Additional Insured vs Certificate Holder: Key Differences

A certificate holder and an additional insured are not the same thing. The certificate holder is the person or company that receives the certificate of insurance (COI) as proof a policy exists. An additional insured is actually added to the policy by endorsement and gains real coverage under it. Being the certificate holder gives you notice. Being named as an additional insured gives you protection.

This distinction trips up a lot of people who track certificates of insurance, and getting it wrong is expensive. A company can hold a stack of certificates that name it as the certificate holder and still have no coverage when a vendor causes a loss. Here is exactly what each role means, how additional insured status is really created, and how to confirm you have the protection you think you have.

What is a certificate holder?

The certificate holder is the party a certificate of insurance is issued to. On an ACORD 25 form, it is the box in the lower left. The role is informational: the holder is given a snapshot of the vendor's coverage and, in practice, expects to be told if the policy is cancelled. That is the extent of it. Being the certificate holder does not make you part of the policy, does not extend any coverage to you, and does not give you any right to file a claim under it. You are on the distribution list, not the policy.

What does additional insured mean on a certificate of insurance?

An additional insured is a person or organization added to another party's liability policy so that the policy also protects them. When a vendor names your company as an additional insured, their general liability coverage extends to claims that arise from the vendor's work for you. That is real coverage. If a guest is injured by the vendor's work and sues both the vendor and you, the vendor's carrier can defend and pay on your behalf, not just the vendor's. The cost of that claim shifts to the party whose work caused it, which is the entire point of requiring it.

What is the difference between additional insured and certificate holder?

The difference is coverage versus notice. The certificate holder only receives the document. The additional insured is written into the policy and is actually covered by it. You can be one, the other, or both, and the labels sit in different places on the certificate for a reason.

This is why a checked box or a name typed into the description of operations is not enough on its own. The certificate reports the additional insured status, but the coverage only exists if the underlying policy was actually endorsed to add you.

How additional insured status is actually created

Additional insured status comes from an endorsement to the vendor's policy, not from the certificate of insurance. The certificate just describes what the policy supposedly does. The endorsement is the form that amends the policy language to include you. The most common ones are part of the standard ISO general liability forms.

CG 20 10 vs CG 20 37

The CG 20 10 endorsement adds you as an additional insured for the vendor's ongoing operations, meaning claims that arise while the work is in progress. The CG 20 37 endorsement adds you for completed operations, meaning claims that surface after the work is finished, which is common in construction where a defect shows up months later. They cover different windows in time. For contractor and construction work, you usually want both CG 20 10 and CG 20 37, because a problem can arise during the job or long after the crew has left. Some vendors carry a blanket additional insured endorsement that automatically adds any party they are contractually required to add, which is convenient but should still be confirmed.

Primary and noncontributory, and waiver of subrogation

Two more provisions usually travel with an additional insured requirement, and they decide how the coverage actually behaves in a claim. Primary and noncontributory means the vendor's policy pays first and does not ask your own insurance to chip in. Without it, the carriers can fight over who contributes, and your policy can get dragged in. A waiver of subrogation means the vendor's insurer gives up its right to come after you to recover what it paid, even if you were partly at fault. Together with additional insured status, these three items are the standard risk-transfer package serious contracts require, and all three should appear on the certificate and be backed by policy endorsements.

Can you be both the certificate holder and an additional insured?

Yes, and you usually should be. In most vendor and contractor relationships, the same company is listed as the certificate holder so it receives the document, and named as an additional insured so it is actually covered. They are not mutually exclusive. The mistake is assuming that being the certificate holder automatically makes you an additional insured. It does not. If your contract requires additional insured status, confirm it is there in addition to the certificate holder listing, not instead of it.

How do I know if I am an additional insured?

Do not rely on the certificate holder box or a checked additional insured box alone. The reliable way to know is to read the endorsement that amends the vendor's policy and confirm your legal entity name is on it, with the right scope, ongoing and completed operations where you need both. Request the endorsement, not just the certificate, especially for higher-risk work. This is exactly the kind of check that certificate of insurance verification is built to handle: confirming that the coverage named on the certificate is real, current, and meets what your contract requires.

Why being only a certificate holder is a risk

If you are only the certificate holder, you have proof the vendor once had a policy, but you are not covered by it. When a claim hits, your own insurance responds and your premiums absorb the consequences of someone else's work. The whole reason to require additional insured status, primary and noncontributory wording, and a waiver of subrogation is to push that cost back onto the party that created the risk. Tracking which vendors actually carry those endorsements, and which only sent a certificate that names you as the holder, is the difference between a real risk transfer and a false sense of security.

This is the same mechanism in other contracts you may deal with. A commercial lease almost always requires the tenant to name the landlord as an additional insured, and real estate teams reviewing many leases use AI lease abstraction software to pull the insurance clause out of every lease automatically. Lenders work the same way: a borrower is commonly required to name the lender as an additional insured or loss payee on the collateral, and lenders reviewing insurance across a loan portfolio lean on AI lender document analysis to confirm it. Collecting an additional insured endorsement is also one step in onboarding a vendor, and the same finance teams keying vendor bills by hand often automate that side with AI invoice data extraction.

Putting it into practice

When you collect a certificate of insurance, check three things, not one. First, confirm you are the certificate holder so you receive cancellation notice. Second, confirm you are named as an additional insured in the description of operations and, for anything beyond low risk, that an endorsement backs it. Third, confirm the primary and noncontributory and waiver of subrogation provisions your contract requires are present. Doing this by eye across hundreds of vendors does not scale, which is why most teams move to certificate of insurance management software that reads each certificate, flags a missing additional insured endorsement, and tracks renewals automatically. Event venues lean on the same checks before load-in, since the venue needs to be an additional insured on every renter and vendor policy, which is the core of COI tracking for event venues. If you are still learning to read the form itself, our guide on how to read an ACORD 25 form walks through every box.