7 in 10 Contractor COIs Are Non-Compliant. You'll Carry the Risk.
When a contractor works on your site or on your behalf, their insurance and certifications are your liability to verify. Most of the certificates you receive are silently non-compliant - wrong endorsements, missing additional-insured language, cancellable mid-policy. ExpiryEdge tracks every document for every contractor and flags problems before the work starts.
No credit card required · Setup in minutesQuick answer
Contractor compliance tracking is the workflow of collecting, validating, and continuously monitoring contractor insurance certificates, trade certifications, work permits, and safety documents. Best practice is to require evidence pre-engagement, validate that policy limits, effective dates, and the Additional Insured endorsement (CG 20 10 for ongoing operations / CG 20 37 for completed operations) match the contract, then automate alerts at 60 and 30 days before each document expires. About 70% of vendor-supplied COIs arrive non-compliant - verification is the work.
By the numbers
7 in 10
COIs collected from contractors are non-compliant on first receipt and require an average of three follow-ups to fix.
Source: myCOI / BCS (2024)>70%
of self-reported vendor data is inaccurate, incomplete, or expired - making manual verification the highest-risk failure point.
Source: KPMG (cited 2024)$165,514
maximum OSHA penalty per willful or repeat violation involving an unqualified contractor on a site you control.
Source: OSHA (2025 adjustment)What you track
General / public liability insurance
Workers' compensation / employer's liability
Professional indemnity / errors & omissions
Additional insured endorsement (CG 20 10 / 20 37)
Waiver of subrogation endorsement
Commercial auto insurance
OSHA 10 / OSHA 30 training cards
Trade certifications (CSCS, Gas Safe, NICEIC, EPA)
W-9 / W-8BEN-E and 1099 contractor docs
I-9 / right-to-work documentation
Background checks and DBS certificates
Site-specific method statements / RAMS
How it works
Set the requirement list once, per contractor type
Define which documents every electrical sub, every catering vendor, every cleaning contractor must produce. Save it as a template. New contractors are onboarded against the template instead of a one-off email thread.
Validate, do not just collect
Confirm policy limits match your contract minimums. Verify your entity is named Additional Insured (not just Certificate Holder). Check the endorsement form is attached. Re-request anything wrong. The "we received a COI" step is not the same as compliance.
Monitor continuously, not just at expiry
Reminders at 60 and 30 days before each document expires, plus an immediate alert if a policy is cancelled mid-term. Contractors with lapsed docs are flagged on the dashboard. Engagement gates can block work assignment until they\'re cleared.
Who this is for
General contractors and construction firms
Subcontractor COIs, additional insured endorsements (CG 20 10 / 20 37), OSHA training, trade certifications - gated to subcontract execution and payment release.
Property managers and REIT operators
Hundreds of vendor COIs renewing on uneven cadences. Tenant insurance plus vendor insurance plus elevator-mechanic and HVAC contractor certs.
Facilities and operations leaders
Cleaning, landscaping, security, pest, catering - every contractor an inspector might ask about, evidenced in one place.
Procurement and vendor risk teams
A defensible, audit-ready vendor-compliance record for SOC 2, ISO 27001, supplier risk assessments, and M&A diligence.
The difference
A subcontractor's general liability insurance expired three weeks ago. Nobody noticed. An incident happened on site. The investigator asked for the contractor's COI on day three of the claim - your COI on file had already expired. The claim attached to your policy.
60 days before the policy expiry, ExpiryEdge alerted both your project manager and the contractor. The renewal was supplied, the new COI validated, and the contractor's status remained green on the dashboard. The day of the incident, you had a current certificate, a current endorsement, and a clean record of continuous coverage.
Frequently asked questions
Am I legally responsible if a contractor's insurance has expired?
Effectively yes. If you engage a contractor working on your site or on your behalf, you can be held liable when they cause harm and they are uninsured. The claim travels up: the injured party sues the contractor, the contractor has no coverage, the claim attaches to whoever has insurance - usually you. Courts have repeatedly held principals to a duty of care to verify insurance before engagement and to monitor it continuously.
Why is being a "Certificate Holder" not enough?
Certificate Holder simply means you receive a copy of the certificate - it gives you no rights under the policy. To be covered by the contractor's policy you must be named as an Additional Insured, evidenced by a separate endorsement form attached to the COI (CG 20 10 for ongoing operations and CG 20 37 for completed operations, in most cases). Many COIs we see in audits list the right entity as Certificate Holder but include no Additional Insured endorsement form at all. That gap is the single most common COI failure.
Which contractor documents should I be tracking?
At a minimum: general / public liability, workers' compensation (or employer's liability), commercial auto where applicable, professional indemnity for design or advisory work, the relevant Additional Insured and Waiver of Subrogation endorsements, OSHA 10 or 30 cards for site contractors, trade certifications (CSCS, Gas Safe, NICEIC, EPA), W-9 or W-8 forms, I-9 or right-to-work documentation, background checks where the role requires, and site-specific method statements / risk assessments.
What about the workers' comp exemption form some sole-prop subs use?
Sole-proprietor subcontractors with no employees can legally hold a workers' comp exemption. The risk is that the exemption form is older than 12 months, refers to the wrong entity, or covers a state different from where the work is being done. ExpiryEdge stores the exemption as a separate document type with its own expiry date and state metadata, so the loophole closes rather than opens.
Can a vendor cancel their policy mid-term after sending me the COI?
Yes - and this is the silent failure mode behind most "we had the certificate" claims. Most policies allow mid-term cancellation, and the carrier may or may not notify you depending on the endorsement language. ExpiryEdge runs continuous status checks against expiry dates and supports notice-of-cancellation endorsements (CG 24 04 / equivalents) so the policy status is monitored beyond the certificate.
Can reminders go directly to the contractor instead of my team?
Yes. For each contractor document you choose who gets the alert: your team, the contractor, or both. Default cadence is 60 and 30 days before expiry, with an escalation to your team if the contractor has not responded by 14 days.
How does ExpiryEdge compare to enterprise tools like ISNetworld, Avetta, or TrustLayer?
ISNetworld, Avetta, Veriforce, and TrustLayer are designed for enterprise principals with thousands of subs and large risk budgets - typical pricing $10–60k per year plus per-contractor fees. ExpiryEdge fits the 5 to 500 contractor bracket those tools are too expensive for, with the same core capabilities (document collection, validation, expiry tracking, audit trail) and flat-rate pricing. See our Avetta vs ISNetworld comparison for full context.
Know every contractor is covered before they arrive
Free to try. No credit card required.
Start Free Trial