed. "Current" is not the same as "compliant." A COI fails your requirements when any of these is off:

Expired or expiring — the policy lapses before the job ends
Limits too low — they carry $500K but your contract requires $1M
Wrong additional insured — your entity isn't named, so the coverage doesn't extend to you
Missing endorsements — no waiver of subrogation, no primary-and-noncontributory wording, no required forms attached
Wrong coverage type — general liability when you also needed auto or workers' comp

Catching these means reading the certificate against your rules — not just confirming a date hasn't passed. That's the work most tracking never does.

What does a real COI tracking system need to do?

It has to close the loop between the document and the decision. Three jobs:

Read the actual COI — pull coverage types, limits, additional insureds, endorsements, and expiry straight from the PDF, not from a field someone retyped
Check it against your requirements — your minimum limits, your required endorsements, your named entity — and flag exactly what's missing
Drive the follow-up — draft the chase email to the vendor so the gap gets fixed, instead of sitting in a "to review" pile

If a system only sends you a calendar reminder to go look yourself, you still own all the reading and judgment. The point is to remove that burden, not reschedule it.

Where Certify comes in

Certify is an AI agent that reads every certificate of insurance, checks it against your coverage requirements, and drafts the follow-up email to the vendor — so an expired or wrong COI never leaves you exposed.

You forward or upload the COIs. Certify extracts the coverage, limits, and expiry, flags every gap against your rules, and writes the chase email for you to send. It's built for property managers, general contractors, and franchisors tracking vendor and subcontractor insurance — the difference from a spreadsheet is that it reads the document and does the checking, instead of reminding you to.

Start tracking your COIs with Certify — from $300/mo, cancel anytime.

Never get caught with an expired or wrong COI

Certify reads every certificate of insurance, flags what's non-compliant against your requirements, and drafts the follow-up — so a bad COI never leaves you exposed. From $300/mo.

See how Certify works →