How to Extract ACORD 27 Property
Insurance Data for Lender Compliance
Industry surveys consistently find that companies managing vendor and tenant insurance certificates by hand spend 15 to 20 hours per week on the task — roughly $36,400 annually in labor cost at a $35 hourly rate, before accounting for the far larger cost of an undetected coverage gap. That number is usually cited in the context of liability COIs. But for every commercial mortgage portfolio, real estate investment trust, and multi-property landlord, a parallel stack of documents sits in a folder marked "property insurance" — ACORD 27 Evidence of Property Insurance forms — generating the same manual data entry workload with a different set of compliance risks attached.
Key Takeaways
- A single ACORD 27 certificate with a missed coverage gap exposes the full loan balance — not one claim. And most lenders are tracking hundreds of them by hand.
- Manual reviewers almost never check coinsurance percentage or valuation method — the two fields most likely to hide a compliance breach. After 7 minutes of typing per certificate, there is zero time left for review.
- 85 certificates used to be 10 hours of data entry. Extraction turns that into 15 minutes of processing — and leaves 9 hours and 45 minutes for the compliance review that actually prevents a covenant default.
The ACORD 27 — formally titled "Evidence of Property Insurance" in the ACORD forms library maintained by the Association for Cooperative Operations Research and Development — is the insurance industry's standard one-page document for verifying that a commercial or residential property carries active coverage. It is distinct from the ACORD 25 Certificate of Liability Insurance in both function and compliance logic: the 25 proves a contractor or vendor can pay if they injure someone or damage something; the 27 proves a borrower's building, contents, and equipment are financially protected against fire, theft, and other perils. Both forms carry 89 fillable fields — but the fields that matter for compliance are completely different sets, and reading them from a PDF and typing them into a spreadsheet row-by-row consumes the same 5 to 10 minutes per certificate regardless of which form you are holding.
Fannie Mae's Selling Guide B7-3-07 explicitly requires lenders to retain evidence of property insurance for every loan they purchase, with the certificate signed by the insurer and containing all information needed to verify compliance. Other secondary-market investors and commercial mortgage-backed securities trustees impose similar documentation standards. Compliance, in this context, does not mean "we stored the PDF." It means the coverage amounts, deductibles, valuation method, coinsurance percentage, and mortgagee clause information can be surfaced, compared against the loan agreement, and flagged if anything falls short — ideally without paying a $8 to $15 per-certificate fee to an enterprise COI tracking platform for data entry the AI can do in seconds.
This article walks through extracting ACORD 27 data into a structured compliance spreadsheet using semantic AI extraction — an approach that reads a form by understanding what each field means rather than where it sits on the page. For a broader introduction to COI extraction across all form types, see our complete guide to COI data extraction. This article focuses specifically on the property insurance side of the workflow.
What Makes ACORD 27 Different from the COI Forms You Already Handle
The ACORD 25 and ACORD 27 share a layout language — they come from the same forms organization, each runs a single page, each packs data into labeled fields and checkboxes. But the compliance problem they solve is structurally different.
The ACORD 25 Certificate of Liability Insurance answers one question: "Can this contractor pay for damages they cause?" Its compliance review is about coverage limits, additional insured status, waiver of subrogation, and policy expiration — all tied to third-party risk. Our complete ACORD 25 guide and ACORD 25 extraction tutorial cover that workflow in detail.
The ACORD 27 Evidence of Property Insurance answers a different question: "Is the collateral insured?" For a lender holding a mortgage on a $4.2 million commercial building, the critical fields are not liability limits — they are the building coverage limit, the deductible amount, the coinsurance percentage, the valuation method (Replacement Cost vs. Actual Cash Value), whether ordinance or law coverage is included, and whether the lender is correctly named as mortgagee or lender's loss payable. A $5,000 deductible is negligible. A $50,000 deductible on a $4.2 million property means the borrower carries $50,000 of uninsured exposure — and if the loan agreement caps the deductible at $25,000, that gap is a covenant default, not just a paperwork oversight.
The ACORD forms library also includes the ACORD 28 — Evidence of Commercial Property Insurance — which extends the 27 with more detailed lender-protection language and is the preferred format for larger commercial real estate transactions. But the ACORD 27 remains the most commonly issued property evidence form for small-to-mid-commercial and residential investment properties, and the extraction workflow is the same regardless of which variant lands in your inbox.
