Why a Certificate of Insurance Is the Most Dangerous Document in Your Franchise System

Key Takeaways

• COIs provide zero legal protection. A Certificate of Insurance is a non-binding snapshot of a policy that may not exist, may have been cancelled, or may lack the specific endorsements required by your franchise agreement.

  
  

• The "Broker-Signed" fallacy. Agency-issued certificates do not override the actual policy language; if the policy hasn’t been formally endorsed to include the franchisor as an Additional Insured, the piece of paper in your filing cabinet is legally irrelevant.

  
  

• Manual tracking is a liability mask. Relying on human review of static PDFs creates a false sense of security while systemic gaps—like "manifest-only" coverage or inadequate aggregate limits—remain hidden.

  
  

• The notice of cancellation gap. Standard ACORD 25 forms explicitly state the insurer is under no obligation to notify certificate holders of a mid-term policy cancellation, leaving franchisors exposed for months at a time.

  
  

• Compliance is a data problem, not a document problem. Real risk mitigation requires verifying the underlying policy data and carrier ratings (A.M. Best) rather than checking a box on a visual scan of a COI.

  
  

• Indemnity is only as strong as the insurance backing it. Without verified coverage, the indemnity clause in your FDD is a "paper tiger"—useful in court but worthless if the franchisee has no assets to satisfy a judgment.

Why does the industry treat a memo as a contract?

In the franchising world, we have inherited a legacy of "paper-checking" that suggests a PDF of an ACORD 25 form is a valid proxy for risk transfer. It isn’t. If you look at the top right corner of any standard Certificate of Insurance (COI), the disclaimer is printed in all caps: "THIS CERTIFICATE IS ISSUED AS A MATTER OF INFORMATION ONLY AND CONFERS NO RIGHTS UPON THE CERTIFICATE HOLDER."

Despite this, I’ve sat in boardrooms with PE-backed franchisors who believe they are protected because they have a 95% "compliance rate" based on collected COIs. This is a fundamental misunderstanding of how insurance law works. A COI is not a policy. It is not an endorsement. It is an agent’s representation of what they believe the policy contains at the moment the "Print" button is clicked.

The disconnect between the COI and the actual policy is where the most expensive franchise litigation lives. According to data from the National Association of Insurance Commissioners (NAIC), the complexity of commercial lines has led to a rise in "silent" risk—where a certificate holder assumes coverage exists that the underlying policy explicitly excludes. When a slip-and-fall occurs at a unit in Ohio, the franchisor’s legal team reaches for the COI, only to find out during discovery that the franchisee’s policy had a "designated premises" endorsement that excluded the very area where the injury occurred. The COI didn't mention that exclusion. The COI just said "General Liability: $1,000,000."

What happens when the ACORD 25 disclaimer meets a $5M claim?

Most operators don't realize that the ACORD 25 form was redesigned specifically to protect brokers and carriers, not the certificate holders. The courts have consistently upheld this. In cases like T-Mobile Northeast LLC v. Illinois National Insurance Co., the judiciary has made it clear: if the certificate says one thing and the policy says another, the policy wins every single time.

When you are managing a system with 500 locations, you aren't just managing 500 certificates; you are managing 500 distinct legal contracts between your franchisees and their carriers. If a franchisee’s broker forgets to check the "Additional Insured" box, or if they check it but fail to actually issue the CG 20 10 endorsement to the carrier, the franchisor has zero privity with the insurer.

Think about the math of a typical catastrophic claim. If a franchisee is found liable for a $3 million judgment but only has a $1 million limit that was never properly endorsed to the franchisor, the plaintiff’s attorney is coming after the deep pockets of the brand. At that point, showing the judge a COI is like showing a receipt for a car you never actually took delivery of. It proves intent, but it doesn't provide the vehicle for defense and indemnity.

Can your staff actually spot a "manifest-only" exclusion?

We often task entry-level coordinators or offshore teams with "verifying" insurance. We give them a checklist: check the dates, check the limits, make sure the franchisor’s name is in the "Description of Operations" box. This is a systems failure.

A standard COI will not show you the "Scheduled Auto" limitation that prevents coverage for a delivery driver’s personal vehicle. It won’t show you the "Classification Limitation" that voids coverage if a pizza franchise starts selling wings and the broker didn't update the class code. These are what I call "landmine exclusions."

The Insurance Services Office (ISO) maintains thousands of endorsement forms. A franchisee looking to save $400 on their annual premium might opt for a "Specialty" policy that excludes "Assault and Battery." On a COI, this looks like a standard General Liability policy. But if a fight breaks out in the parking lot and the franchisor is sued for "negligent security," that $400 saving becomes a $250,000 legal bill for the brand because the coverage was never there to begin with.

Why is the 30-day notice of cancellation a myth?

The most common request I hear from franchisors is, "Make sure we are listed for 30 days' notice of cancellation." It’s written into almost every franchise agreement in the country. Yet, if you read the fine print on a standard COI, it says the insurer will "endeavor" to provide notice but failure to do so shall "impose no obligation or liability of any kind upon the insurer."

In reality, carriers only provide notice of cancellation to the Named Insured (the franchisee) and the First Named Insured. To get actual, legally binding notice as a franchisor, you need a specific endorsement—usually a CG 02 05 or a proprietary carrier equivalent—that modifies the policy's "Cancellation" section.

