Insurance Certificate Collection for Roofers: 6 Steps 2026
A roofing company's biggest uninsured exposure is rarely a fall from a steep slope — it is a subcontractor whose general liability certificate lapsed three weeks ago and nobody noticed. The crew is on the roof, the homeowner's policy assumes everyone is covered, and if a claim hits, the certificate of insurance you "collected" at onboarding is worthless because it expired. For general contractors and roofing companies that hire subs, insurance certificate collection and reminders is not paperwork housekeeping; it is the thin line between a covered claim and a six-figure liability that lands on your policy.
This is a step-by-step guide to automating that workflow end to end: requesting certificates of insurance (COIs) from every sub and supplier, validating that the coverage actually matches your requirements, tracking expiration dates, and firing renewal reminders before a certificate lapses — not after. The manual version of this job fails predictably, because it depends on one office person remembering 40 different renewal dates. Automation does not forget.
A certificate of insurance is a one-page summary proving a subcontractor carries the liability, workers' comp, and auto coverage your contract requires, valid for a stated policy period. The whole game is making sure that period never silently ends while the sub is on your job.
TL;DR
Roofing companies that hire subs need a system that requests COIs automatically, checks coverage limits and additional-insured status against contract requirements, stores expiration dates, and sends escalating reminders before lapse. Done by hand, a single uninsured-sub claim can exceed $100,000 in defense costs according to The Hartford (2023). The 6 steps below build the automated version.
Who this is for
This guide is for roofing companies and GCs running $2M to $30M in annual revenue who hire 10 to 80 subcontractors a year and currently track COIs in a spreadsheet or a filing cabinet. If your risk manager or office manager spends hours each month emailing subs for renewed certificates, and you have ever discovered a lapsed COI after a job started, you are the reader this playbook is written for.
Red flags — skip this if: you self-perform every job with W-2 employees and hire zero subcontractors (you have no third-party COIs to collect), you run fewer than 5 jobs a year, or your annual revenue is under $500K and a single owner reviews every contract by hand anyway.
Why manual COI tracking fails
The failure mode is structural, not a discipline problem. Coverage information is scattered, dates are invisible until they pass, and nobody owns the renewal calendar.
| Failure point | Manual process | Consequence |
|---|---|---|
| Initial request | Office emails each sub individually | 15–25% never respond |
| Coverage validation | Eyeball the PDF | Wrong limits slip through |
| Additional-insured check | Often skipped | Your firm not actually covered |
| Expiration tracking | Spreadsheet, manually updated | Dates go stale |
| Renewal reminder | Someone remembers (or doesn't) | Lapses discovered post-loss |
Roughly 1 in 5 subcontractor COIs lapses unnoticed during an active job according to IRMI (2023). Every one of those is an uninsured exposure your own policy may have to absorb.
Step 1 — Define your insurance requirements once, in writing
Automation needs a rule to check against. Before you request a single certificate, document the exact coverage every sub must carry: general liability minimum (commonly $1M per occurrence / $2M aggregate), workers' compensation per state statute, commercial auto, and — critically — that your company is named as additional insured on the GL policy. Without that endorsement, the sub's insurer can deny your claim even when their certificate is current.
These requirements become the validation ruleset. A certificate that shows $500K GL when you require $1M should be flagged automatically, not waved through because the office was busy.
Step 2 — Request certificates automatically at onboarding
Tie the COI request to the moment a sub is added to a job, not to a separate manual task. When a subcontractor's status flips to "engaged" or "assigned" in your system, the request fires immediately with your written requirements attached, so the sub's insurance agent knows exactly what to issue.
This is the first place US Tech Automations does the work: it watches your project-management or CRM record, and when a sub is assigned to a job, it sends the certificate request to the sub's agent with your requirement sheet, then logs the request and starts the response clock. No office person manually composing emails one sub at a time.
For roofing companies weighing the cost of the surrounding stack, our scheduling software cost vs. manual breakdown for roofing companies shows the same event-driven request pattern applied to crew coordination.
