How to Detect Fraudulent Certificates of Insurance: Complete COI Verification Guide

Your Subcontractor just caused a $300K injury claim. You have their certificate of insurance on file, reviewed and approved during onboarding. Then you discover the certificate was fake, and your company is now directly liable.

This isn't theoretical. Fraudsters can create convincing fake COIs in under five minutes using freely available ACORD 25 templates and basic PDF editing software. Meanwhile, most verification processes rely on visual document review and trust that vendors submit legitimate certificates.

A recent story from one of our clients: a telecom company specializing in wireless, energy and technology solutions relied on their Insurance Broker to collect and verify their vendors’ COIs and endorsements. This process has failed multiple times, allowing fraudulent COIs to slip through, resulting in a $162,000 uninsured claim.

Before we proceed:|
Certificial  COI Tracking solution eliminates fraudulent COIs completely by leveraging the Smart COI technology and only allowing COI submissions from verified Agent and Brokers. Learn more about Certificial and request a demo here.

How Fake COIs Are Created

The ACORD 25 certificate is standard across industries, which creates vulnerability for COI fraud as templates are freely available online. Because these templates require no credentials to download, creating a fraudulent COI requires minimal skill, just basic PDF editing software and less than five minutes.

Common methods for creating fake certificates of insurance:

• Self-editing by insured parties: Contractors modifying their own COIs to change Certificate Holder names (still insurance certificate fraud even with legitimate coverage)
• Complete fabrication: Creating entirely new fraudulent COI from downloaded template with invented policy numbers and fictional Agent information
• Date manipulation: Taking expired legitimate certificate and changing effective dates
• Copy-paste date fraud: Copying unexpired dates from one coverage line over expired dates on another - this creates less obvious changes than full fabrication
• Issue date inconsistencies: Certificate dated in the future or after receipt date
• Quote number substitution: Using quote numbers instead of actual policy numbers - quote numbers are easier to obtain
• Business name swapping: Changing Insured Name on someone else's valid COI
• Fake Agent impersonation: Setting up email domains mimicking legitimate brokerages.
  ‍

Why Traditional COI Verification Processes Miss Fraud

Accepting certificates from vendors rather than Agents is the most significant vulnerability in COI compliance because Vendor-submitted COIs bypass Agent controls and verification processes, creating the highest fraud risk. By definition, verified insurance coverage should come from insurers or insurance producers.

Visual document review alone cannot detect sophisticated fake COIs as modern editing tools produce clean, professional-looking fraudulent certificates that match legitimate certificate formatting perfectly.

One-time verification at onboarding creates critical gaps. Policies change mid-term through cancellations, limit reductions, and coverage non-renewals. And since these changes happen without notification in most cases, onboarding-only checks are unreliable for continuous monitoring insurance.

Email domain spoofing is trivially easy for COI fraud Changing a single character in an email domain creates convincing impersonation. Real example: a scammer impersonated an Insurance Agent using @marschmma instead of the legitimate broker's domain - just one letter changed.

Phone verification fails when fraudsters control the number because fake certificates can list any contact information. One documented case of insurance certificate fraud: "We had a fraudster who put a fake number there. Calling the number didn't really solve anything. We googled the producer to confirm they were licensed, and then called that actual office. And they were like, we don't know who that is."

What happens when an accident happens, and the Vendor’s COI turns out to be fake?

We asked Christopher A. Arcitio, Of Counsel in the New York City office of Kaufman Dolowich LLP for his legal opinion.

“When General Contractors discover fabricated COIs after a construction accident involving a Subcontractor, they face immediate and cascading consequences. The General Contractor may be required to use their own Workers' Compensation insurance to cover the injured employee. New York State's Workers' Compensation Board enforcement unit may issue a stop work order at the site for the sub's failure to secure required coverage.

Each uninsured work-related accident involving a sub may force the GC to use their own coverage, directly increasing their Workers' Compensation rates. While GCs can pursue legal relief against the sub and the sub's Insurance Broker/Agent for breach of contract, fraud claims are extremely difficult to prove. Plaintiffs must demonstrate that the misrepresentation induced their reliance and that their reliance was justifiable - a high legal bar.