Without that endorsement, a franchisee can pay their first installment, send you a valid COI, and then stop paying their premiums. The policy cancels on day 45. You don't find out until day 180 when a demand letter hits your desk. According to A.M. Best reports on commercial carrier solvency and policy behavior, mid-term cancellations for non-payment have fluctuated significantly with economic cycles, yet franchisor visibility into these lapses remains near zero when relying on static paper.

Is your "Additional Insured" status actually "Primary and Non-Contributory"?

This is where the operator’s mindset must shift from "Do they have insurance?" to "Whose insurance pays first?"

Being named as an Additional Insured (AI) is the baseline. But without "Primary and Non-Contributory" language, your own corporate insurance policy could be forced to contribute to a claim that happened at a franchisee’s location. This is a silent killer of Loss Constants and EMR (Experience Modification Rate) scores.

If you have 100 franchisees and 20 of them have policies that are "excess" to your corporate coverage, your corporate program is effectively subsidizing the risk of your most negligent operators. This isn't just a risk problem; it's a P&L problem. Every time your corporate policy is touched by a franchisee-level claim, your premiums at the next renewal will reflect that loss history.

How does "Aggregated Risk" threaten a franchise system?

Let’s look at the "Per Project" vs. "Per Location" aggregate. If a franchisee operates five units under one LLC and has a $2 million general aggregate limit, that $2 million is shared across all five stores. One major fire or a cluster of foodborne illness cases at Unit A can exhaust the entire policy limit, leaving Units B, C, D, and E with zero coverage for the remainder of the policy year.

A COI will rarely tell you if the aggregate has already been eroded by previous claims. You are looking at a $2 million limit on paper, but in reality, that franchisee might only have $15,000 of liquidity left in their policy. As a system builder, you have to demand a "Per Location" aggregate endorsement (CG 25 04), which ensures that the limit resets for every individual unit. This is a non-negotiable for brands scaling past the 50-unit mark.

What are the second-order consequences of "Unrated" carriers?

In a hard insurance market, franchisees look for the cheapest possible path to compliance. Often, this leads them to "Non-Admitted" or "Excess and Surplus" (E&S) carriers that don't carry an A.M. Best rating of A- or better.

While E&S carriers serve a purpose, their policies are often non-standard and contain "Absolute Exclusions" that a standard ISO policy wouldn't dream of. If your compliance system only checks for the existence of a policy and not the quality of the carrier, you are building your brand on a foundation of sand. The Small Business Administration (SBA) has noted that business failure rates increase significantly when unhedged risks—like an insolvent insurer or a denied claim—hit a small operator. If the carrier goes under or denies a legitimate claim based on a technicality, that franchisee is often one lawsuit away from bankruptcy, which then triggers a "de-identification" headache for the franchisor.

FAQ

If a COI isn't enough, do I need to collect the full 200-page policy?

You don't necessarily need the full policy for every franchisee, but you must collect the specific endorsements. At a minimum, you need the Additional Insured endorsement, the Primary and Non-Contributory endorsement, and the Waiver of Subrogation. These are the legal "teeth" that a COI lacks.

What is the "Waiver of Subrogation" and why does it matter?

It prevents the franchisee’s insurance company from suing you (the franchisor) to recover money they paid out on a claim. If a franchisee’s employee is injured and the carrier pays Workers' Comp, they might try to sue you for "unsafe brand standards" to get their money back. A Waiver of Subrogation stops that in its tracks.

Can’t I just rely on my indemnity clause in the Franchise Agreement?

Indemnity is a legal obligation; insurance is the money that pays for that obligation. If a franchisee has no money and no insurance, your indemnity clause is just an expensive piece of paper. You can win the legal argument and still lose the money.

How often should I be auditing franchisee insurance?

Annual checks at renewal are the bare minimum, but they leave a 364-day window for coverage to lapse. High-performing systems move toward continuous monitoring or at least quarterly spot-checks of the "Notice of Cancellation" endorsements.

Does my Umbrella policy cover me if the franchisee’s insurance fails?

Usually, yes, but that’s the worst-case scenario. It means your corporate loss history takes the hit, your premiums go up, and you’re paying a deductible for a risk you thought you had transferred.

Conclusion

The Certificate of Insurance has become a "security theater" in the franchising industry. It provides the appearance of safety without the legal mechanics to back it up. For a founder or an operator, the goal isn't to collect paper; the goal is to ensure that when a catastrophic event occurs, the financial burden stays where it belongs: with the franchisee’s carrier.

Relying on a COI is a bet that the franchisee’s broker was perfect, the franchisee is honest, and the carrier is generous. In my experience, that is a bet that eventually fails. True risk management requires moving past the document and into the data—verifying endorsements, tracking carrier ratings, and ensuring that the "Additional Insured" status isn't just a checked box, but a reinforced legal reality. Build your compliance system for the claim you hope never happens, not for the audit you're trying to pass today.

About the Author

Wade Millward is the founder and CEO of Rikor, a technology-enabled insurance and risk management company focused on the franchising industry. He has spent his career working with franchisors, franchisees, and private-equity-backed platforms to uncover hidden risk, design scalable compliance systems, and align insurance strategy with how franchise systems actually operate. Wade writes from direct experience building systems, navigating claims, and helping brands scale without losing visibility into risk.