An E&P operator with 300 active contractors on multiple assets ran what looked like a solid COI program. Certificates were collected, expiration dates tracked, and a shared drive held every document. Then an audit surfaced the problem: 40% of the contractor COIs on file had pollution liability limits below the MSA requirement, and 15% had umbrella policies that excluded pollution - meaning the umbrella didn't actually provide the coverage the MSA required.
None of this was visible in the tracking software. The tool confirmed COIs existed. It did not compare them to the MSA.
That is the defining gap in most oilfield COI tracking tools - and it is the gap that creates direct operator liability when an incident occurs.
The Unique Demands of Oilfield COI Management
Oil and gas contractor compliance involves coverage types that don't exist in other industries - and that generic COI tracking platforms are not equipped to evaluate:
Pollution liability with specific form requirements. Operators need to verify occurrence vs. claims-made, retroactive dates, and whether the policy covers hydrocarbon-specific spills. Standard COI tracking tools read the limit; they don't parse policy form requirements.
Control of well coverage. The COW limit must often be matched to specific well values or operation types defined in the MSA. A blanket "COW: $5M" check misses the cases where a high-value well requires $10M.
XCU exclusion removal. Whether the contractor's GL policy still contains explosion, collapse, and underground exclusions is a policy-level question. It never appears on the COI and requires separate confirmation.
Umbrella follow-form verification. Whether the umbrella policy follows form over auto, GL, employers' liability, and pollution - rather than having its own exclusions - requires reading the umbrella declarations, not just the COI.
Generic COI tracking software cannot handle any of these checks. An oilfield compliance program that relies on such tools is systematically missing the most consequential coverage gaps.
What Oilfield COI Tracking Software Must Do
| Capability | Why It's Required in Oil & Gas |
|---|---|
| MSA ingestion and requirement mapping | MSA insurance exhibits define requirements; compliance is measured against them |
| Pollution liability verification | Including form type, retroactive date, and hydrocarbon coverage |
| Control of well limit tracking | By asset or operation type if MSA varies by scope |
| XCU exclusion flagging | Requires policy-level check, not just COI metadata |
| Umbrella follow-form confirmation | Umbrella exclusions can nullify apparent coverage |
| Additional insured endorsement verification | Must confirm operator is named on pollution policy as well as GL/auto |
| Waiver of subrogation confirmation | Required on all policies including WC |
| Offshore coverage tracking (USL&H, Jones Act) | For operators with any maritime exposure |
| Multi-MSA support | Different assets may carry different requirements |
| Audit-ready reporting | Timestamped compliance records by contractor and asset |
Common Gaps Found in Oilfield Contractor COI Programs
Based on typical upstream compliance audits, the most frequent gaps in oilfield contractor COIs are:
Pollution liability below MSA minimum: MSA requires $2M; contractor provides $1M. This gap is common because pollution policies are expensive and smaller contractors often minimize limits to reduce premium.
Claims-made pollution policy without retroactive date documentation: If the retroactive date is after the contractor began work, past incidents during that period have no coverage. The retroactive date is not always visible on the COI.
Umbrella with pollution exclusion: The umbrella shows $5M on the COI. But the umbrella policy excludes pollution - meaning it doesn't actually sit over the pollution policy or respond to pollution-related claims. The $5M umbrella is effectively $0 for environmental events.
Control of well limit insufficient for the asset: A $5M COW limit appropriate for a shallow gas well may be materially inadequate for a deep formation or high-pressure well. If the MSA doesn't specify asset-calibrated limits, this gap may be invisible even with contract comparison.
Workers' comp not covering all states of operation: A contractor domiciled in Texas carrying Texas workers' comp may be non-compliant for work performed in Wyoming or Colorado unless the policy includes an "All States" endorsement or specific state endorsements.
Manual vs. Automated Compliance in Oil & Gas
| Metric | Manual (Spreadsheet + Email) | Contract-Aware Platform |
|---|---|---|
| Coverage types tracked | Basic (GL, auto, WC) | Full stack including pollution, COW, umbrella |
| Policy-level checks (XCU, retroactive date) | Rarely done | Flagged for manual confirmation |
| Contract comparison | Against generic checklist | Against specific MSA requirements |
| Annual staff cost (300 contractors) | ~$36,400 | Fraction, with higher accuracy |
| Compliance gap detection rate | ~50-60% | Near 100% for documentable gaps |
The most important difference is not efficiency - it's the quality of the gap detection. A manual process that misses pollution coverage gaps is not just slow; it is providing false confidence.
How Bramble Handles Oilfield COI Compliance
Bramble ingests the MSA insurance exhibit - extracting every required coverage type, limit, endorsement, and special requirement - and compares each contractor's COI against those specific terms.
For oil and gas, Bramble flags:
- Pollution limits below MSA threshold
- Missing or unconfirmed additional insured on pollution policies
- Umbrella policies that exclude pollution or employers' liability (based on policy declarations)
- COW limits insufficient for asset type
- WC coverage gaps for multi-state operations
When a gap is found, the alert specifies the exact clause in the MSA that's not satisfied - not just a generic non-compliance flag. This gives contract administrators and risk managers the specific information needed to resolve the gap before it becomes an incident.
Frequently Asked Questions
Can a generic COI tracking tool work for oilfield compliance if I add enough manual checks? Partially. Generic tools can handle the administrative layer - collecting certificates, tracking expirations, maintaining records. But the oil-and-gas-specific checks (XCU exclusion removal, umbrella follow-form, pollution retroactive dates) require policy-level review that no generic tool supports. You'll need a separate manual process for those checks - which reintroduces the inconsistency and error rate that software is supposed to eliminate.
How often should oilfield contractor COIs be reviewed? At onboarding, at every annual policy renewal, and before assignment to a new asset or scope of work that changes the risk profile. Some operators conduct quarterly compliance audits of their highest-risk contractor categories (subsurface, hot work, pressure testing).
What's the liability for an operator if a contractor is underinsured? It depends on the MSA's indemnification structure. If the mutual indemnification provision requires both parties to carry specified insurance, an operator whose contractor is underinsured may find that indemnification obligations are undermined - particularly in jurisdictions with anti-indemnity statutes that limit oilfield indemnification. The operator may absorb losses directly.
Does compliance software eliminate the need for a risk manager in oil and gas? No. Compliance software handles the systematic comparison and documentation layer. Judgment calls - whether a contractor's pollution policy form is adequate for a specific site, or whether a COW limit is appropriate for a particular well - require expert review. The software surfaces issues; the risk manager resolves them.
Oilfield COI tracking requires more than expiration alerts and document storage. The coverage gaps that matter in upstream oil and gas - pollution limits, umbrella follow-form, XCU exclusions - are invisible to generic tracking tools.
See how Bramble handles Oil & Gas contractor compliance or learn how contract vs. COI comparison works.
See how contract-aware compliance works for upstream operations. Book a demo at getbramble.com.