How to Request a COI From Vendors (With Email Templates)

The most common breakdown in COI compliance is not a misread certificate or a misunderstood endorsement. It is the failure to obtain the certificate in the first place. The vendor was hired, the work began, and the COI request was either never sent, sent too late, or sent without enough specificity for the vendor to respond correctly.

Requesting a Certificate of Insurance should be a standardized, repeatable process that happens before work begins — ideally before the contract is signed. The quality of the request directly determines the quality of what you receive. A vague request produces a vague certificate. A specific request produces a certificate you can actually verify.

When to Request a COI

Before Contract Signing

The ideal time to request a COI is during contract negotiation, before the agreement is executed. At this stage, the vendor is motivated to comply because the contract (and the revenue it represents) depends on it. Insurance requirements should be a schedule or exhibit attached to the contract, and the COI should be received and verified before the contract is signed.

This sequence matters because the contract creates the legal obligation for insurance requirements. If the vendor signs the contract and then discovers they cannot obtain the required coverages or limits, you have a vendor under contract who is unable to comply. By requiring the COI before signing, you confirm that the vendor can meet your requirements before you are committed.

Before Work Begins

If the COI was not obtained during the contracting phase, it must be obtained before the vendor begins work on your property or project. No certificate, no access. This is a firm line that property managers, general contractors, and project managers must enforce consistently. The moment you allow a vendor to start work without a verified COI, you have accepted the risk that their insurance is inadequate or nonexistent.

At Renewal

Every COI expires. When a vendor's certificate approaches its expiration date, a renewal request must be sent proactively — typically 60 days before expiration. This is not a new request; it is a continuation of the compliance cycle that began when the vendor was first onboarded.

After a Material Change

If the scope of work changes significantly (a maintenance vendor takes on a construction project, a vendor moves from one property to another with different requirements), the existing COI may no longer be sufficient. Request an updated certificate that reflects the current scope.

What to Specify in the Request

A COI request that says "Please send us your certificate of insurance" will produce whatever the vendor's broker happens to generate — which is almost certainly not what you need. Effective requests are specific.

Required Coverages

List every coverage type you require, with minimum limits for each:

• Commercial General Liability: $1,000,000 per occurrence / $2,000,000 aggregate
• Commercial Auto Liability: $1,000,000 combined single limit
• Workers' Compensation: Statutory limits / $1,000,000 Employers' Liability
• Umbrella/Excess Liability: $5,000,000 per occurrence / $5,000,000 aggregate

If you require specialized coverages (Professional Liability, Pollution Liability, Cyber Liability, Builders Risk), specify those as well with their limits.

Required Provisions

Specify every provision the certificate must document:

• Additional Insured status on GL, Auto, and Umbrella
• Waiver of Subrogation on GL, WC, Auto, and Umbrella
• Primary and Noncontributory on GL
• 30-day notice of cancellation

Include the endorsement form numbers if you require specific ISO forms (CG 20 10, CG 20 37, CG 24 04, WC 00 03 13, etc.).

Certificate Holder Name and Address

Provide the exact legal entity name and mailing address that must appear in the Certificate Holder section. This is the single most common source of errors on certificates. If your legal name is "Acme Property Holdings LLC" and the certificate says "Acme Properties," it needs to be reissued.

Provide it exactly as it should appear:

Certificate Holder: Acme Property Holdings LLC 123 Main Street, Suite 400 New York, NY 10001

Project or Location Reference

If the certificate should reference a specific project, property, or contract, provide the exact text that should appear in the Description of Operations:

"Re: 450 Park Avenue, New York, NY — Lobby Renovation, Contract #2026-0147"

Email Template: Initial Request

Subject: Certificate of Insurance Required — [Vendor Name] / [Property/Project Name]

Dear [Vendor Contact Name],

Before work begins on [Property/Project Name], we require a Certificate of Insurance documenting the following coverages and provisions. Please forward this request to your insurance broker/agent so they can issue the certificate.

Required Coverages and Minimum Limits:

• Commercial General Liability: $1,000,000 each occurrence / $2,000,000 general aggregate (occurrence form, per-project aggregate preferred)
• Commercial Automobile Liability: $1,000,000 combined single limit (any auto)
• Workers' Compensation: Statutory limits; Employers' Liability $1,000,000 each accident / $1,000,000 disease-each employee / $1,000,000 disease-policy limit
• Umbrella/Excess Liability: $[Amount] each occurrence / $[Amount] aggregate

Required Provisions (must appear in Description of Operations):

• [Your Organization Name] is included as Additional Insured on General Liability (CG 20 10 and CG 20 37), Auto, and Umbrella policies
• Waiver of Subrogation in favor of [Your Organization Name] on General Liability (CG 24 04), Workers' Compensation (WC 00 03 13), Auto (CA 04 44), and Umbrella
• General Liability is Primary and Noncontributory (CG 20 01)

Certificate Holder (must appear exactly as shown): [Your Organization Legal Name] [Street Address] [City, State ZIP]

Description of Operations should reference: [Property address and/or project name and contract number]

Please submit the certificate by [date — typically 10 business days from the request]. Certificates can be sent to [email address] or uploaded to [portal URL if applicable].

