The party that engages the contractor bears responsibility for verifying insurance. This is not the contractor's broker's job, not the insurance carrier's job, and not a task you can delegate away through a contract clause requiring the contractor to "maintain insurance." Requiring and verifying are different obligations.
If a contractor's employee is injured on your site and the contractor was uninsured - and you took no steps to verify insurance before work began - you have a weak defense and likely a costly exposure.
Who Is Legally and Practically Responsible
The contracting party (you) bears the obligation to verify that the contractor has the insurance your contract requires before that contractor begins work.
This responsibility flows from several sources:
Contractual duty. Your contract with the contractor creates the insurance requirement. Enforcing that requirement - by collecting and reviewing the COI before work begins - is your obligation.
Duty of reasonable care. Depending on jurisdiction and circumstances, you may have a duty of reasonable care to protect employees, customers, and third parties from harm by the contractors you engage. Part of fulfilling that duty is ensuring your contractors are adequately insured.
Practical exposure. Regardless of the legal theory, if the contractor is uninsured and causes harm, the injured party will pursue available resources - which may include you. The practical consequence of failed verification is that your insurance or assets cover losses you intended to transfer.
- Contractor's broker - issues COIs, not your compliance
- Contractor themselves - conflict of interest
- A blanket compliance checkbox - collecting is not verifying
- Risk management - ideal home for COI verification
- Legal - drafted the requirements, can verify them
- Operations/PM - with proper training on what to check
Who Should Not Be Relied On for Verification
The contractor's broker. Brokers issue COIs at their client's request. They do not independently verify that a certificate satisfies your specific contractual requirements. A broker listing you as certificate holder is not verification that you're an additional insured, that limits are adequate, or that endorsements are correct.
The contractor themselves. Contractors have a financial interest in winning work. Accepting a contractor's self-representation about their insurance is not verification. Get the certificate from the broker directly when possible, or at minimum verify the certificate against your contract requirements independently.
A blanket "compliance" checkbox. Many organizations have a "contractor compliance" step in their onboarding that involves collecting a COI and checking it off. Collecting is not verifying. The checkbox is only meaningful if someone has actually compared the COI against the contract requirements.
Who Within Your Organization Should Own Verification
Depending on your organization's structure, contractor insurance verification should be owned by:
Risk management. The ideal home for COI verification, since it sits with the team that understands coverage adequacy and has the expertise to read COIs against contract requirements.
Legal. For organizations without a dedicated risk function, legal teams that drafted the contract insurance requirements are positioned to verify compliance against those requirements.
Project management / Operations. In construction and field operations, the project manager or GC often owns contractor compliance verification. This works if the PM has been trained on what to look for - and fails if they treat COI collection as a checkbox.
Property management. For real estate landlords, the property management team typically manages tenant COI collection. The gap is often in the depth of review - collection without contract-level verification.
What Verification Actually Requires
Verification is not the same as receipt. Receiving a COI proves that you asked for and received a document. Verification means:
COI Verification Checklist:
- The COI is current (policy dates cover today)
- All required policy types are present (CGL, workers' comp, auto, umbrella)
- Coverage limits meet or exceed the contract requirement for each policy type
- Your entity is named as additional insured with the correct legal name
- The additional insured basis matches what the contract requires (primary and non-contributory)
- Waiver of subrogation is reflected where required by the contract
- The umbrella follows form to the underlying policies
- Cancellation notice terms meet the contract requirement
Completing this checklist against every COI for every contractor is the actual work of verification. At scale, this is operationally burdensome - which is why automated contract-to-COI comparison tools exist.
The Delegation Problem
Some organizations try to outsource verification to their property management company, GC, or third-party administrator. Delegation is fine - as long as you've confirmed the delegate is actually performing verification (not just collection) and has a defined protocol for flagging deficiencies back to you.
"We have a property management company that handles COIs" is not a compliance program. It's a statement about who performs the collection task. Whether verification is happening - contract-level, clause-by-clause - is a different question.
Related Resources
- How Do I Verify a Contractor's Insurance
- What Insurance Does a Contractor Need
- Can You Work Without a COI
- How to Build a Vendor Insurance Compliance Program
Bramble automates the verification step - reading your contracts and comparing every COI against your actual requirements, so your team spends time on remediation, not detection. Book a demo at getbramble.com.