COI Tracking for Property Managers: The Complete Guide

If you manage residential or commercial properties, COI tracking is one of the most consequential administrative tasks on your plate. Every vendor who performs work on your properties -- plumbers, electricians, HVAC technicians, roofers, landscapers, janitorial services, pest control, elevator maintenance, fire safety inspectors -- should carry adequate insurance, and you should be able to prove it at any moment.

The challenge is not understanding why this matters. Most property managers already know the stakes. The challenge is building a system that actually works at scale, especially as your vendor count grows and annual renewal cycles stack up.

This guide covers the complete COI tracking workflow for property managers: what to collect, how to verify it, how to track it, what compliance scoring means, and how to prepare for an audit.

Why COI Tracking Is Non-Negotiable for Property Managers

The liability exposure from uninsured or underinsured vendors is not theoretical. Courts have held property owners and management companies liable for injuries caused by contractors when those companies failed to verify adequate insurance coverage. The failure to maintain a current COI can be used to establish negligence in litigation.

Consider the risk profile of a typical mid-size property management operation:

A company managing 500 residential units typically maintains relationships with 150 to 300 vendors across trades. Each vendor carries multiple insurance policies -- general liability, workers' compensation, commercial auto, and possibly umbrella coverage -- each with its own renewal date. That translates to 600 to 1,500 individual policy expirations to track per year.

Without a systematic approach, even a 5% error rate means 30 to 75 compliance gaps in your vendor file at any time. Each gap is a window of unverified coverage during which a claim would expose your organization to unprotected liability.

According to the National Apartment Association, general liability claims involving contractor incidents at managed properties are among the most frequent and costly categories of claims in residential property management. COI tracking is the operational control that closes that exposure.

Step 1: Define Your Insurance Requirements

Before you can track compliance, you need to know what you are tracking against. Your insurance requirements should be:

• Documented in writing
• Referenced in every vendor contract
• Tiered by risk category
• Reviewed annually or when major claims data changes your risk profile

Recommended Vendor Tiers

Tier 1 -- High risk. General contractors, roofers, electricians, plumbers, structural work, demolition, fire protection. Requirements: $1 million per occurrence / $2 million aggregate general liability, both CG 20 10 and CG 20 37 additional insured endorsements, workers' compensation with waiver of subrogation, commercial auto with $1 million combined single limit, and $5 million umbrella or excess.

Tier 2 -- Moderate risk. HVAC technicians, painters, janitorial, pest control, landscaping, elevator maintenance. Requirements: $1 million per occurrence / $2 million aggregate general liability, CG 20 10 additional insured endorsement, workers' compensation with waiver of subrogation, commercial auto if operating vehicles.

Tier 3 -- Lower risk. Consulting professionals, IT service providers, inspection services. Requirements: $1 million general liability, professional liability where applicable.

Document these requirements in a policy matrix that you provide to every vendor at onboarding and reference in your master service agreements.

Step 2: Collect COIs at Vendor Onboarding

The collection process begins before any vendor performs work. Your onboarding workflow should include:

Provide requirements upfront. Give vendors your certificate requirements in writing before asking them to submit. A vendor who knows exactly what you need can instruct their broker correctly the first time, reducing the back-and-forth of non-compliant submissions.

Name your entities correctly. Your master service agreement and your COI request should both specify the exact legal names of the entities that must appear as additional insured and certificate holder. Property management companies often operate through multiple entities -- the management company, the ownership entity, and sometimes a lender. All required entities should be specified.

Accept certificates from the producing broker. Prefer certificates issued by the vendor's insurance broker rather than certificates the vendor prints or downloads themselves. A certificate from the broker's management system is harder to fraudulently alter than a PDF the vendor generated and modified.

Set a deadline. Specify that a compliant COI must be received before site access is authorized or a purchase order is issued. Enforce this consistently.

Step 3: Verify Every COI Against Your Requirements

Receipt of a COI is not the same as verification. Every certificate must be checked against your documented requirements before the vendor is marked compliant.

