Vendor COI tracking for property managers. The manual-to-automated walkthrough.
An uninsured vendor on your property is your liability, not theirs. Here is how property managers track Certificates of Insurance today, where the manual process fails, and what an automated COI workflow looks like from onboarding through audit.
Start Your 14-Day Free Trial30%
of vendor COIs in a typical manual tracker are already expired
$1M
standard additional insured endorsement coverage threshold
14 days
typical grace window before a non-compliant vendor pause
0
number of insurance gaps acceptable during incident review
- An uninsured vendor on your property is a liability transfer to the owner and, in many states, to the property manager.
- Manual COI tracking fails at four seams: onboarding, booking, renewal chase, and audit. Spreadsheets cannot close any of them.
- A compliant COI has eight verification fields - date window, additional insured endorsement, and limits are the three that fail most often.
- Automated COI workflows chase the vendor directly, gate work-order assignment on compliance, and produce historical compliance reports in seconds.
- ExpiryEdge is purpose-built for vendor COI tracking with auto-chase, date-range verification, and owner-facing reports. Free 14-day trial.
A Tuesday in October
A plumber you have used for three years is replacing a water heater in Unit 4B. While cutting the copper line, he accidentally hits a sprinkler head. Two units below suffer water damage. Six weeks later, the owner’s insurance carrier subrogates and asks for the plumber’s COI covering the date of loss. You pull up your spreadsheet. The plumber is listed as "current." You email him asking for the cert. He replies: he dropped that policy four months ago. The carrier disallows your subrogation claim. The loss sits with the owner - and, in your state, the management company is named in the complaint.
This scenario repeats, in some variation, across every mid-sized property management portfolio. The specifics vary - plumber, roofer, cleaner, landscaper. The gap is always the same: a current COI was not on file on the date of loss.
Why COI tracking is a property manager problem, not a vendor problem
The insurance is the vendor\u2019s responsibility. The verification is not. That one shift is where managers get exposed.
Liability does not transfer without coverage
A contract with a vendor can transfer liability only to the extent the vendor is insured. If coverage does not exist on the date of loss, the contractual transfer is empty. The loss falls to the next party in the chain - the owner, and often the manager.
Owners expect the manager to run this gate
Management agreements almost always include language about vendor screening and insurance verification. "We forgot to check" is a breach of the management contract, not just a bad day.
Most COIs have quiet gotchas
Wrong policy type. Owner not listed as additional insured. Limits below the contract requirement. Expired last week. A cursory glance at a COI does not catch any of these. An automated system does, because it checks on the same rules every time.
The worst audits are the ones you cause yourself
When an incident happens, the insurance carrier does a deep document pull. Every vendor who set foot on the property in the last 12 months comes under review. If 30% of your COIs were expired at random points, that surfaces. That pattern looks like negligence.
The manual workflow vs the automated one
The same four stages. The manual version leaks at every seam. The automated version closes each seam by default.
1. Onboard vendor
PM sends an email asking for a COI. Vendor emails back a PDF. PM saves it to a shared drive folder and adds a row to the tracking spreadsheet.
Break point: The email thread is the record of review. Nobody checks coverage limits, additional insured status, or policy type systematically.
2. Use vendor
PM books the vendor for a job. Nobody checks the COI at booking time.
Break point: Booking is decoupled from compliance. By the time you think about checking, the vendor is already on site.
3. Renewal reminder
PM’s calendar pings 30 days before the listed expiry. PM emails vendor asking for the renewed COI.
Break point: Half the vendors do not reply. The PM sends a follow-up email. Half of those do not reply. The expiry slips past and nobody notices.
4. Incident or audit
An incident triggers a document review, or an owner asks for a compliance report.
Break point: PM rebuilds the state of the spreadsheet manually to figure out what was valid when. Several vendors are flagged as lapsed retroactively.
1. Onboard vendor
Vendor is created in the system. PM sends a COI upload request link. Vendor uploads the PDF. System OCRs the document, extracts expiry, carrier, limits, additional insured listing, and flags mismatches against the contract requirement rules.
2. Use vendor
Booking a non-compliant vendor is blocked at the work-order level. If the PM tries to assign an expired vendor, the system raises a compliance gate that requires a sign-off override.
3. Renewal reminder
System emails the vendor directly 60 / 30 / 14 days before expiry with a branded upload link. The PM is not in the loop unless the vendor ignores the cadence, at which point the vendor is flagged non-compliant automatically.
4. Incident or audit
The historical state of every vendor’s compliance is queryable as of any date. The report that takes three hours to build manually takes 60 seconds to produce.
Anatomy of a compliant COI
Eight fields to verify on every vendor certificate. Skip any and you are back to hoping.
Named insured
Purpose: The vendor’s legal business name - must match the entity on your contract.
Gotcha: Mismatch here ("Bob’s Plumbing LLC" on COI vs "Bob Plumbing Inc" on contract) can void coverage.
Policy number and carrier
Purpose: Identifies the specific policy backing the certificate.
Gotcha: You can look up the carrier’s rating (AM Best). Below A- is a policy you should not accept.
Effective and expiration dates
Purpose: Defines the window of coverage for the certificate.
Gotcha: If the date of loss falls outside this window, there is no coverage, even if you had a valid cert yesterday.
Coverage type (general liability, auto, workers comp, umbrella)
Purpose: Each vendor needs different coverages depending on the work.
Gotcha: A roofer with general liability but no workers comp is a major exposure. Your contract should specify which coverages.
Per-occurrence and aggregate limits
Purpose: The dollar amount the policy pays per incident and per policy period.