Additionally, subs often cease operations after incidents. Even when GCs obtain default judgments, they must still prove damages to the court and spend substantial time and resources attempting to enforce judgments against defunct businesses.

A 2016 case in Westchester County Supreme Court illustrates these risks. A General Contractor's subcontract required the sub to maintain workers' compensation insurance. Two accidents involving the sub's employees occurred within three months. At the time of both accidents, the sub had no active Workers' Compensation coverage, forcing the GC's insurance to cover both claims. In the subsequent fraud lawsuit against the sub and its Insurance Broker/Agent, the sub had disappeared, and the court held that the fake COI alone could not support a fraud claim against the broker/agent. To sum up, the liability exposure falls on the GC when there's no viable insurance policy for risk transfer.

GCs also face risk from other defendants in lawsuits - property owners, developers, and property managers - who can transfer liability to the GC's policy without the GC having recourse to the sub's policy.

Systems that detect potentially fraudulent COIs before accidents occur ensure GCs have viable subcontractors with legitimate insurance for risk transfer when personal injury accidents happen.

This communique is for educational and promotional purposes and does not constitute legal advice, a legal consultation, or a legal relationship. For legal advice, please see our site to choose an attorney to speak with at Kaufman Dolowich.

Copyright © 2025 Kaufman Dolowich LLP, All rights reserved.

Red Flags: How to Detect Fake Certificates of Insurance

We've put together this source verification checklist, critical for COI fraud detection.

The #1 Rule for COI Compliance: Certificates should ONLY come from licensed Agents, Brokers, or Carriers, never from Suppliers/Vendors. Supplier-submitted COIs bypass the entire insurance industry verification chain, therefore representing the highest risk for fake certificates.

Red flags indicating potential fake COIs:

• COI submitted by Vendor/Subcontractor instead of licensed Agent (most common insurance certificate fraud pattern)
• Email domain doesn't match known brokerage/carrier
• Email domain spoofing (e.g., @marschmma vs. legitimate broker)
• Generic email addresses (Gmail, Yahoo) instead of company domains
• Producer information incomplete or missing
• Producer not licensed in relevant state
• Phone number on certificate doesn't match official agency listing

Common patterns in fraudulent COIs:

• Vendors submitting their own certificates claiming they're from Agents
• Fake phone numbers listed as producer contact for contractor insurance verification
• Email addresses designed to mimic legitimate insurance professionals

Policy Number and Carrier Validation

Red flags in fake certificates of insurance:

• Policy numbers don't follow carrier-specific formats
• Quote numbers listed instead of policy numbers (common in fraudulent COIs because quote numbers are easier to fabricate)
• Carrier name doesn't exactly match official legal name
• Policy effective dates already expired
• Issue date falls outside policy period (e.g., dated 11/2 but received 11/1)
• Issue date is in the future

What to verify for COI compliance:

Each Insurance Carrier uses distinct patterns for policy numbering. Learning to recognize whether a policy number could be legitimate for the Carrier listed helps detect fake COIs through pattern matching. Quote numbers and policy numbers have different formats: fraudsters sometimes use quote numbers in fraudulent certificates as they're easier to obtain than actual policy numbers.

Progressive: 9-Digit, all numerical, usually starts with a 9- or 8- (e.g. 9901234567)

State Farm: 13-Digit alphanumerical, with 4 sections separated by dashes (e.g. 603-8129-E16-55K)

Allstate: 9-Digit, all numerical (e.g. 123456789)

Liberty Mutual: 11 to 15-Digit alphanumerical, and may include dashes (ABC-123-4567890-123)

If Packaged Automobile Polices, often start with “IMG”

Chubb: 9-Digit alphanumerical, starting with a letter (e.g. D12345678)

Coverage Requirements Validation

Red flags suggesting fraudulent COIs:

• Required coverage types missing from certificate
• Limits below your contract requirements
• Required endorsements not specifically listed
• Generic language like "additional insured per contract" instead of specific ISO forms
• Additional insured status not properly indicated
• Waiver of subrogation missing where required
• Primary and non-contributory language absent when required

Why this catches insurance certificate fraud: Generic fake certificates typically show standard coverages with common limits but lack specific endorsement forms required for COI compliance. Fraudsters creating fake COIs rarely have detailed insurance knowledge; requiring specific endorsements by form number (like CG 2010 for ongoing completed operations) makes fraud significantly harder. "An average fake broker probably won't know what CG 2010 is for ongoing completed operations requirements."