The Verification Checklist

Work through these items on every certificate:

1. Named insured matches the vendor's legal entity as it appears in your contract. Check the full legal name, including entity type suffix.

2. All required coverage types are present. General liability, workers' compensation, commercial auto if applicable, umbrella if required for the vendor's tier.

3. Policy dates are current. Effective date is in the past. Expiration date covers the period during which the vendor will perform work.

4. Limits meet or exceed your requirements. Check each limit field individually. A vendor who meets the per-occurrence limit but falls short on aggregate is non-compliant.

5. Additional insured status. The additional insured checkbox is marked on the CGL line. More importantly: the endorsement form number (CG 20 10 for ongoing operations, CG 20 37 for completed operations) is referenced in the description of operations or on an attached endorsement page.

6. Waiver of subrogation. Marked on the workers' compensation line at minimum.

7. Certificate holder. Your entity's correct legal name and address appears in the certificate holder box.

8. No limiting language. Read the description of operations for language that restricts coverage, creates project-specific limitations, or carves out coverage types.

For a full field-by-field guide, see How to Read a Certificate of Insurance.

What to Do When a COI Is Non-Compliant

Do not approve site access. Send a deficiency notice that identifies every specific item that needs correction. Be specific: "Your general liability limits show $500,000 per occurrence; our requirement is $1,000,000" is more actionable than "Your COI does not meet our requirements." The more specific your deficiency notice, the fewer rounds of resubmission you will go through.

Track every deficiency request and response. This documentation protects you if a compliance dispute arises later.

Step 4: Track Expirations and Manage Renewals

COI expiration management is where manual tracking most commonly fails. The typical property management vendor portfolio includes hundreds of policy expirations per year distributed unevenly across the calendar. Without systematic tracking, some will always slip through.

The Renewal Timeline

90 days before expiration: Send the vendor an initial renewal reminder. This gives them adequate time to contact their broker and request an updated certificate.

60 days before expiration: Second reminder if no updated certificate has been received.

30 days before expiration: Escalated reminder. Flag the vendor as at-risk for compliance lapse.

14 days before expiration: Final reminder with notice that site access authorization will be suspended if a compliant certificate is not received.

Day of expiration: If no updated certificate has been received, suspend the vendor from your approved list and halt any pending purchase orders or work authorizations.

Post-expiration: Continue pursuing the certificate while enforcing site access suspension. Document all attempts to obtain updated coverage.

Dealing With Vendors Who Do Not Respond

Some vendors, particularly smaller operators, do not monitor their own policy renewal dates. The broker is often the more reliable contact for certificate updates. When vendor outreach fails, contact the broker directly using the contact information from the original COI.

In cases where a vendor consistently fails to maintain documentation, escalate to your approved vendor list management process. Vendors who cannot demonstrate a pattern of compliance may not belong on your approved list regardless of their work quality.

Step 5: Maintain Centralized Records

Your COI documentation is an asset -- both as evidence of your risk management practices and as the record you need when a claim occurs. Centralized, organized records are essential.

For each vendor, your compliance file should contain:

• Current COI (most recent verified certificate)
• Historical COIs (all prior certificates)
• Endorsement pages for additional insured and waiver of subrogation
• Your vendor contract, including the insurance requirements section
• Records of all compliance requests and responses
• Deficiency notices and resolution records
• Compliance history by date

This documentation should be searchable, backed up, and accessible without depending on any single individual's computer or email archive. When a claim occurs, you may need to produce this documentation on short notice.

Step 6: Compliance Scoring and Portfolio Reporting

Individual vendor compliance is important, but portfolio-level visibility is what enables strategic risk management. Track these metrics:

Portfolio compliance rate: The percentage of active vendors with a current, verified COI. A well-run compliance program should maintain 95% or higher. Anything below 85% represents material unmanaged risk.

