What a Sheriff Court Fatal Accident Inquiry actually asks of your fleet maintenance record

The trustees of a small Glasgow transport charity met on a Wednesday evening in October. They were trying to write a board minute. Their solicitor had told them an FAI was now likely. None of them had any idea what an FAI involved, what it would ask of them, or what they should be preparing.

This article is for them — and for every charity, council fleet, school transport, care provider, last-mile operator and SMB transport business that runs vehicles in Scotland. Most of you will never face an FAI. But the day you do, the question the Sheriff opens with is the same question every other UK regulator and insurer asks first: show me how you maintained the vehicle that did this.

The 2016 Act, in plain English

FAIs in Scotland are governed by the Inquiries into Fatal Accidents and Sudden Deaths etc. (Scotland) Act 2016, which replaced the 1976 Act. They are inquisitorial proceedings — not adversarial. There is no defendant in the criminal sense. The Sheriff sits without a jury and the Procurator Fiscal leads evidence on behalf of the public interest. The role of COPFS (Crown Office and Procurator Fiscal Service) is to investigate the death and decide whether an FAI is mandatory or discretionary.

FAIs are mandatory in two main categories: deaths in legal custody, and deaths "in the course of employment". For a service user being conveyed by a charity transport, a death is not automatically mandatory. But COPFS has discretion to hold one wherever it believes the public interest requires it — and a fatality involving an adapted vehicle, a vulnerable adult, a charitable transport contract and a possible mechanical defect almost always meets that bar.

If you operate vehicles in Scotland, assume any work-related fatality involving one of them will trigger at least a COPFS investigation, and proceed accordingly.

What happens before the inquiry opens

Long before a Sheriff hears anything, COPFS investigators arrive at your depot. They will ask, in this order:

1. Records for the specific vehicle: PMI (Preventive Maintenance Inspection) reports, MOT history, defect reports, repair invoices, parts records.
2. The driver's daily walk-round check sheets for the seven days before the accident.
3. Your overall maintenance regime — what you call your "system" — including any quality plan, fitter qualifications, contractor agreements.
4. The chain of communication from "driver reported a problem" to "fix verified".
5. Tachograph downloads where applicable, telematics data, dash-cam footage.

The investigators are not interested in your verbal account. They want artefacts. They want them to be contemporaneous — created at the time, not assembled after the fact. They will ask the following question, in different ways, several times:

"Can you demonstrate that this record was not modified after the accident?"

If the answer is "well, the spreadsheet has a save date, but anyone with access could have edited it", you have a problem. If the answer is "the PDF is signed and dated, but only by us", you still have a problem. Investigators have seen both. They are looking for something neither side can change after the event.

Why the spreadsheet does not survive contact with COPFS

Most SMB fleets keep maintenance records in one of three places: a paper folder per vehicle, a shared Excel spreadsheet, or a workshop management system the garage runs that they cannot read directly. Each has a specific failure mode in front of an investigator.

Paper folder. Pages can be inserted, removed, or rewritten. The fitter's signature can be copied. Date columns are written in pen by the same hand that writes everything else. There is no way to prove that a "30 September PMI" was actually written on 30 September and not on the morning of the accident.

Excel spreadsheet. Excel records the last save date and the last author. It does not record who made which row, when. It does not record deletions. A row reading "12 October — brakes inspected, no faults found" cannot be distinguished from the same row, typed yesterday, and back-dated. Your IT team can demonstrate file metadata but a forensic IT expert can also demonstrate that file metadata is editable.

Garage workshop management. The garage manages it, not you. You receive a printout. The printout is generated whenever you ask for it — including the morning of the FAI. The investigator will ask the garage directly, and may discover that the garage software allows back-edits, or that the garage prints "from the date of inspection" but the underlying job line was actually opened three weeks later.

None of these are forgery accusations. They are evidential weaknesses. The job of the Procurator Fiscal is to test the strength of your record. The job of your record is to be testable.

What a defensible record actually looks like

The standard the courts increasingly recognise — and the standard expert forensic IT witnesses validate — is a record that meets four conditions:

1. Sealed at the moment of capture. The record carries a cryptographic hash (SHA-256 or stronger) generated when the data was first entered, not later.
2. Linked to a chain. Each new entry includes the hash of the previous entry, so any retroactive change to an old entry breaks every entry that came after it.
3. Independently verifiable. The verification of the chain does not depend on trusting the operator. A neutral party — investigator, insurer, court-appointed forensic expert — can re-compute the hashes themselves.
4. Bound to identity and location. Photos carry their original EXIF data (date, time, GPS, camera fingerprint), individual file hashes, and an OTP-verified mechanic identity at the moment of submission.

The legal name for what this gives you is tamper-evident provenance. The technical name is chain-of-custody. In court it is the difference between "we believe the operator" and "the record proves itself".

Charity fleets: the regulators stack on top

If your fleet sits inside a charity, the FAI is not the only proceeding to plan for. OSCR (Office of the Scottish Charity Regulator) opens an inquiry into the trustees' conduct under the Charities and Trustee Investment (Scotland) Act 2005. OSCR can disqualify trustees, remove them from the register and refer them to the Court of Session if it concludes there has been a failure of governance.

If your charity is registered to provide a care service — which many community-transport charities are — the Care Inspectorate investigates under the Public Services Reform (Scotland) Act 2010. The Care Inspectorate can issue improvement notices, condition or cancel your registration, and refer matters to Police Scotland where it suspects criminal failure.

