The most effective COI requests go to the vendor's insurance broker, not just the vendor - specify exactly what you need, and include a clear deadline. Vague requests produce incomplete certificates. Requests to vendors who then have to relay requirements to their broker add unnecessary delay and error potential.
Here's the full protocol and a request template you can use immediately.
Who to Contact: Vendor or Broker?
Best practice: contact the vendor with specific instructions and tell them to have their broker issue the certificate. This ensures:
- The vendor understands your specific requirements
- The broker issues a certificate that matches those requirements (not a generic certificate)
- Errors are caught before issuance rather than after you receive an incorrect document
Some organizations request broker contact information and communicate directly with the broker. This works for high-volume or high-stakes relationships but may not scale for routine vendor management.
- Send vague "please send COI" email
- No specific requirements listed
- No deadline given
- Vendor relays incorrectly to broker
- Detailed written request to vendor
- Specific limits, endorsements, entity names
- Clear deadline date
- Instructions to forward to broker directly
What to Include in a COI Request
A complete COI request specifies:
The certificate holder: Your legal entity name and mailing address. This appears at the bottom of the ACORD 25 form. Note: certificate holder status gives you notification rights, not coverage rights.
Additional insured requirements: Specify your legal entity name and whether you require primary and non-contributory basis. Example: "Please name [Your Legal Entity Name, LLC] as Additional Insured on a primary and non-contributory basis on the CGL policy."
Required coverage types and minimum limits: Be specific. "GL of $2M" is clearer than "adequate general liability." List each required coverage type with its minimum limit.
Waiver of subrogation: If required by your contract, state it explicitly. "Waiver of subrogation in favor of [Your Entity] is required on all policies where applicable."
Cancellation notice: If you require 30-day notice (vs standard 10-day), state it.
Policy effective dates: Confirm the coverage must be effective as of a specific date (start of work, execution of contract, etc.).
Deadline: Give a specific date by which you need the certificate. "Please provide by [date]" is more effective than "as soon as possible."
COI Request Template
Subject: Certificate of Insurance Request - [Project/Contract Name]
Dear [Vendor Name],
In connection with our contract/agreement dated [date], we require a Certificate of Insurance from your insurance carrier. Please have your broker issue a certificate reflecting the following requirements and return it to [email/portal] by [deadline date].
Certificate Holder: [Your Legal Entity Name] [Your Address]
Additional Insured Requirements: Please name [Your Legal Entity Name] as Additional Insured, Primary and Non-Contributory, on your Commercial General Liability policy. [Add any other entities to be named, such as property management company or lender.]
Required Coverage and Minimum Limits:
| Coverage Type | Minimum Limit |
|---|---|
| Commercial General Liability | $[X]M per occurrence / $[X]M aggregate |
| Workers' Compensation | Statutory limits |
| Employers Liability | $100,000/$500,000/$100,000 |
| Commercial Auto | $[X]M combined single limit |
| Umbrella / Excess | $[X]M, following form |
| [Other if applicable] | [Limit] |
Additional Requirements:
- Waiver of subrogation in favor of [Your Entity] on all applicable policies
- 30-day written notice of cancellation (if required)
If you have questions about these requirements, please forward this request to your insurance broker directly. Certificates should be submitted to [email or portal link].
Thank you, [Your Name]
Common Request Mistakes
Sending to the vendor without specifications. "Please send us your COI" produces a generic certificate that may not list you as additional insured or meet your coverage requirements. Always specify.
Asking for a certificate after work begins. The time to collect a COI is before work starts. Once a vendor is on-site, you've already accepted the risk. If an incident occurs before the COI is received, "we were in the process of getting it" is not a defense.
Not checking receipt against your requirements. Receiving a certificate is not the same as verifying it. After receiving the COI, verify it meets each specified requirement before marking the vendor as compliant.
Using the wrong entity name. Your certificate holder and additional insured name must match your legal entity exactly - not a trade name, not an abbreviation. "ABC Properties" is not the same as "ABC Property Holdings LLC."
What to Do If a Vendor Can't Provide a COI
If a vendor says they don't have insurance, can't get a certificate, or the certificate doesn't meet your requirements:
When a Vendor Can't Provide a Compliant COI:
- Do not begin or continue work without a compliant certificate
- Understand why: is it a coverage issue (they don't have the required coverage) or a documentation issue (they have it but haven't generated the certificate)?
- For coverage gaps: the vendor needs to obtain or upgrade coverage - this takes days to weeks, not hours
- For documentation gaps: the broker can typically issue a certificate within 24 hours
- If the vendor refuses: evaluate whether to continue the relationship; working with an uninsured vendor transfers their risk to you
Automating COI Requests at Scale
For organizations managing many vendor relationships, manual COI requests via email don't scale. Common solutions:
- Vendor portal platforms (Bramble, TrustLayer, Jones) automate requests and manage submissions
- Standardized request templates reduce the variable-input errors in manual requests
- Automated follow-up sequences ensure reminders go out without manual tracking
The goal is a system where every new vendor relationship triggers a COI request automatically, and every approaching expiration date triggers a renewal request - without manual calendar management.
Related Resources
- How Often Should You Collect COIs
- What Is a COI Request
- How Do I Know If a COI Is Valid
- How Do I Verify a Contractor's Insurance
Bramble sends automated, requirement-specific COI requests to your vendors and verifies responses against your contracts - eliminating the manual request cycle entirely. Book a demo at getbramble.com.