Average time to compliance: How long does it take from initial COI request to receipt of a compliant certificate? This metric identifies vendors who are consistently difficult to collect from.

Expiration gap rate: The percentage of policy renewal cycles during which coverage lapses before an updated certificate is received. Your goal is zero, but tracking the rate tells you where your outreach timing needs adjustment.

Deficiency rate by vendor tier: If Tier 1 (high-risk) vendors are submitting non-compliant COIs at a higher rate than Tier 2, that is a training or communication problem with your highest-risk vendor category.

Report these metrics to your ownership group or management company leadership quarterly. A demonstrated track record of high compliance rates is evidence of institutional diligence in the event of litigation.

Step 7: Audit Preparation

COI audits happen in several contexts: insurance carrier audits as part of your own policy renewal, due diligence for portfolio acquisition or sale, lender audits for refinancing, and legal discovery during claims.

Be ready for an audit at any time. This means:

• No aging documentation. Every vendor file should have a certificate dated within the last 12 months or at most the current policy period.
• Complete files. If you require endorsements, every file should include the endorsement page, not just the COI.
• Searchable records. An auditor should be able to pull any vendor's compliance history in under 60 seconds.
• Exception log. Any vendor authorized on an exception basis (temporary site access while a replacement COI is in process) should be documented with the date, the authorizing manager, and the reason.

Run an internal compliance audit quarterly. Review 10% of your vendor files randomly. Check that documentation is current, complete, and matches your requirements. Use the results to identify systemic gaps before an external audit finds them.

Key Takeaways

• Define tiered insurance requirements in writing before collecting a single COI.
• Collect and verify COIs at onboarding -- not after work begins.
• Check every certificate against every requirement, not just a visual scan.
• Track expirations with a structured reminder sequence starting 90 days out.
• Maintain centralized, searchable records for every vendor.
• Measure portfolio compliance rate and report it to leadership quarterly.
• Run internal audits quarterly to identify gaps before external review.

Frequently Asked Questions

How many vendors should be in my approved vendor list before I need software?

Manual tracking typically breaks down somewhere between 50 and 100 active vendors. Below that threshold, a structured spreadsheet with calendar reminders can work. Above it, the volume of annual renewals, deficiency follow-up, and documentation management becomes a full-time task that software handles more reliably. See our guide on choosing COI tracking software.

What happens if a vendor's coverage lapses while they are actively performing work?

First, suspend the vendor from your approved list and halt active work if possible. Request an updated certificate immediately. Document the lapse date and any work performed during the gap. Consult your risk advisor about whether you need to notify your own insurer. The documentation trail showing your prompt response is important if a claim arises related to work performed during the coverage gap.

Do I need to verify endorsements, or is the COI checkbox enough?

The checkbox is the producer's representation that an endorsement exists -- it is not the endorsement itself. For high-risk vendors, request the actual endorsement page. For lower-risk vendors, the checkbox combined with matching language in the description of operations is generally sufficient, but verify with your risk advisor based on your contract requirements and local legal standards.

How should I handle sole proprietors who claim they do not need workers' compensation?

In most states, sole proprietors can legally opt out of workers' compensation for themselves. The issue is whether they have employees -- if they subcontract work to individuals, those individuals may be employees who require coverage. Get written confirmation from the vendor of their workers' compensation status and consult your attorney if you have doubt about whether their employees are covered.

What coverage limits should I require for different vendor types?

There is no universal standard -- limits should reflect the risk profile of the work and the value of the properties involved. Common starting points: $1M/$2M general liability for standard maintenance vendors, $2M/$4M for higher-risk trades, $1M commercial auto for any vendor operating vehicles. Your property management attorney and insurance broker can advise on appropriate limits for your specific portfolio and jurisdiction.

---

COIPulse automates the entire COI tracking workflow described in this guide: vendor portal, automated reminders, AI-powered extraction, compliance scoring, and audit-ready reporting. Built specifically for property management operations. Start a free trial or grade your current compliance program.