What to verify during contractor insurance verification:

Create requirement validation checklists covering:

1. Coverage types required
2. Minimum limits for each coverage
3. Specific endorsement forms by ISO number (CG 2010, CG 2037, etc.)
4. Additional insured requirements
5. Waiver of subrogation
6. Primary and non-contributory requirements

Generic certificates lack these specific details, and this is why requirement validation through source verification catches most fraudulent COIs before they enter your system.

Formatting Indicators of Fake COIs

Visual red flags in fraudulent certificates:

• Misaligned or inconsistent dates (copy-paste indicator in fake COIs)
• Identical expiration dates across multiple coverage lines (suspicious when GL, Auto, Cargo all expire same day)
• Inconsistent fonts or font sizes across document
• Multiple font types within key fields
• Poor scan quality or resolution
• Evidence of white-out or digital overlay
• "Clear all" button visible (indicates PDF form editor use)
• Missing signature or unclear signature
• Crooked or misaligned text/boxes

Real example of detecting a fraudulent COI: "The new expiration dates were slightly unaligned, and appeared to be copy/pasted from the GL date. And, it was 11/1, yet the issue date in the top right was 11/2." 

Important caveat for COI verification: Legitimate certificates from major brokers can have errors ("We get certs from Marsh and AON missing stuff all the time"). Visual flags should trigger additional verification through proper source verification channels for insurance certificate fraud detection, not automatic rejection.

Six-Step COI Verification Framework to Prevent Fraud

This comprehensive contractor insurance verification framework combines red flag detection with systematic process steps to prevent fraudulent COIs from entering your vendor files. 

Step 1: Establish Agent Submission-Only Submission Requirements

The Foundation of COI Fraud Prevention: Never accept certificates of insurance or other insurance documents from Vendors, Subcontractors, or any Third Parties. Because Vendor-submitted COIs bypass all Agent controls and verification processes, they represent the highest fraud risk.

Building the infrastructure to enforce source-only submissions is possible but requires a lot of organizational effort. We’ve outlined general steps below. Alternatively, you might consider a COI tracking solution like Certificial: we only accept COIs and other insurance documents from Insurance Agents and have already built failsafe fraud-prevention mechanisms within our platform. Learn more and request a demo here.

The infrastructure to enforce source-only submissions:

1. Update all Vendor contracts and onboarding documents

2. Collect insurance Agent contact information during vendor qualification/ or onboarding

3. Communicate directly with Insurance Agents

4. Set up designated receipt channels for COI compliance (certificates@yourcompany.com)

5. Create approved sender list for automated processing
Example: Major broker domains (@marsh.com, @aon.com, @gallaghermga.com, etc.)

6. Implement rejection process for Vendor-submitted certificates

7. Document everything for COI compliance audit trail:

• Date you implemented Agent submission-only policy
• Contract language requiring Agent submission
• Agent contact information collected for each Vendor
• Rejected Vendor submissions and reason for rejection
• Direct communication with Agents establishing proper channels

Step 2: Verify Unknown Sources Through Independent Channels

After establishing Agent submission-only submission infrastructure, you'll still receive certificates from insurance professionals you haven't worked with before. New aAgents and regional Brokers submit legitimate certificates, so you’ll need a verification process for unknown sources rather than automatic rejection.

Verification process for unknown insurance professionals:

Check email domain carefully for spoofing. Fraudsters create domains that mimic legitimate Brokers (like @marschmma vs @marsh.com), so you’ll need to compare character-by-character against known Broker domains to catch single-letter changes used in insurance certificate fraud.

