SDV Insights

Beyond the COI: The Importance of an Owner's or Facilities Manager's Downstream Insurance Review Program

The risk of bodily injury lawsuits is an unavoidable reality for property owners and facilities managers (“FMs”) of large commercial sites such as universities, malls, office buildings, or stadiums. Any person who steps foot on the property is a potential plaintiff, including students, tenants, customers, contractors, and vendors.

Insurance mitigates these risks, but a property owner’s or FM’s risk transfer strategy should include more than their own suite of general liability and other third-party policies. Ensuring additional insured status on a vendor’s or contractor’s policy is also essential to a comprehensive risk transfer strategy. In a functional risk transfer program, a vendor’s or contractor’s general liability insurer should defend and indemnify property owners or FMs as additional insureds (“AIs”) for liability for bodily injury caused, in whole or in part, by the vendor’s or contractor’s operations. When this works as intended, it effectively transfers costs associated with such a lawsuit from the owner or FM to the vendor’s or contractor’s insurer. It also increases the insurance limits available for a loss.

AI status, however, does not appear out of thin air. Owners and FMs must ensure that their contracts require AI coverage and that downstream parties obtain the proper AI endorsements. Most owners and FMs attempt to monitor a downstream party’s insurance by collecting certificates of insurance (“COIs”), but the generalities contained in a COI are not the controlling policy terms and may not tell the whole story. The solution is a compliance program for downstream vendors’ and contractors’ insurance that requires submission and review of the policies themselves to ensure that the downstream parties have complied with their contracts’ insurance requirements.

A basic compliance program can help avoid the following pitfalls:

Privity Conditions
Many AI endorsements only respond if there is a direct contract between the named insured (i.e., the downstream party) and the AI—also referred to as contractual privity. Many states interpret the following common endorsement language to require privity of contract:

[An additional insured is a]ny person or organization for whom you [the named insured] are performing operations when you and such person or organization have agreed in writing in a contract or agreement that such person or organization be added as an additional insured on your policy.

Privity conditions also may be written into the schedules of AI endorsements that would otherwise not contain privity requirements, including CG 20 10 and CG 20 37. The schedule may be limited to anyone “with whom you have a written contract or agreement.” This is interpreted in many States to require privity of contract and can potentially prevent downstream risk transfer. By way of example, when owners hire a professional FM, the FM typically assumes responsibility for contracting with vendors. As part of its duties, the FM executes the work order or maintenance contract with a vendor. This means that the FM and not the owner is the party to that contract. If the vendor’s insurance policy contains an AI endorsement with a privity condition, only the FM and not the owner will qualify as an AI.

Such a failure of risk transfer will create expense for the owner. The owner may look to the FM for a defense and indemnity, but there is likely to be a damages limitation in the FM’s agreement with the owner. The owner will no longer have the additional protection of the vendor’s policy limits.

Lack of Primary and Non-Contributory Coverage
Downstream parties’ policies may also fail to make their insurance “primary” or first in line to respond to a lawsuit against an AI. Without specific endorsements to make a downstream contractor’s insurance policy primary to and non-contributory with an AI’s own policies, there can be multiple risk transfer failures. This could result in an owner’s or FM’s insurance being required to respond as co-primary with the downstream party’s insurance or after the downstream party’s primary policy but before its excess policy. Clearly, this is not the intent where liability arises out of the downstream party’s operations. Nonetheless, the contractor’s insurer may not be required to respond without affirmative language in the policy reflecting these requirements.

Ongoing Operations versus Completed Operations Coverage
Liability insurance typically distinguishes between coverage for an insured’s ongoing operations and its completed operations. Completed operations coverage responds when the work called for in a downstream party’s contract is completed or has been put to its intended use. (For example, someone is injured by an escalator after a contractor’s work on the escalator is completed.)

Downstream parties’ policies will sometimes limit AI coverage to liability arising solely out of ongoing operations or only provide completed operations coverage if required in the downstream party’s contract. The related problem is that downstream parties may not maintain completed operations coverage after their work is finished, thereby depriving owners and FMs of downstream insurance protection from defects left behind on the premises.

Coverage for Downstream Parties’ Indemnification Obligations
The ISO CG 00 01 04 13 general liability policy excludes coverage for bodily injury to employees of the insured for liability arising out of and in the course of their employment (the “employers liability exclusion”). However, that same exclusion does not apply to liability assumed by the insured under an insured contract. The definition of an insured contract includes a contract for a lease of premises. It also includes the assumption of the tort liability of another to pay for a third party’s bodily injury. If the insured contract exception to the employer’s liability exclusion is deleted or restricted, however, the risk transfer to the contractor’s insurance may fail, and an owner’s or FM’s lawsuit for contractual indemnification may not be covered.

Restrictions in the Trade Contract that Limit Coverage
Contractual language may unnecessarily restrict the coverage where the AI endorsement incorporates the contract’s limiting language. The ISO AI endorsements CG 20 10 04 13 and CG 20 37 04 13 restrict the coverage to AIs so that it “will not be broader than” what the contract requires. Accordingly, if a maintenance contract required only $1 million in limits and the contractor’s policy has a $2 million per occurrence limit, the contract’s limitation would control, and the additional insured would only be entitled to a maximum of $1 million in coverage. A similar situation occurs if the contract only requires coverage for the negligence of the named insured. If the downstream party’s policy provides coverage for liability caused in whole or in part by the named insured, the more restrictive contract-based trigger controls and the AI would only be entitled to coverage for the named insured’s negligence.

What you do not know can destroy your risk transfer program. While the preceding issues do not exhaust the AI coverage problems for owners and FMs, they are some of the most common and most critical. The potential liability for even a single accident can be expensive, and the cost of defense sometimes exceeds the liability. However, with a properly executed risk transfer compliance program, many of these expenses can be shifted to downstream parties’ insurance policies.

For more information, contact Hugh D. Hughes at, Eric M Clarkson at or Mollie H. Levy at

Click on this link to view the article in pdf format


The email you are sending does not create an attorney-client relationship with SDV. We do not agree to representation until we have performed a check for conflicts of interest and expressly agree to provide services in a particular matter via an engagement letter. The information submitted to us via this website will NOT be treated as confidential or privileged as a lawyer/client communication and our receipt of this information does not prevent us from representing a client related to the subject of your inquiry.


35 Nutmeg Drive, Ste 140
Trumbull, CT 06611


136 Madison Avenue, 6th Fl.
New York, NY 10016


233 Mount Airy Road
Basking Ridge, NJ 07920



999 Vanderbilt Beach Road, Ste 603
Naples, FL 34108


West Coast

One BetterWorld Circle, Ste 300
Temecula, CA 92590


SDV is headquartered in Connecticut, with regional offices located in New York, New Jersey, Florida, and California to better serve our clients nationwide. We have the experience and insight to effectively address your insurance coverage concerns and provide practical solutions to any risk transfer challenges you face.