If you have questions about these requirements, please contact [compliance contact name] at [phone/email].

Thank you, [Your Name] [Title]

Email Template: 5-Day Follow-Up

Subject: Follow-Up: Certificate of Insurance Still Needed — [Vendor Name] / [Property/Project Name]

Dear [Vendor Contact Name],

I am following up on our Certificate of Insurance request sent on [date of initial request]. We have not yet received the certificate, and our records show work is scheduled to begin on [start date].

Please confirm that this request has been forwarded to your insurance broker and provide an estimated date for certificate delivery. As a reminder, work cannot commence until we have a compliant certificate on file.

The full requirements were outlined in my previous email. If you need me to resend them, please let me know.

Thank you, [Your Name] [Title]

Email Template: Escalation

Subject: URGENT: Certificate of Insurance Required Before Work Can Begin — [Vendor Name]

Dear [Vendor Contact Name / Vendor Principal],

Despite our initial request on [date] and follow-up on [date], we have not received a Certificate of Insurance for [Property/Project Name]. Work was scheduled to begin on [date] and cannot proceed without a compliant certificate.

To be clear, this is a contractual requirement. Section [X] of our agreement dated [date] requires you to maintain the specified insurance coverages and provide evidence of insurance prior to commencing work.

We need the certificate delivered by [specific date — no more than 3-5 business days]. If we do not receive a compliant certificate by this date, we will need to [specify consequence: delay the project start date / engage an alternate vendor / escalate to senior management].

If there is an issue with meeting any of the insurance requirements, please contact me directly so we can discuss alternatives.

Thank you, [Your Name] [Title] [Phone Number]

Handling Common Vendor Pushback

"We've never been asked for this before."

This response usually comes from smaller vendors or those accustomed to working with organizations that have informal compliance programs. The answer is straightforward: these are standard industry requirements, your contract includes them, and compliance is a condition of the engagement. Offer to connect the vendor with your compliance team to walk through the requirements.

"Our policy doesn't include [Additional Insured / Waiver of Subrogation / etc.]."

The vendor's current policy may not include these provisions, but they can almost certainly be added by endorsement. The vendor needs to contact their broker and request the endorsements. The cost is typically minimal — often less than $200-$500 per year per endorsement. If the vendor's carrier will not add the endorsement, the vendor may need to switch carriers or obtain a separate policy.

"Our broker says a certificate of insurance can't include that language."

This is incorrect. The ACORD 25 form has a Description of Operations section specifically designed for this language. If the broker is unfamiliar with documenting provisions on a certificate, the vendor should consider finding a broker with experience in commercial insurance. Alternatively, provide the broker with the exact language you need in the Description of Operations.

"We carry higher limits than what you're asking for — isn't that enough?"

Higher limits are good, but limits alone do not substitute for required provisions. A vendor with $5M in CGL coverage but no Additional Insured endorsement provides you with zero protection under their policy, regardless of the limit amount. Provisions and limits are separate requirements, and both must be met.

"Can we start work and get the certificate later?"

No. This is the most important line to hold. Once a vendor begins work without a certificate, the urgency to provide one evaporates. The work is already happening, the vendor is already on site, and the compliance request becomes an afterthought. The only effective leverage is withholding work authorization until the certificate is in hand.

"Our insurance doesn't cover work in your state."

This is a legitimate issue. Some policies are written for specific states. If the vendor's policy does not cover the state where your property is located, the vendor needs to contact their broker to add state coverage. For Workers' Compensation in particular, multi-state coverage must include the state where work is performed.

The Self-Service Portal Alternative

Email-based COI requests work for small vendor portfolios but break down at scale. When you are managing 200, 500, or 1,000 vendors, individual emails become unmanageable. The compliance team spends more time chasing certificates than reviewing them.

A self-service vendor portal transforms the process:

Vendors receive automated requests with your specific requirements pre-populated. No manual emails. No risk of sending the wrong requirements for a given vendor tier or project.

Vendors upload certificates directly to the portal. No email attachments lost in inboxes, no version confusion, no certificates sitting in a compliance inbox for days before being processed.

AI reviews certificates at upload. The system parses the certificate, compares it against your requirements, and immediately identifies gaps. The vendor sees the results and can request corrections from their broker before the compliance team is involved.

Follow-ups are automated. If the vendor has not responded in 5 days, the system sends a follow-up. If the certificate is non-compliant, the system sends a specific gap notification identifying exactly what needs to be corrected. The compliance team manages exceptions, not the routine flow.

The audit trail is automatic. Every request, every upload, every review, every communication is logged with timestamps. When someone asks whether Vendor X was compliant on a specific date, the system provides a definitive answer.

The shift from email-based to portal-based COI management is the single biggest efficiency gain most compliance programs can make. It does not change the requirements — it changes the process for meeting them.