The distinction matters because the industry's COI tracking conversation almost always defaults to liability. Property insurance evidence runs on a parallel track with parallel consequences — a lender holding a mortgage with an undetected property coverage gap carries exposure measured in the full outstanding loan balance, not just a single claim.
The Fields That Actually Matter for Lender Compliance
The ACORD 27 contains 89 fillable fields. For compliance purposes, approximately 15 to 20 of those fields carry real weight — the rest are administrative identifiers that matter for record-keeping but do not affect whether coverage meets the loan agreement. Knowing which fields to extract, and why each one matters, is the difference between a spreadsheet that supports compliance decisions and one that just organizes data.
Policy identifiers: The carrier name, policy number, effective date, and expiration date form the baseline. An expired policy is not coverage — it is an expired document. Every compliance spreadsheet must flag policies within 30 days of expiration, and no tracking system can do that if the dates are still inside unread PDFs.
Property location and description: Fannie Mae B7-3-07 requires that the certificate confirm the specific property covered. The address on the ACORD 27 must match the mortgaged property address. A certificate that lists the insured's corporate headquarters instead of the actual collateral property does not satisfy the requirement.
Coverage type and perils insured: The form specifies whether coverage is written on a Basic, Broad, or Special form. "Special" (sometimes labeled "all-risk") provides the broadest protection — it covers any cause of loss not specifically excluded. "Broad" adds named perils beyond the Basic set. Commercial mortgage agreements frequently require Special-form coverage. If a certificate shows Basic-form coverage on a loan that requires Special, the gap is a covenant breach.
Amount of insurance and deductible: The building coverage limit must meet or exceed the loan agreement's minimum — typically the lesser of the outstanding loan balance or the full replacement cost. The deductible must fall within the agreement's allowable range. These are straightforward numeric comparisons, but they require reliable extraction to automate.
Coinsurance percentage: This is one of the most overlooked fields on the ACORD 27 and one of the most consequential. A standard commercial property policy includes an 80% coinsurance clause — the insured must maintain coverage equal to at least 80% of the property's replacement cost to receive full payment on partial losses. If the policy carries a 90% or 100% coinsurance requirement, the insured must carry correspondingly higher coverage. A property insured at $3 million with a 90% coinsurance clause and a replacement cost of $4 million is underinsured by $600,000 and faces a proportional penalty on any claim. The coinsurance percentage on the certificate must be extracted and compared against the loan agreement's requirement.
Valuation method: Replacement Cost (RC) — the cost to rebuild with materials of like kind and quality, without deducting depreciation — is the standard most commercial lenders require. Actual Cash Value (ACV) — replacement cost minus depreciation — leaves the lender exposed to a depreciation gap that can run 20% to 50% on older structures. A certificate listing ACV where the loan agreement requires RC is a coverage deficiency, and detecting it requires extracting a field that most manual reviewers never check.
Ordinance or Law coverage: If a building is partially damaged, local building codes may require bringing the undamaged portion up to current code — at a cost the base property policy does not cover. Ordinance or Law coverage fills that gap. Many commercial mortgage agreements require it, and the absence of this endorsement creates a coverage shortfall that a standard coverage-limit check will not catch.
Mortgagee / Lender's Loss Payable / Additional Insured: The additional interest section names the party with a financial interest in the property and specifies the relationship type. A lender listed as "Mortgagee" or "Lender's Loss Payable" has stronger protections than one listed as "Certificate Holder" alone. Legal analysis from SW&M notes that courts have described certificates of insurance as effectively "worthless" to the certificate holder — the real protection comes from the underlying policy's mortgagee clause, which guarantees the lender receives payment even if the insurer has a defense against the borrower's claim. The certificate proves the clause exists; it does not substitute for it. Extracting the additional interest designation lets a compliance reviewer quickly check whether the lender is named in the correct capacity.
Loan number: On a portfolio of 200 properties, matching each certificate to the correct loan file requires the loan number. This field is small but operationally critical — a spreadsheet with 200 rows of extracted data is useless if you cannot map each row back to its loan.
Setting Up Your Extraction Columns
With the key fields identified, the next step is defining the output columns your extraction tool will populate. This is where Custom Column Extraction — typing the field names you want and letting AI locate each value by understanding what it means, rather than by matching a template to a fixed position — becomes decisive.
Traditional template-based OCR tools require you to draw rectangles around each field on a reference form and then hope every subsequent certificate uses identical positioning. Different insurance agencies format their ACORD 27 outputs differently — one might place the coinsurance percentage in the coverage grid, another in the remarks section, a third on a separate schedule page. Position-based extraction breaks the moment the layout shifts. Semantic extraction — reading by field meaning — handles layout variation without per-agency configuration.