Search state DOI licensing databases to verify the Agent:

1. Go to the relevant state Department of Insurance website
2. Search for the Agent name shown as producer on certificate
3. Verify they hold active license in that state
4. Confirm the agency name matches what appears on certificate
5. Note the official agency address and phone number from licensing records

Look up the agency through official sources for source verification:

• Search for agency's official website through Google (verify it matches licensing info)
• Check carrier Agent locator tools to confirm agency appointment with carriers listed on certificate
• Search NAIC company database for carrier information if needed
• For transportation: Cross-reference with FMCSA SAFER database showing carrier's reported insurance provider

Call the agency using the official phone number from licensing database or website:

Never call the number shown on the certificate because fraudsters creating fake COIs can list any number they control. Real case: "We had a fraudster who put a fake number there. Calling the number didn't really solve anything. We googled the producer to confirm they were licensed, and then called that actual office. And they were like, we don't know who that is."

When you reach the agency during contractor insurance verification:

1. Ask to speak with the Agent named on certificate
2. Confirm they work at that agency
3. Verify they issued certificate for the Vendor on the date shown
4. Ask them to confirm key policy details (policy number, effective dates, coverage limits)
5. Request they re-send certificate directly from their verified email address

Document the verification for COI compliance:

• Agent name and title
• Date and time of verification call
• Official phone number you called (from licensing database, not certificate)
• What was confirmed during call
• Whether fresh certificate was emailed from verified address
• Any discrepancies discovered

Verification actions for COI compliance:

1. Compare policy numbers against known carrier format patterns
2. Verify Carrier legal name through AM Best or state DOI databases
3. Check date logic (issue date within policy period, effective date not expired)
4. Contact Carrier directly if anything seems questionable during Vendor insurance verification

Step 3: Verify Coverage Requirements for COI Compliance

This step catches insurance certificate fraud by verifying specific requirements rather than accepting generic certificates. Generic fake certificates are more likely to show only standard coverages with common limits, so requiring specific endorsement forms creates a barrier fraudsters cannot easily overcome.

Create requirement validation checklists for Vendor insurance verification covering:

1. Coverage types required (GL, Auto, WC, Umbrella)
2. Minimum limits for each coverage
3. Specific endorsement forms needed by ISO number (CG 2010, CG 2037, etc.)
4. Additional insured requirements and covered operations
5. Waiver of subrogation by coverage type
6. Primary and non-contributory requirements

Verification actions to detect fraudulent COIs:

1. Compare certificate against your specific checklist
2. Verify each required coverage appears
3. Confirm limits meet or exceed minimums for COI compliance
4. Check that specific endorsement forms are listed by number
5. Document where on certificate you found each requirement

Step 4: Inspect Visual and Formatting Elements

Visual inspection helps detect fake COIs but isn't conclusive alone. Legitimate certificates can have minor formatting variations, so multiple visual anomalies together suggest potential fraudulent certificates requiring deeper investigation through source verification.

Conduct systematic visual review for COI verification:

1. Flag multiple anomalies for deeper investigation
2. Use visual flags as triggers for enhanced verification
3. Document suspicious elements for review
4. Remember that some legitimate certificates have minor errors

Step 5: Establish Continuous Monitoring Insurance Programs

The critical problem with one-time COI verification: "We request insurance certificate at time of setup... Fast forward 2 weeks, or 2 months, or ONE DAY. Does the carrier still have insurance? How do you know?"

Why continuous monitoring prevents insurance certificate fraud exposure:

Policies change mid-term through cancellations, limit reductions, and non-renewals, and this is why onboarding-only checks are unreliable for maintaining COI compliance. Insurance companies often have no obligation to notify certificate holders of cancellations ("Many insurance companies state they have no obligation and make no guarantee to notify you in the event of cancellation") - passive monitoring that relies on carrier notifications is insufficient. 

Red flags requiring immediate re-verification in continuous monitoring insurance:

• Policy expiration approaching (30-90 days out)
• No updated certificate received after expiration
• Carrier cancellation notice received
• Vendor requests work after gap in activity
• Contract renewal or scope change

Step 6: Document Everything for COI Compliance Audits

Document at each verification step:

At initial receipt during contractor insurance verification:

1. Date received, sender name and email, submission method
2. Initial red flag check results for potential fake COIs

During source verification (Step 1) to prevent insurance certificate fraud:

1. Email domain verification results
2. Licensing database searches conducted
3. Phone calls made (official numbers used, not COI numbers)
4. Who you spoke with and what was confirmed
5. Any discrepancies discovered in contractor insurance verification

During requirement validation (Step 3) for COI compliance:

1. Checklist used for verification
2. Each requirement checked and where found on certificate
3. Any missing or insufficient coverage identified
4. Actions taken to address gaps

During continuous monitoring insurance (Step 5):

1. Review dates and reviewer names
2. Updated certificates received
3. Policy changes discovered through COI verification
4. Actions taken on non-compliance

Why comprehensive documentation matters for COI fraud prevention:

Your audit trail proves you verified coverage existed and followed proper contractor insurance verification procedures.

