A carrier onboarding packet is the set of documents a freight broker collects to verify a carrier before the first load: W-9, certificate of insurance, operating authority, a signed broker-carrier agreement, and payment details. That part has not changed in twenty years. What changed is what happens when the packet is wrong. Cargo thieves stole a reported $725 million in 2025, brokers can now be sued in state court for hiring an unsafe carrier, and the plaintiff's first discovery request names your onboarding file. This playbook walks the process end to end: what to collect, what to check, the red flags that should stop a setup, and the record that protects you, whichever freight broker software you run it on.
First, the thirty-second version of why this process got harder.
Why carrier onboarding is higher-stakes in 2026
On May 14, 2026 the Supreme Court ruled 9 to 0 in Montgomery v. Caribe Transport that federal law does not shield brokers from state negligence lawsuits over carrier selection. The working standard is ordinary care: review the safety data available to you, act on red flags, and be able to show that you did. Plaintiff firms adjusted within weeks, and onboarding documentation is now a named discovery target.
Fraud pressure rose in parallel. CargoNet counted about $725 million in reported cargo theft in 2025, up roughly 60 percent, with the average theft near $274,000. Overhaul's Q1 2026 data has deceptive pickups up 31 percent year over year, with roughly one theft in three now starting with deception rather than a broken lock. Highway reports blocking about 2 million fraudulent carrier emails in 2025 alone.
None of that argues for slower onboarding. It argues for a process that is fast because it is structured, and defensible because it is dated. Here is that process.
The carrier onboarding process, step by step
Run these seven steps in order, every time, for every carrier. The part that matters most: no step gets skipped when the load is hot, because hot loads are exactly what fraud rings target.
1Capture the carrier at intake
Start every setup from the number, not the email. Take the MC or USDOT number, plus the dispatcher's name, phone, and email, and enter them into your system before anything else. Everything the carrier claims will be tested against what that number says.
Do carriers still have MC numbers? Yes. Despite a persistent rumor that FMCSA retired MC numbers in October 2025, the agency's own guidance says docket numbers (MC, MX, FF) continue under the new Motus registration system that opened to all registrants in Q2 2026, and elimination remains under consideration for a future rulemaking, nothing more. What did change: new USDOT numbers are randomized, new registrants carry type suffixes, and everyone now passes Login.gov and IDEMIA identity verification. Treat "my MC is gone" as a claim to verify, not a fact.
2Verify authority and safety
Pull the FMCSA record. You are confirming four things: authority is active, there is no out-of-service order, the safety rating is acceptable, and the authority is old enough to have a history. Fresh authority is not automatically fraud, but authority under about 90 days deserves extra scrutiny, and several large brokerages will not onboard it at all. The mirror image matters just as much now: FMCSA's March 2026 bulletin confirmed an open market in bought and sold DOT numbers, precisely because aged authority passes screens that new authority cannot, so an old number with a fresh ownership, name, or address change deserves the same scrutiny as a brand-new one. Then read past the rating into the record itself: two years of inspection history, violation patterns, out-of-service rates against the national averages, roughly 21 percent vehicle and 6 percent driver, and crash data. One bad inspection is noise; the same violation category recurring across inspections is a pattern, and patterns are what a plaintiff's expert will point to later. Three quieter reads while you are in the record: the MCS-150 must be refreshed every two years, and a stale one can get a DOT number deactivated; the self-reported fleet should survive contact with the capacity being promised, because one power unit offering five trucks of freight is its own answer; and a carrier that also holds broker authority can legally re-broker your load, which is why many brokerages decline dual authority outright. Save what you pulled, with the date on it.
Most carriers have no safety rating at all. A formal rating only exists after FMCSA completes a compliance review, and roughly 92 percent of active interstate carriers have never had one, so Unrated is the normal state, not a warning. The scale to actually use: Unsatisfactory is a disqualifier by law. Conditional is the profile Caribe Transport had on the day of dispatch, which makes it the single most scrutinized data point in a post-Montgomery review; treat it as a documented exception or a decline. Unrated means the inspection record has to carry the analysis. And note that BASIC percentile scores for property carriers are not public under the FAST Act; what you can see is the underlying inspection, violation, and crash data, which is exactly what vetting platforms model their scores from.