And the HSE investigates under the Health and Safety at Work etc. Act 1974. Senior managers — including charity trustees — can be personally liable under the Corporate Manslaughter and Corporate Homicide Act 2007 if a "gross failure" by senior management caused the death.

All four investigations ask the same first question. The same record either answers it or fails to answer it for all four. There is no "good enough for OSCR but not for the Sheriff" version. There is one record, and it is either tamper-evident or it is not.

The fitter, the contractor, and the chain of accountability

Most SMB fleets do not employ a full-time fitter. Maintenance is contracted to a local garage, sometimes more than one. The Sheriff will ask: who was competent to inspect this vehicle, and how did you assure yourself of their competence?

"They've done our work for years" is not an answer. "They're an MOT-approved test station" is closer but still not enough — MOT and inter-service maintenance are different disciplines. The DVSA Guide to Maintaining Roadworthiness sets out what the regulator expects: a written maintenance contract, a known inspection frequency, a defined competent person, and a quality assurance process.

If your contract with the garage is verbal and the inspection frequency is "when something seems wrong", the chain of accountability fails before you reach the depot gate. Build the contract. Define the frequency. Name the competent person. Keep the record of who signed what.

The driver defect report — the smallest piece of evidence with the biggest consequences

The single most important record at an FAI is the driver defect report — the daily walk-round check sheet, plus any defect raised during the day. The Guide to Maintaining Roadworthiness expects:

• A walk-round check before each first use of the day, recorded.
• Any defect raised in writing, with date, time and driver identity.
• An acknowledgement of receipt by the operator.
• A decision recorded — vehicle quarantined, fix scheduled, or no further action with reasons.
• If a fix was carried out: who did it, what parts were used, who verified it before the vehicle returned to service.

Every link in that chain has to survive the question: can you prove this is what happened, and not something written later?. A handwritten tear-off pad in the office tray is a chain that fails at the first link. A digital record sealed at submission, with photo evidence carrying EXIF and individual cryptographic hashes, with an OTP-verified driver identity, with a server-side timestamp that the operator cannot edit, is a chain that holds.

The closing recommendation a Sheriff can make

Under section 26 of the 2016 Act, a Sheriff issuing an FAI determination can make recommendations as to how similar deaths might be avoided. Those recommendations are public. They are sent to the regulator and the operator. They are written about in local newspapers. They become the standard against which future operators are judged.

If the Sheriff finds that your maintenance system was unable to demonstrate when a defect was reported, when it was acknowledged, or when it was repaired — and a Sheriff finds this regularly — the recommendation will read something like: "operators of vehicles carrying vulnerable adults should adopt a tamper-evident system of recording defect reports and repair verification, capable of being independently audited."

That is now the standard. The next operator in your category who appears before a Sheriff will be judged against it.

The checklist for Scottish fleet operators today

1. Identify every vehicle you operate and the regulatory tier each one sits in. A WAV used for adult day services is in a different tier from a courier van running parcels.
2. For each tier, write down which regulators have jurisdiction. Charity fleet of WAVs — DVSA, HSE, OSCR, Care Inspectorate, COPFS in event of death.
3. Pull your last 12 months of maintenance records. Ask: could a forensic IT expert prove these were not edited yesterday?
4. Check your maintenance contract with each garage. Is it written? Does it specify inspection frequency and competent persons? Does it allow you to receive an unalterable record of every job?
5. Audit your driver defect reports for the last 60 days. For every defect that was reported: can you produce evidence of acknowledgement, fix, and verification — each timestamped and unalterable?
6. For any vehicle carrying vulnerable passengers, plan for a tamper-evident replacement of paper or spreadsheet records within 90 days.
7. Brief your trustees or senior managers. Personal liability under the Corporate Manslaughter Act is rare but it is real. They cannot delegate it.

Sources & further reading

• Inquiries into Fatal Accidents and Sudden Deaths etc. (Scotland) Act 2016 — the modern FAI statute
• Crown Office and Procurator Fiscal Service — the prosecuting authority that opens an FAI
• Scottish Courts and Tribunals Service — Sheriff Court structure and FAI determinations
• Office of the Scottish Charity Regulator — trustee duties and inquiry powers
• Charities and Trustee Investment (Scotland) Act 2005
• Care Inspectorate (Scotland) — registered care services oversight
• Public Services Reform (Scotland) Act 2010
• Health and Safety at Work etc. Act 1974
• Corporate Manslaughter and Corporate Homicide Act 2007
• DVSA — Guide to Maintaining Roadworthiness — the canonical fleet-maintenance reference
• HSE / DfT — Driving at work: managing work-related road safety
• Sentencing Council — Corporate Manslaughter definitive guideline

Related Mekavo articles: DVSA roadside spot-check — what 25-van SMBs should be able to produce in 12 minutes, The four phrases UK insurers use to refuse a fleet claim, Adapted vehicles, the Equality Act and corporate manslaughter — the overlap UK operators miss, From "driver reported it" to "fix verified" — the workflow gap that loses cases.

Why we care

Mekavo Fleet was built for operators who carry weight that other operators do not. Every inspection, every defect, every repair is sealed at the moment it happens — hash-chained with SHA-256, photos carrying their original EXIF and individual cryptographic hashes, mechanic identity OTP-verified, driver identity verified, time-stamped on our servers. Anyone — your insurer, your auditor, an investigator, a court-appointed forensic expert — can independently re-verify the seal without trusting Mekavo's word for it. We do not give you software. We give you a chain of custody.