Gotcha: Standard ask is $1M per occurrence / $2M aggregate for general liability on most rental jobs. Verify against contract.
Additional insured endorsement
Purpose: Names your owning entity (and often the manager) as an additional insured on the vendor’s policy.
Gotcha: A COI that checks all other boxes but lacks this endorsement leaves you unable to access the vendor’s coverage.
Waiver of subrogation
Purpose: Prevents the vendor’s insurer from pursuing your insurer to recover after a claim.
Gotcha: Most commercial contracts require this. Absent a waiver, your insurance cost can rise after any vendor-caused loss.
Cancellation notice clause
Purpose: Requires the carrier to notify you before cancelling the vendor’s policy.
Gotcha: Most modern certs have a "shall endeavor to" note here - treat it as non-binding and rely on your own expiry tracking.
A baseline vendor coverage matrix
Use as a starting point. Adjust per your owner\u2019s insurance advisor and the risk profile of the property. Higher-value buildings typically push limits upward.
General contractor
Plumber / electrician / HVAC
Roofer
Landscaper
Cleaning / janitorial
Pest control
Snow removal
Appliance repair
The seven-step migration to automated COI tracking
This is the sequence for a mid-sized manager moving from a spreadsheet-plus-email system to software. Most portfolios complete the migration in 10 business days of focused effort.
1
Pull every vendor in use in the last 12 months
Check your accounts payable history. Even vendors used once or twice should be in the tracker - especially since those are the ones most likely to have lapsed coverage.
2
Request a current COI from each active vendor
Send a batch request. Set a 14-day window. Flag any vendor who does not respond as paused pending compliance.
3
Define your coverage requirement rules
Per vendor type (plumber, roofer, electrician, general contractor), what minimum limits and coverage types do you require? Document this once and apply universally.
4
Upload every current COI to the system
Extract expiry and limits. The system flags any vendor whose cert does not meet your rules - that is your remediation list.
5
Integrate with your work order flow
Assigning a job triggers a compliance check. A non-compliant vendor cannot be assigned without a manager override and a reason note.
6
Hand the renewal workflow to the system
Configure the 60 / 30 / 14 day email cadence to the vendor. From now on the system chases, not the PM.
7
Export a portfolio-wide compliance report to owners
Run the first monthly owner-facing export. This is the single feature that usually earns the owner’s approval for the software bill.
Frequently asked questions
Property managers on COI tracking.
What is a Certificate of Insurance (COI)?
A COI is a document issued by a vendor’s insurance carrier (or broker) summarising their active coverage - policy type, carrier, effective dates, limits, and optional endorsements such as additional insured status or waiver of subrogation. It is evidence of insurance, not the policy itself. The underlying policy can be changed or cancelled after the COI is issued - which is why tracking expiry and requiring cancellation notice matters.
Why does a property manager need a COI from every vendor?
Because an uninsured vendor on the property is a liability transfer to the owner. Management agreements almost universally require the manager to verify vendor insurance before using them. Without a tracked COI, an incident involving the vendor can fall on the owner - and in many jurisdictions the manager is named in the complaint as well.
What limits should I require on vendor COIs?
Standard minimums for rental property work: general liability $1M per occurrence / $2M aggregate, workers comp statutory, auto liability $1M. For higher-risk trades (roofing, tree work, snow removal) push to $2M / $4M with an umbrella. Your contract sets the minimums - the COI is how you verify them.
What is an "additional insured" endorsement and why does it matter?
An additional insured endorsement names your owning entity (and optionally the manager) as a beneficiary of the vendor’s policy for work performed for you. Without it, you cannot tender a claim to the vendor’s carrier - you can only ask the vendor to. The endorsement is what gives you direct access to the coverage.
Is COI tracking software different from a PMS vendor module?
Yes. PMS tools like AppFolio and Buildium store vendor records and often a single-date expiry field. They rarely extract limits from the PDF, check additional insured status, block booking of non-compliant vendors, or chase the vendor for the renewed COI directly. A dedicated compliance platform does all four.
How much time does automation actually save?
For a manager with 100 active vendors, expect 4-8 hours per month freed up from chase emails alone. The larger gain is in avoided exposure - a single uninsured claim typically covers several years of tool cost. The third gain is trust: owners who see a clean compliance report renew management contracts at higher rates.
What happens when a vendor refuses to send an updated COI?
They become non-compliant in the system and are paused from booking. In most cases this results in the vendor sending the COI within a week. Vendors who still refuse are typically vendors you should not keep - the refusal is usually because the coverage is inadequate or lapsed.
Related guides
More guides to help you pick the right compliance tool.
Sources & further reading
Authoritative references consulted for this article.
- Insurance Information Institute - Certificate of Liability Insurance - Authoritative explainer on what a COI is and is not.
- ACORD Forms - Industry Standard COI Template - The ACORD 25 form is the industry-standard COI. Used as reference for required fields.
- AM Best - Insurance Carrier Financial Strength Ratings - Rating guide for checking vendor carrier solvency (A- or better is standard floor).
- Insurance Information Institute - Understanding Subrogation - Reference on why waiver of subrogation matters in vendor contracts.
- NAIC - National Association of Insurance Commissioners - Regulatory body with state-by-state insurance commissioner contacts.
- IRMI - Additional Insured Endorsements - Definitive industry reference on additional insured endorsement forms and interpretations.
Close the vendor insurance gap.
ExpiryEdge tracks every vendor COI, chases renewals directly, and gates work-order assignment on compliance. Owners see a clean report every month.
Start Your 14-Day Free Trial