3Screen identity and fraud signals
This is the step manual processes skip and thieves rely on. Compare the phone, email, and address the carrier gave you against the FMCSA record, and check whether those official contacts changed recently, a classic takeover pattern. FMCSA's own fraud guidance is blunt: when the numbers differ, call the number on the federal record, not the one in the email, and if the record shows no phone at all, do not book until you can verify. Two patterns worth knowing by name: impersonation, where a fraudster borrows a real carrier's clean identity, and the chameleon carrier, a shut-down operation reborn under a new MC, often betrayed by a shared address, officer, or insurance producer with the old one. Identity-verification platforms like Highway, Descartes MyCarrierPortal, and RMIS run these checks systematically, down to inbox, device, and VOIP signals. Then consult the industry's memory, which federal data never records: FreightGuard reports on Carrier411, Highway's community alerts, and TIA Watchdog log the double-brokered loads, hostage freight, and unexplained no-shows other brokers already paid to learn about. A carrier who cannot pass identity verification does not haul.
4Confirm the insurance, properly
Require the certificate of insurance directly from the insurance producer, the licensed agent or agency that issued the policy, not as a PDF forwarded by the carrier. Certificates are easy to forge and easy to outdate, and a COI is evidence of insurance, not the insurance itself: it cannot amend the policy, and when the certificate and the policy disagree, the policy wins. It is also only guaranteed accurate on the day it was issued. Common broker minimums are $1 million auto liability and $100,000 cargo, with your brokerage listed as certificate holder; the real standard is that limits match the freight, because a $100,000 policy on a $180,000 load means someone is self-insuring the gap.
Then ask the producer four questions that a certificate alone cannot answer. Is the policy active today, since carriers can cancel the day after a certificate prints? Does the cargo policy's commodity schedule cover this freight, because electronics, alcohol, tobacco, pharmaceuticals, and fresh meat and seafood are routinely excluded or sub-limited? For temperature-controlled freight, is there a reefer breakdown endorsement, without which a spoiled load is simply not covered? And what are the theft conditions and the deductible, since unattended-vehicle clauses and deductibles above roughly $10,000 quietly move the risk back to you. On the auto side, check whether liability reads Any Auto or Scheduled Autos: a scheduled policy covers only the listed vehicles, so the truck that shows up must be on the schedule. One more thing certificates hide: cargo coverage is no longer filed with FMCSA at all, so the federal record proves liability filings only, and cargo exists only as far as the producer confirms it. While you are in that federal record, read the filing history too: repeated short-lived policies across different insurers is a carrier surviving on the cheapest coverage that will bind, and a fresh cancellation with no replacement on file is a stop, not a question. An expired or unverifiable COI is the single most common reason a setup fails; an unread exclusion is the most expensive.
5Send the packet, collect it digitally
Send one link with everything: profile form, W-9, agreement to sign, insurance request, payment details, and notice of assignment if the carrier factors. Digital packets come back faster and file themselves. Emailed PDFs generate four to eight threads per carrier, and manual processes lose roughly half of applicants before the packet is complete. The packet is also a fraud filter in its own right: an impersonator cannot connect the real carrier's ELD, and operators with something to hide tend to drop out the moment onboarding asks for identity verification and telematics access. Tools that do this well include DAT OnBoard, Truckstop RMIS, and TMS platforms with onboarding built in.
6Review and decide, on the record
Give compliance the whole record in one view and require an explicit approve or decline, with the reason. The decision, the data behind it, and the timestamp become the file you produce if a claim or a lawsuit ever asks how this carrier was vetted. The strongest version of that file is load-linked: a verification snapshot tied to each dispatch date, because the legal question is what you knew when you tendered the load, not what you checked at setup.
7Set up, dispatch, and keep verifying
Enter the approved carrier once, wire the payment path, and give their first load some margin for error rather than your hottest freight. Then re-verify on a cadence. Authority, insurance, and safety status all change after day one: policies cancel mid-term, authorities are revoked, ratings drop. Continuous monitoring that flags a lapsed policy or a revoked authority the day it happens, or at minimum a scheduled re-pull of every active carrier, keeps a clean approval from quietly becoming a stale one.