How Certificial Eliminates COI Fraud Through Automated Verification

The contractor insurance verification framework above reduces fake COI risk but requires substantial manual effort. Certificial fundamentally changes the approach to insurance certificate fraud detection by eliminating document verification and implementing automated source verification for COI compliance. Because Certificial uses source authentication and real-time policy data, fraudulent COIs cannot enter the system.

Source Authentication Prevents Fraudulent COIs

How Certificial's automated COI verification works:

1. Only licensed agents, brokers, carriers can submit (no vendor submissions of fake certificates)
2. Certificial verifies identity and licensing before allowing any submissions
3. Each submission tied to verified producer identity for insurance certificate fraud prevention
4. Identity and provenance recorded for every certificate

Certificial's source authentication blocks vendor-submitted certificates at the system level, eliminating the highest-risk fraud vector. Only verified insurance professionals can submit through Certificial, so fake agent impersonation becomes impossible.

What Certificial's source authentication eliminates in COI compliance:

1. Vendor-submitted fraudulent COIs cannot enter the system
2. Fake agent impersonation for insurance certificate fraud becomes impossible
3. Email domain spoofing is detected and blocked
4. Third-party fraud schemes where vendors obtain fake certificates are prevented

SmartCOI® Technology: Continuous Monitoring Insurance with Real-Time Policy Data

The problem with static certificates and COI fraud:

1. They're point-in-time snapshots vulnerable to becoming fraudulent COIs
2. They become stale immediately
3. Policy changes aren't reflected in static documents
4. You don't know if coverage is still active without continuous monitoring

SmartCOI® technology solves this fundamental limitation.

How Certificial's SmartCOI® enables continuous monitoring insurance:

1. SmartCOI® converts static certificate into live, data-driven status
2. SmartCOI® connects directly to policy information for real-time COI verification
3. SmartCOI® updates automatically when policies renew, cancel, or change
4. SmartCOI® shows real-time COI compliance: Compliant or Action Needed
5. SmartCOI® eliminates manual renewal tracking and risk of accepting fraudulent certificates

Continuous Compliance Monitoring with Real-Time Policy Data Prevents Insurance Certificate Fraud

Certificial's automated continuous monitoring insurance includes:

1. Policy expiration tracking (30/60/90-day alerts)
2. Coverage limit change detection through real-time policy data
3. Policy cancellation alerts (including mid-term) preventing exposure to fake COIs
4. Endorsement modification tracking via source verification
5. Continuous requirement evaluation for COI compliance

Since Certificial's continuous monitoring uses real-time policy data, it detects changes instantly. Policy information flows directly from carriers and agents to Certificial, so there's no reliance on carrier notifications or manual tracking for continuous monitoring insurance.

Integration benefits for contractor insurance verification: Certificial integrates with procurement systems, pushing COI compliance data flows into existing workflows. 

Results: Certificial Prevents Fraudulent COIs

Time savings in contractor insurance verification:

1. 80%+ reduction in manual verification time because Certificial automates source verification
2. Elimination of renewal chase process through SmartCOI® continuous monitoring
3. Zero spreadsheet tracking for COI compliance because Certificial manages everything

Improved insurance certificate fraud detection through Certificial:

1. 100% source verification (automated by Certificial)
2. Real-time compliance visibility through SmartCOI® preventing fake COI acceptance
3. Zero fraudulent certificates accepted into system because Certificial blocks them at intake

Risk reduction through Certificial's continuous monitoring insurance:

1. Immediate notification of coverage gaps via SmartCOI® real-time policy data
2. Continuous monitoring vs. annual checks catching insurance certificate fraud through Certificial
3. Complete documentation for claims defense when fraudulent COIs are discovered.