Here is a practical column set for a lender compliance tracker, with explanations for the fields that benefit from extraction specificity:
| Column Name | What to Type for Extraction | Why It Matters |
|---|---|---|
| Named Insured | Named Insured | Identifies the borrower/entity holding the policy |
| Insurance Carrier | Insurance Carrier / Company Name | For carrier rating verification and AM Best lookup |
| Policy Number | Policy Number | Unique identifier for coverage verification |
| Policy Effective Date | Policy Effective Date | Start of coverage period |
| Policy Expiration Date | Policy Expiration Date | End of coverage — must be ≥ today's date |
| Property Address | Property Location / Insured Property Address | Must match collateral property address |
| Building Description | Building Description / Occupancy | Verifies coverage applies to correct structure type |
| Coverage Type / Perils Insured | Coverage Type / Causes of Loss (Basic, Broad, or Special) | Special = broadest; Basic = named perils only |
| Building Coverage Limit | Amount of Insurance — Building | Must ≥ loan agreement minimum |
| Business Personal Property Limit | Amount of Insurance — Business Personal Property / Contents | Covers equipment, inventory, tenant improvements |
| Deductible | Deductible Amount | Must ≤ loan agreement maximum allowable |
| Coinsurance Percentage | Coinsurance Percentage | 80% / 90% / 100% — determines underinsurance penalty threshold |
| Valuation Method | Valuation (Replacement Cost, Actual Cash Value, or Agreed Value) | RC = full rebuild; ACV = depreciated — most lenders require RC |
| Ordinance or Law Coverage | Ordinance or Law Coverage (Included / Not Included) | Covers code-mandated upgrades after partial loss |
| Mortgagee / Additional Interest Name | Mortgagee / Certificate Holder / Additional Interest Name | Must name the correct lending institution |
| Additional Interest Type | Interest Type (Mortgagee / Lender's Loss Payable / Loss Payee / Additional Insured) | Mortgagee = strongest lender protection |
| Loan Number | Loan Number / Account Number | Links certificate to loan file |
| Producer / Agency Name | Producer / Insurance Agency Name | Contact for corrections or verification requests |
For fields like valuation method and coinsurance percentage that may appear as checkboxes, abbreviations, or embedded narrative text rather than discrete labeled fields, including clarifying hints in the column name — as shown above — helps the AI identify the information regardless of how the agency formatted it. The extraction engine reads the entire form, not just form-field labels.
If your loan agreement also requires business interruption coverage or inland marine (equipment floater) coverage, add corresponding columns. The column set is yours to define — an advantage over rigid platform schemas that force every certificate into a preset grid.
From a Stack of PDFs to One Compliance Spreadsheet
The extraction workflow is straightforward, but the batch dimension is where the time savings compound. A commercial mortgage portfolio of 85 loans generating annual ACORD 27 renewals produces roughly 7 certificates per month — plus initial certificates for new originations. Processing these individually, certificate by certificate, still leaves someone tethered to the upload button.
Batch processing — uploading all certificates at once and processing them as a group — collapses the per-certificate overhead that dominates manual and single-file workflows. Instead of 85 separate upload-download-save cycles, you drop the full folder and receive a single spreadsheet with one row per certificate, columns populated from the field names you defined.
For a portfolio of 85 certificates, the labor arithmetic shifts meaningfully. At 7 minutes per certificate for manual entry, that is roughly 10 hours of data entry spread across the year. At 10 seconds per certificate for AI extraction — the typical processing time for a single-page form — the same workload compresses into approximately 15 minutes, and the output arrives as a pre-formatted spreadsheet rather than requiring someone to type the first column header.
Files are processed securely and not stored.
One implementation note: the ACORD 27 often arrives as a flattened PDF — the agent prints it from their agency management system and emails it. The AI reads the printed text from the rendered page, not from the PDF's internal form fields, so flattening does not affect extraction accuracy. The same document that a person would visually read to type into a spreadsheet works identically for AI extraction.
Why Lender Compliance Goes Beyond Data Entry
Getting the data out of the PDF and into a spreadsheet solves the throughput problem. It does not, however, solve the deeper compliance risk: a certificate of insurance is not a contract between the certificate holder and the insurer. The ACORD 27 form itself, in its standard language, states that it is issued "as a matter of information only" and "confers no rights upon the certificate holder."