The carrier onboarding packet: complete checklist
Here is the complete carrier packet checklist: everything a full packet covers. The middle column is why the item exists. The right column is the check that actually protects you.
| Item | What it proves | Check before you accept |
|---|---|---|
| Carrier profile form | Who they are: contacts, equipment, lanes | Details match the FMCSA record, not just each other; equipment fits the freight |
| W-9 | Legal name and tax ID for payment | Name matches the operating authority exactly |
| Certificate of insurance | Active coverage at your minimums | Producer-issued; commodity covered, exclusions read; limits match the freight; you are certificate holder; dates current |
| Operating authority | Legal right to haul the freight | Active, no out-of-service order; note the authority age |
| Broker-carrier agreement | Terms, liability, back-solicitation | Signed by a person whose name appears in the record |
| Safety rating & CSA snapshot | Fitness to operate safely | Not Unsatisfactory; Conditional only as a documented exception; save what you saw, with the date |
| Notice of assignment (if factored) | Who actually gets paid | Factor verified; remittance confirmed by call-back |
| Payment / ACH details | Where the money goes | Verified through the factor or a call-back, never email alone |
| References (optional) | Track record with other brokers | One call to a broker they hauled for recently |
| The dated decision record | That you exercised ordinary care | Every check above stamped with what was reviewed and when |
Red flags that should stop an onboarding
Most freight fraud is not hacking. It is a confident stranger with slightly wrong paperwork, moving fast. These are the patterns that pay to catch at intake, before a packet ever goes out.
| Red flag | Why it matters | What to do |
|---|---|---|
| Authority under ~90 days, or just reinstated | New and recycled authorities are the classic fraud vehicle | Slow down; require identity verification; start small, if at all |
| Contacts differ from the FMCSA record | Impersonation of a real carrier | Call the number on file with FMCSA, not the one in the email |
| Official contact info changed recently | Account-takeover pattern | Verify with the carrier through an independent channel |
| COI arrives from the carrier, not the producer | Certificates are easy to forge | Insist on producer-issued; verify the producer independently |
| Names differ across W-9, COI, and authority | An identity stitched together from pieces | Stop until every document shows the same legal name |
| Free email domain or VOIP-only phone | Disposable identity infrastructure | Weight it with other signals; verification before anything moves |
| Zero inspections, or inspections far from claimed lanes | Paper-active but possibly not operating, or not where they claim | Ask for recent proof of operation; weight it with other signals |
| Aged authority, fresh ownership or address change | Bought and transferred DOT numbers are a real market | Treat it as new authority; verify the humans, not the number |
| Carrier also holds broker authority | Can legally re-broker your load to someone you never vetted | Many brokerages decline outright; at minimum forbid re-brokering in the agreement |
| Same address or officers as another carrier | Chameleon pattern: a shut-down operation reborn under a new MC | Cross-check before approving; decline if the old entity was revoked |
| COI shows Scheduled Autos, or excludes your commodity | Coverage that will not pay the claim you would actually file | Confirm the truck is on the schedule and the commodity is covered, with the producer |
| Pressure to dispatch same-day | Urgency is the fraudster's main tool | The hotter the load, the more the process matters |
| Rate accepted far below market | Getting the load is the point, not the margin | Treat it as a signal, not a win |
| Payment-detail change requests mid-stream | Payment redirection scam | Confirm by calling a number you already had on file |
One discipline turns this table from a poster into protection: when you clear a flag and proceed anyway, write down why. A documented exception, with the evidence you weighed, is a judgment call a court can respect. A silent one reads as a corner cut.
How long should carrier onboarding take?
Done manually and done well, the carrier onboarding process takes 30 to 45 minutes of active work per carrier, and an elapsed time across email round-trips that commonly stretches to 7 to 14 days, during which roughly half of carriers abandon the process. Done with pulled data and a digital packet, active work drops to minutes and elapsed time to a day or two. Three numbers worth tracking: active minutes per approval, days from intake to decision, and the share of your active carriers re-verified in the last 90 days.
Common questions
What is a carrier onboarding packet?
It is the document set a freight broker collects to verify and set up a carrier before the first load: a carrier profile form, W-9, certificate of insurance, proof of operating authority, a signed broker-carrier agreement, payment details, and a notice of assignment when the carrier factors. The packet is one part of onboarding; verification and the recorded decision are the rest.
What documents should a carrier packet include?
The complete checklist: carrier profile form, W-9, producer-issued certificate of insurance, operating authority verification, signed broker-carrier agreement, safety rating snapshot, notice of assignment if factored, payment details, optional references, and a dated record of every check and the final decision.