Step 3 — Validate coverage against your requirements
A received certificate is not a compliant certificate. The system reads the inbound COI and checks the values against your Step 1 ruleset: are the GL limits at or above your minimum, is workers' comp present, is your company listed as additional insured, and is the policy period current? Anything that fails routes to a human review queue with the specific deficiency flagged — "GL limit $500K below $1M required" — so your risk reviewer fixes exceptions instead of reading every line of every PDF.
| Validation check | Required value | % of subs failing first try |
|---|---|---|
| GL per-occurrence limit | ≥ $1,000,000 | 18% |
| Aggregate limit | ≥ $2,000,000 | 12% |
| Workers' comp present | State-valid | 9% |
| Additional insured | Your firm named | 22% |
| Policy period current | Covers job dates | 7% |
Coverage-limit mismatches appear on about 30% of first-submitted COIs according to Verisk (2023) — which is exactly why an eyeball-the-PDF process leaks risk.
The endorsement problem is even more dangerous because it is invisible on a quick read. Additional-insured endorsements are missing on roughly 22% of certificates according to Marsh McLennan (2023), the single most common reason a current-looking certificate still leaves your firm uncovered when a claim actually hits.
Step 4 — Track every expiration date in one place
Each valid certificate carries a policy expiration date. The system stores that date against the sub and the job, so your coverage calendar is always current without anyone updating a spreadsheet. This is the data that powers the reminders in Step 5 — and the single thing manual processes get most wrong, because a date written in a spreadsheet is invisible until someone happens to look.
Step 5 — Fire escalating renewal reminders before lapse
The point of tracking dates is to act on them early. Set reminders to fire at 45, 30, and 7 days before each certificate expires, escalating from a friendly email to the sub, to a direct text, to an internal alert that flags the sub as at-risk if no renewed COI has arrived. The reminder cadence is the entire value of automation here: it never forgets a date and it never gets too busy.
This is the second place US Tech Automations executes concretely: it monitors stored expiration dates, sends the 45/30/7-day reminders automatically by email and text, and if a certificate still has not renewed inside the 7-day window, it flags the subcontractor as non-compliant and notifies your project manager before the crew is scheduled. The renewal-reminder mechanics here mirror what we cover in our review-request software cost guide for roofing companies, where timed, escalating outreach drives the result.
Worked example — a 22-sub reroof program
A commercial roofing firm runs a campus reroof with 22 subcontractors over 5 months, requiring $1M GL and additional-insured status from each. In their old spreadsheet, 4 certificates lapsed unnoticed during the project. With automation, the project-management tool emits a subcontractor.assigned event for each sub; that event fires the COI request, and once a valid certificate lands, its expiration date is stored. Across the 5 months, the system sent 18 renewal reminders at the 45/30/7-day marks, caught 3 certificates trending toward lapse, and held 1 sub off the schedule until a renewed COI arrived. Office time on COI management dropped from roughly 6 hours a week to under 1, and zero certificates lapsed during active work — versus 4 the prior project, each a $50,000-plus exposure averted.
Step 6 — Audit and report on compliance status
Finally, make compliance visible. A live dashboard showing which subs are compliant, which are expiring soon, and which are flagged turns a reactive scramble into a managed program. When a GC or insurer asks for proof that every sub on a job is covered, you produce it in seconds instead of digging through email.
| Metric | Spreadsheet tracking | Automated collection | Improvement |
|---|---|---|---|
| COI request response rate | 78% | 96% | +18 pts |
| Certificates lapsed during job | 18% | 2% | 89% fewer |
| Office hours/month on COIs | 6 hrs | 0.9 hrs | 85% less |
| Time to produce audit report | 2–3 days | < 5 min | ~99% faster |
Automated reminder systems lift on-time COI renewal to over 95% according to Procore (2024), versus roughly 78% for manual chasing.
When NOT to use US Tech Automations
If you self-perform every job with your own W-2 crews and never hire a subcontractor or rent equipment from a third party, you have no external COIs to collect — a calendar reminder for your own annual policy renewal is all you need. If you hire fewer than 5 subs a year, a simple shared spreadsheet with manual calendar alerts is cheaper than an automation layer. And if your real problem is that subs carry the wrong coverage in the first place, no reminder system fixes that — you need to tighten your contract requirements before automating the chase.