The data on the certificate is a snapshot — accurate at the moment the agent issued it. The policy can be cancelled, non-renewed, or modified the next day, and no one is obligated to notify the certificate holder unless the mortgagee clause in the underlying policy specifically requires it. Even then, notice periods vary — 10 days for non-payment of premium, 30 days for other cancellation reasons — and a certificate that was valid when filed may be void by the time a claim occurs.
This means the compliance workflow does not end at extraction. The spreadsheet you produce is a working document that requires ongoing maintenance:
- Expiration tracking. Every row with a policy expiring within 30 days requires a renewal certificate. Automated extraction makes seeing the expiring policies instantaneous — filter by the expiration date column — but someone still needs to request the renewal.
- Coverage threshold comparison. Extracted coverage limits, deductible amounts, and coinsurance percentages should be compared against loan agreement requirements. A conditional-formatting rule in Excel that turns a cell red when the building limit falls below $X or the deductible exceeds $Y turns a data table into a compliance dashboard.
- Valuation method audit. Sort by the valuation method column. Any row showing Actual Cash Value where the loan agreement requires Replacement Cost is a coverage deficiency that needs escalation — not a data entry error.
- Mortgagee verification. Confirm that the lender's name appears correctly in the additional interest section and that the designation is Mortgagee or Lender's Loss Payable, not merely Certificate Holder. A certificate holder designation grants no policy rights.
- Cross-reference with liability COIs. Properties involving tenants or contractors typically require both ACORD 25 liability certificates and ACORD 27 property evidence. A borrower who submits one but not the other has an incomplete compliance file. Our COI extraction hub covers the liability side of this dual-track process.
The operational shift extraction enables is this: instead of spending the compliance review window on data entry — locating policy numbers in a dense form and typing them into cells — the reviewer spends it on the actual compliance decisions the data entry was supposed to support. A portfolio of 85 certificates that used to consume 10 hours of typing now consumes 15 minutes of processing, leaving 9 hours and 45 minutes for verifying that the extracted data meets the loan agreement's requirements. That is the difference between a documented portfolio and a managed one.
Frequently Asked Questions
Can AI extract data from a scanned or handwritten ACORD 27?
Yes. Modern AI extraction reads text from rendered page images — whether the source is a digital PDF, a flatbed scan, or a phone photo of a printed certificate. Handwritten annotations in the margins or checkboxes marked by pen are also readable, though handwriting accuracy is slightly lower than printed text. For documents where a borrower has handwritten a loan number or additional information in the remarks field, the AI will attempt extraction and flag low-confidence results for manual review.
What is the difference between an ACORD 27 and an ACORD 28?
The ACORD 27 is the standard Evidence of Property Insurance form, suitable for residential and small-to-mid commercial properties. The ACORD 28 is the Evidence of Commercial Property Insurance form, which includes additional lender-protection language, more detailed coverage schedules, and is the preferred format for larger commercial real estate transactions. Both forms contain comparable data fields, and the extraction workflow described here applies to both.
Does the ACORD 27 form itself provide legal protection to the lender?
No. The ACORD 27, like all certificates of insurance, is issued as "a matter of information only" and does not modify the underlying policy or create a contractual relationship between the insurer and the certificate holder. A lender's actual protection comes from the mortgagee clause in the property insurance policy, which must be endorsed onto the policy by the insurer. The certificate is evidence that the policy exists — not a substitute for the policy itself. This is why verifying the mortgagee designation and loan number on the certificate, and cross-referencing against the loan file, remains a human-review step even after data extraction.
How many certificates can I process at once?
Batch processing limits depend on the extraction tool's capacity and your account plan. Most tools that support batch processing can handle 20 to 50 certificates per batch. For portfolios exceeding that volume, splitting into multiple batches is straightforward — define the columns once, then run successive batches with the same column configuration.
Does position-based OCR work for ACORD 27 forms?
It works — until it does not. The ACORD 27 is a standardized form, but different agency management systems render it with different field positions, margins, and text-wrapping behavior. A template configured for one agency's output will misalign on another's. Position-based OCR also fails on scanned documents where slight skew or rotation shifts all field coordinates. Semantic AI extraction avoids this fragility by reading the form's content rather than relying on coordinate maps, so it handles layout variation without per-agency template maintenance.
Extraction turns the ACORD 27 compliance workflow from a transcription task into a review task — and the review is where a lender's risk management actually happens. The spreadsheet is the starting point, not the finish line.