How do you modernize your COI tracking program?

Modernizing your COI tracking program means rethinking how the work happens, not moving your old process into a new system unchanged. The biggest mistake teams make when they switch is lift-and-shift: porting a decade of rules, contacts, and habits into a new platform and wondering why the process feels the same and compliance hasn’t improved. A platform change is one of the few moments you get to fix the process underneath it. This guide walks through what's worth a second look before you migrate.

If you're moving off a fully-managed compliance service, you already know the bottleneck was never the software. It was the model. Putting a human reviewer between you and your third parties adds days to a decision that should take minutes, and it leaves your team waiting on answers instead of acting on them. The good news: the migration itself is where you get to design that latency out for good.

‍

Why is switching COI software the right moment to fix your process?

For 16 years, myCOI ran COI compliance as a fully-managed service and managed more than 45M+ document reviews and cleared 750K+ third-party partners. illumend, from myCOI, is what that team built next: an AI-native compliance platform designed to take the wait out of the model that worked, mostly. That tenure taught us where the old approach breaks, and it also taught us what teams regret after a migration. They regret carrying forward rules nobody remembers writing.

When the repetitive work is delegable to an AI built for insurance compliance, you get room to ask the bigger questions. Why do these requirements exist? Where is the process costing you? What would a better one look like? Before you change platforms, gather your risk team and run a short retrospective. Treat the migration as a strategic reset, because you may not get another clean whiteboard for years.

‍

When upgrading your COI program, where should you start, your rules or your data?

Start with the rules that govern everything else: your insurance requirements. Most teams have requirements living in three places. A formal library, a nuance sheet, and someone's head. Find out which is which before you migrate.

A few things worth revisiting while you're in there:

Standardize your additional insured language. If the same requirement is spelled out two ways across your contracts, you shouldn’t have to negotiate that ambiguity at scale. Standardize first.

Audit your coverage limits. Plenty of companies are still enforcing limits set a decade ago. Inflation is real; your limits may not be. Pick limits that protect the business in 2026 and beyond.

Retire outdated terms. "Broad form for general liability," for example, isn't really a thing anymore, it's vintage shorthand for coverage that's now built into base policies or added by endorsement. Anything outdated you decide to keep, flag it now, before you have to compensate for it on every review.

Decide what gets automatically waived. This is the big one. If you waive a requirement nine times out of ten, does it belong on the active list at all? The exception requests you stop receiving are the ones you never have to deal with again.

‍

What should you clean up in your COI process before you migrate?

With the rules sorted, turn to the digital filing cabinet. Most accounts have zombie partners, aka third parties whose documents you haven't touched in two-plus years and have no legal obligation to retain. Archive them. That way they stop getting pulled into your compliance scores and skew your data.

Then clean the contact records on both sides. Confirm the person listed as a partner's primary contact still works there. And while you're at it, add each partner's insurance agent as a contact. Agents submit certificates and endorsements faster than the partner usually can, and they care about getting the documentation right.

This is also the moment to think about how you group partners. A landscaper and a demolition subcontractor shouldn't carry the same requirements. A partner working in California and one working in Texas shouldn't either. California's environmental rules are notably stricter. If you don't have risk tiers yet, building them now is far easier than retrofitting them later.

‍

Who makes the call when an AI compliance review needs a human?

AI-first compliance reserves human judgment for the genuine exceptions, like the layered coverage structures, the unusual endorsements, the non-standard forms, which is exactly where real-world exposure lives. The question is: when something gets flagged for a human call, who makes it?

Map that escalation path before the migration, not after. Draft the list of people who need to be in it now, so they can be granted platform access on day one. This is the single most common source of post-launch friction: a document gets flagged, and nobody's sure whose desk it belongs on. Decide it up front and the first month adoption launch goes smoother.

‍

How do you get partners to actually adopt the new COI workflow?

Your compliance rate is a function of two things. How well your tool reviews documents, and how easily your partners can submit them. Friction on the partner side caps your ceiling no matter how good the internal tool is.

The teams that get adoption right do three things. They remove the account-and-password wall, so a contractor can submit without creating yet another login. They give partners more than one path, like a portal, an email submission, and a way to loop in the insurance agent directly. And they make the system talk to partners in plain language, so when a submission is wrong, the partner knows exactly what to fix instead of staring at a generic error.

That last point matters more than it sounds. A renewal request that reads like a compliance team wrote it gets ignored. One that explains what's missing and why gets answered. illumend's AI guide, Lumie, drives third parties to resolution in words they can understand and loops in their agent automatically when that's faster.

‍

How does the AI know what to check in an insurance compliance review?

This question comes up in every migration, and it's the right one to ask. Three things, briefly.

Lumie is purpose-built for insurance. It's trained on 16 years of myCOI compliance work and the patterns, the edge cases, the language on additional insured forms, waivers of subrogation, scheduled autos, primary and non-contributory wording.

The rules are yours. illumend trains Lumie on your specific requirements during onboarding. It checks your partners' documents against what your contracts actually require, not a generic industry baseline.

Every decision is auditable. Lumie leaves a reasoning note on every call. If you ever need to defend a compliance decision to an auditor or after a claim, the work is shown and it's in your account the moment you need it, not after someone digs it up.

‍

What does a modernized COI program look like on the other side?

Once the rules are clean and the data is sorted, here's what the program can look like:

• A living requirements library, organized by partner type, not tribal knowledge
• Real-time compliance dashboards, so you know your exposure at any moment
• Your team focused on exceptions and judgment calls instead of data entry
• Faster onboarding, because COI review is no longer the thing everything waits on
• A defensible audit trail if a claim ever traces back to a coverage gap

Finding a technology partner that handles the nuances of your business is the easy part. The hard part is knowing what coverage you actually require and asking whether your current program reflects real risk or historical inertia. The migration is your chance to answer that question on your terms.

Spend 30 minutes with Lumie and decide what your week could look like.