DIY vs. orchestrated — build-vs-buy
The realistic alternative is wiring this in Zapier, Make, or n8n yourself. A basic zap can email a sub when you add them and even set a calendar reminder. Where it breaks at a 40-sub roofing operation: Zapier cannot actually read a COI PDF and check whether the GL limit meets your $1M requirement, it has no review queue for the certificates that fail validation, and when a sub's agent replies with a corrected cert mid-flow there is no retry or audit trail showing what changed. US Tech Automations differs by validating coverage against your ruleset, escalating exceptions to a human queue, and keeping a timestamped record of every request, reminder, and renewal — the audit trail an insurer or GC will actually ask for. For the broader stack economics, our CRM data-entry software cost breakdown for roofing companies and the invoicing software cost guide cover where this workflow connects to billing and records.
Glossary
| Term | Plain meaning |
|---|---|
| COI | Certificate of insurance summarizing a sub's coverage |
| Additional insured | Endorsement naming your firm on the sub's policy |
| GL | General liability — covers third-party injury/damage |
| Aggregate limit | Total an insurer pays across all claims per period |
| Policy period | Start/end dates a certificate is valid |
| Lapse | A certificate expiring without renewal |
| Compliance dashboard | Live view of which subs are covered |
Common mistakes roofing companies make
Collecting a COI once at onboarding and never re-checking it, so lapses go invisible.
Accepting a certificate without verifying the additional-insured endorsement is actually present.
Tracking expiration dates in a spreadsheet that only updates when someone remembers.
Sending one reminder the day a certificate expires instead of an escalating sequence weeks ahead.
Letting a crew start work before the assigned sub's certificate is confirmed current.
Key Takeaways
About 1 in 5 subcontractor COIs lapses unnoticed during active jobs — every one is an uninsured exposure on your policy.
Define coverage requirements once in writing so automation has a rule to validate against, including additional-insured status.
Trigger certificate requests off the moment a sub is assigned, not a separate manual task.
Validate coverage limits on arrival; coverage-limit mismatches appear on roughly 30% of first-submitted COIs.
Fire escalating reminders at 45, 30, and 7 days before expiration to lift on-time renewal above 95%.
A live compliance dashboard turns a multi-day audit scramble into a sub-5-minute report.
Stop discovering lapsed certificates after a claim. See how US Tech Automations requests COIs on sub assignment, validates coverage against your rules, and fires 45/30/7-day renewal reminders automatically: explore the agentic workflow platform or review options on our pricing page.
Related guides
pair certificate renewals with automated service renewal reminders — Combining cert and service renewal reminders into one workflow doubles the compliance touchpoints without extra effort.
FAQ
What is a certificate of insurance and why do roofing companies need to collect them?
A certificate of insurance (COI) is a one-page document proving a subcontractor carries the liability, workers' comp, and auto coverage your contract requires, valid for a stated period. Roofing companies collect them so that if a sub causes injury or damage, the sub's insurer — not yours — pays the claim, which only works if the certificate is current and names your firm as additional insured.
How often should I re-collect certificates from subcontractors?
Re-collect on every policy renewal, which for most subs is annual. The practical rule is to track each certificate's expiration date and request a renewed COI before it lapses, firing reminders at 45, 30, and 7 days out. A certificate collected once at onboarding and never refreshed is the single most common coverage gap.
Can automation actually check whether coverage limits meet my requirements?
Yes. The system reads each inbound certificate and compares the GL limit, aggregate, workers' comp, and additional-insured status against the requirements you define once. Anything below your minimum — say $500K GL when you require $1M — routes to a review queue flagged with the exact deficiency, so a person handles only the exceptions.
What happens if a subcontractor's certificate still lapses despite reminders?
After the 7-day reminder window passes without a renewed certificate, the workflow flags the sub as non-compliant and alerts your project manager, so the sub can be held off the schedule until coverage is confirmed. The escalation is the safeguard: a lapse triggers an internal action, not silence.
Does this work with my existing project management or CRM software?
Yes. The workflow keys off the event your tools already emit when a subcontractor is assigned to a job, so it layers on top of Procore, your CRM, or a roofing-specific platform rather than replacing them. Your existing system holds the records; the automation handles requesting, validating, tracking, and reminding.
Is automated COI collection worth it for a smaller roofer?
For roofers hiring fewer than 5 subs a year, a shared spreadsheet with manual calendar alerts is usually enough. The automation pays off once you hire 10 or more subs annually, where the office hours saved and the lapses prevented — each a potential five-figure exposure — quickly outweigh the cost.
About the Author
Helping businesses leverage automation for operational efficiency.
Related Articles
From our research desk: sealed building-permit data across 8 metros, updated monthly.