In defense of Certificates of Insurance - Part I.

First, let's take this quiz. Which do you hate more?

• April 15th
• The dentist
• Certificates of Insurance

If you're a risk manager or an insurance broker I am certain of your answer. In fact, I cannot think of anything in our industry that evokes more hostility, frustration or primal response than the subject of Certificates of Insurance. Let's unpack all this vitriol and see where the pieces fall.

Complaint #1 - Certificates of Insurance are worthless because they are not proof of insurance.

This extremist sound bite is surprisingly common, even among professionals, and is routinely offered as justification for the elimination of the document altogether. The problem here is that this argument is based solely upon the prejudice that a COI is supposed to be something it is not. Ironically, the very document under attack agrees with the complainant by stating at the top of the page, in bold, capital letters no less:

THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER. THIS CERTIFICATE DOES NOT AFFIRMATIVELY OR NEGATIVELY AMEND, EXTEND OR ALTER THE COVERAGE AFFORDED BY THE POLICIES BELOW. THIS CERTIFICATE OF INSURANCE DOES NOT CONSTITUTE A CONTRACT BETWEEN THE ISSUING INSURER(S), AUTHORIZED REPRESENTATIVE OR PRODUCER, AND THE CERTIFICATE HOLDER.

So, here you have a warning label, so to speak, essentially serving the same purpose as those found on other products subject to misuse. Read the label. Don't try to turn an apple into an orange so you can then argue it isn't an orange.

Complaint #2 - Certificates of Insurance are useless because they don't prove compliance.

Of course they don't prove compliance, that's not the purpose of a COI. To begin to determine compliance you first need to know what constitutes compliance, and that's not found on the COI. You need to look at the underlying contract and compare it to the coverage represented on the COI.

If there is no written contract then, as a competent risk manager, you have already established your own set of insurance coverage requirements that will form the basis of compliance evaluation. That information will be maintained and managed in separate records of which the COI is only one part.

Complaint #3 - Certificates of Insurance are only accurate on the day they are issued.

This could be true, or not. The worry is that the Insured's coverage was modified, cancelled or not renewed. You have some protection here by inclusion of Notice of Cancellation language in the contract and through being an Additional Insured. Nevertheless, you still may not be told.

But again, the problem here is not with the COI, it's with the ill-considered assumption that the COI be able to do something it inherently cannot. Nothing can. Even if you had a copy of the insurance policy you would still have the same uncertainty, for each represents only one point in time. An obvious solution to assuage your doubt is to ask for a new COI on a recurring basis shorter than the actual policy expiration date. This is a smart thing to do in situations where the Insured is not familiar to you or the risk is high.

Complaint #4 - I have no recourse if the information on the COI is incorrect, false or misrepresented, so why bother?

Not true. Insurance agents are licensed professionals with legal obligations to be truthful. Remember, the agent signs her name on the bottom of every COI, can be held liable for errors and omissions and may be obligated to pay for any damages resulting from her actions. (In fact, COIs are the leading cause of E&O claims against brokers.)

Complaint #5 – The cost of collecting and managing COIs outweighs the benefits.

I call this one the "Las Vegas gambit." We were once told by a national retailer they don't bother to verify insurance of their vendors and contractors because it costs more to do so than to pay the claim. I suppose if you have deep pockets and the stomach for gambling this might work - until it doesn't. All it takes is one major incident to cause a serious, possibly disabling financial crisis.

You could think of tracking COIs as a form of insurance against the unknown. For example, the unknown struck a company we subsequently came to know (and ultimately assist). Last year the company had to contend with $14 million in uninsured vendor losses. Now they have become zealous converts to the importance of COI due diligence. Talk about locking the barn after the horse has filed a claim…

Okay. So tell me again why COIs are worthwhile?

#1. The COI shows the Insured obtained insurance.

This is an important purpose. It is similar to the driver's insurance card you carry in your vehicle – it shows that somewhere an insurance company issued a document saying there is a policy that may cover the loss. What it doesn't say, just like your driver's insurance card, is if the insurance is in effect at that exact moment.

#2. COIs help you better manage risk.

In the end, this is the whole point of the exercise, right? If you've performed a risk assessment of the activities associated with your Insureds you can then establish appropriate insurance coverage criteria for each in order to better protect yourself in the event of a loss. The COI is the reference document that conveys the knowledge that the Insured has (or has not) met your requirements.

#3. The COI is the starting point, not an end in itself.

Presuming you have the will to properly manage risk, the COI is the source for a wealth of information. It shows you where the Insured obtained insurance, who the broker is, the period of time the insurance is in force and the terms and limits of each policy. It can tell you if the terms of the contract have been respected regarding Additional Insured language, correct legal naming and other imposed conditions.

Moreover, it can point you to collect additional documentation, such as endorsements, to further strengthen your compliance evaluation. You now have names and phone numbers. This is all actionable intelligence. Without the COI you would know none of this.

One final thought...

Set aside all the emotion surrounding COIs and ask yourself – if you dispensed with the issuance and collection of certificates of insurance what would you have to work with?

Nothing.

You would have a black hole of ignorance about all the things that matter to the risk manager. Your risk control would be based on the blind hope that the Insured has actually complied with your contract, written or otherwise. And you, correctly skeptical about that likelihood, might be further obliged to obtain coverage to protect against the day when you find that the Insured wasn't really telling you the truth.

COIs are the currency by which critical insurance information is conveyed. The simple fact of life for all those who decry their value is that at present there is no alternative. At some future point there may be a cooperative technology solution that transfers the information contained on today's COIs in a more elegant way but tomorrow is not today and, like it or not, we live in the here and now.

It is heard in some corners we should skip over the COI altogether and collect copies of the Insured's insurance policy, for that would be the most reliable source document obtainable. In some cases we do that now, but it is not a panacea and many of the same limitations common to the COI remain.

The reality is that the COI is just one of many useful tools in the risk manager's toolbox. It has its purposes and it has its limitations. This must be recognized and accepted. It cannot be all things for all reasons despite the high expectations of many.

It is those (sometimes histrionic) expectations that tend to muddy the COI conversation, demean the document's value and sow confusion regarding its actual purpose. Turning down the volume would be a good starting point to begin a rational discussion of this often-maligned industry standard.