Do carriers still have MC numbers in 2026?
Yes. FMCSA's Motus registration system opened to all registrants in Q2 2026 and continues to issue docket numbers, including MC numbers. Eliminating them remains a proposal under consideration, not a rule. What is new: randomized USDOT numbers with type suffixes for new registrants, and identity verification through Login.gov and IDEMIA.
How long does carrier onboarding take?
A thorough manual process takes 30 to 45 minutes of active work per carrier and often 7 to 14 elapsed days across email round-trips. With automated data pulls and a digital packet, active work drops to minutes and most carriers are approved within a day or two.
What insurance should a freight broker require from a carrier?
The common floor is $1 million auto liability and $100,000 cargo coverage, with the brokerage listed as certificate holder and the COI issued directly by the insurance producer. Many shippers and commodities require higher limits, and the cargo limit should match the value of the freight, not just the floor. Confirm the commodity is covered and read the exclusions: electronics, alcohol, pharmaceuticals, and fresh food are commonly excluded, and reefer loads need a breakdown endorsement.
What is an insurance producer on a COI?
The producer is the licensed insurance agent or agency that issued the certificate, named in the top-left box of the standard ACORD form. It is not the carrier and not the insurance company's claims desk. Certificates should come from the producer directly, and coverage questions, like whether a commodity is excluded or a policy is still active, are answered by calling the producer on a number you verified independently.
Does a certificate of insurance prove a carrier is covered?
No. A COI is evidence that a policy existed when the certificate was issued, and it cannot change what the policy actually covers; if the two conflict, the policy controls. A policy can also be cancelled the day after the certificate prints. And since carriers no longer file cargo coverage with FMCSA, the federal record proves liability only. The reliable check is the producer confirming, today, that the policy is active and the commodity is covered.
What is ordinary care in carrier selection?
After Montgomery v. Caribe Transport (May 2026), brokers can be sued under state law for negligently selecting an unsafe carrier. Ordinary care in practice means reviewing the safety data available, acting on red flags, and keeping a dated record of the process. A structured, documented onboarding file is the strongest evidence of all three.
The honest takeaway: the packet is the easy half. Any brokerage can collect ten documents. What separates a defensible onboarding process is the checking, the red-flag discipline, and a dated record of both, kept somewhere you can find it in an afternoon. If that record lives in your freight broker TMS software next to the loads themselves, it writes itself as you work.
That is the design behind UltraShip's carrier onboarding: details pulled by MC or DOT from Highway, Descartes MyCarrierPortal, or RMIS, one-click digital packets, in-platform compliance review, and a dated record on every decision.
The clearest way to judge any of this is to watch it run on your own carriers. Book a demo →
- FMCSA, Motus registration system announcements, modernization FAQs, and Federal Register notice FR-2026-08334, April to May 2026.
- Supreme Court of the United States, Montgomery v. Caribe Transport II, decided May 14, 2026.
- CargoNet 2025 cargo theft trends: about $725 million reported stolen, average value near $274,000 per theft.
- Overhaul Q1 2026 cargo theft report: deceptive pickups up 31 percent year over year; strategic theft roughly one incident in three.
- Highway 2025 fraud data: about 2 million fraudulent carrier emails blocked, up 117 percent.
- Truckstop, broker carrier packet, RMIS onboarding, and carrier vetting guides, 2025 to 2026; roughly 92 percent of active interstate carriers hold no FMCSA safety rating.
- FMCSA, broker and carrier fraud and identity theft guidance; insurance filing requirements (cargo filings no longer collected).
- DAT, how to read a carrier's insurance certificate; industry guidance on commodity schedules, exclusions, and producer verification.
- FMCSA bulletin on the purchase and sale of DOT numbers, March 2026, via FreightWaves; FMCSA SAFER national out-of-service averages, roughly 21 percent vehicle and 6 percent driver.
- TIA Watchdog, Carrier411 FreightGuard, and Highway community alert databases on carrier conduct history.
- DAT, carrier onboarding best-practices guide, 2025.
- Foreigh and Neudash carrier onboarding benchmarks: 35 to 45 active minutes per carrier; 7 to 14 elapsed days and ~50 percent abandonment in manual processes.

