Where Driver Licence Compliance in the UK Breaks Down
Most failures happen because employers treat the DVLA licence check as a one-off task instead of an ongoing compliance process.
The Annual Check That Isn’t
A national logistics company employs 200 drivers across four depots. The compliance team conducts manual DVLA checks each April, documents results in a shared spreadsheet, and notifies depot managers of any driver with four or more points. The process runs as designed.
What the process cannot see is what happens between checks. Between April 2024 and April 2025, eleven drivers accumulate new penalty points. Four of them reach six or more. Two reach eight. Under the company’s own fleet risk policy, any driver with six or more points should be referred for a driving duties review. That policy is never triggered, because no one has visibility of those points until the following April.
During that same period, one of the eight-point drivers is involved in a serious collision resulting in life-changing injuries to a third party. The investigation surfaces not only the driver’s points history but the absence of any monitoring process capable of detecting a change in risk status between annual checks. The employer cannot demonstrate ongoing duty of care. Its insurer declines to settle. The legal and reputational consequences far exceed anything a monitoring platform would have cost.
This scenario illustrates a pattern HSE has identified repeatedly: organisations believe they are compliant because a process exists, without recognising that the process only covers a fraction of the time period during which risk is actually accumulating. Penalty points for mobile phone use and speeding offences remain on a licence for between four and eleven years (RAM Tracking, 2026). A driver can reach twelve points and face a ban without any automated alert reaching their employer. The check does not fail. The frequency at which it is run is what fails.
The Spreadsheet That Cannot Prove Anything
A regional groundworks contractor employs 40 operatives, around half of whom drive for work. DVLA licence check runs by employer or operations manager when capacity allows, notes results in a spreadsheet, and files it on a shared drive. The spreadsheet has columns for driver name and last check date. It does not record what specific information was returned, what action was taken, or who authorised the review.
Following a near-miss incident involving one of those operatives driving a tipper truck, HSE requests evidence of the contractor’s driver compliance process. The spreadsheet is produced. The inspector asks for the specific date the most recent check was conducted, the precise result it returned, whether the driver had accumulated any points in the preceding two years, and what action the contractor took when the driver reached six points in January. None of those questions can be answered from the spreadsheet.
Manual checks of this kind typically leave no audit trail capable of demonstrating duty of care under investigation (RAM Tracking, 2026). Employers are expected to retain consent records alongside dated, method-attributed check results precisely so that the record is defensible rather than merely present (RAM Tracking, 2026; EBC Global, 2025). A process that took place but cannot be evidenced is, from a compliance standpoint, functionally indistinguishable from a process that never happened.
The Drivers Nobody Thought to Check
A community healthcare provider employs 60 district nurses across two county areas. Each nurse uses their own vehicle to travel between patient homes, covering 30 to 50 miles per working day. Management or employer has never initiated a DVLA licence check for this group. The rationale, when examined, is that the vehicles are privately owned and therefore the employer’s obligations are limited.
That position is not supported by law. When an employee drives for work purposes, the employer’s duty of care applies regardless of vehicle ownership (RAM Tracking, 2026). HSE’s guidance on work-related road safety does not distinguish between employer-owned and employee-owned vehicles in its application of the duty (HSE, 2014, p.1).
Employees using personal vehicles for work journeys, commonly described as grey fleet, sit squarely within the scope of employer compliance obligations. For organisations in healthcare, facilities management, social care, and professional services, this is one of the largest concentrations of unmanaged driving licence risk in UK workplaces: not drivers with hidden penalty points, but drivers who have never been identified as drivers at all.
The same pattern emerges in manufacturing. At a food processing site, 12 operatives drive company vans between production bays and external loading docks as an incidental part of their role. Driving was not listed in their job descriptions when those descriptions were written three years ago. No DVLA licence check has ever been initiated by employer. Following a vehicle incident on the loading approach road, the investigation finds that two operatives involved held licence restrictions that no one at the organisation had ever reviewed. The compliance gap was not in the checking process. There was no checking process, because the task had never been formally classified as driving.
👉🏻 Suggested Reading: Transport, Logistics and Warehousing Training and Compliance Management. A detailed guide to how compliance obligations apply across driving-intensive sectors, including how grey fleet and incidental driving roles sit within the employer’s duty of care framework.