The Roads Are Ready – But Is the UK’s Autonomous Vehicle Framework?

Share this blog

Picture of Philip Watkins

Philip Watkins

Head of Future Mobility

The autonomous vehicle moment in the UK has arrived, at least in the technical sense. Government-backed driverless pilots are launching this spring, including taxi and bus-style services operating without a safety driver for the first time. Wayve and Uber have begun public-road trials of Level 4 vehicles in London. For those of us working at the intersection of mobility and risk, this is genuinely exciting and should also be genuinely sobering.

The legislation that underpins all of this is, by any measure, impressive. The Automated and Electric Vehicles Act 2018 established the principle that insurers pay first when an autonomous vehicle causes harm, with recovery against manufacturers happening behind the scenes. The Automated Vehicles Act 2024 went further, creating a proper operational regime: a system for authorising self-driving technology, new accountable entities, restrictions on misleading marketing, and a formal “careful and competent driver” benchmark as the safety standard AVs must meet or exceed.

But good primary legislation is only the beginning. And the further you look into how this framework will actually function in practice, on wet roads, in disputed claims, in the aftermath of a serious accident, the more clearly you can see the gaps.

The Claims Evidence Problem

The “insurer pays first” model is consumer-friendly by design, and rightly so. But behind that straightforward payment sits a recovery process that is anything but straightforward. To pursue a manufacturer or authorised self-driving entity after a payout, you need evidence, and right now, nobody has agreed what that evidence should look like.

A meaningful event record for an autonomous vehicle incident would include mode status at the time of the collision, the boundaries of the system’s operational design domain, sensor outputs, object classification data, path-planning decisions, and any alerts or fault codes generated. But is any of that currently mandated as a minimum dataset for claims purposes? It is not.

Without standardised, accessible data, insurers and their lawyers are left reconstructing events from whatever records exist, a fragmented, time-consuming process that favours well-resourced manufacturers over everyone else. The ABI and Thatcham have already called for timely, unhindered access to AV data to make the existing legislation actually work. But should that call be louder? And who, exactly, should be listening?

Handover Is Harder Than It Sounds

The 2024 Act formally recognises the concept of transition demands, alerts that require a human to retake control when conditions exceed what the system can handle. On paper, this is sensible. On the road, it is vastly more complicated.

Consider the range of scenarios that might trigger a handover request: heavy rain degrading sensor performance, faded road markings, an unmapped roadwork, an emergency vehicle approaching from an unexpected direction, a cyclist behaving unpredictably. Each of these presents a different cognitive challenge to a human driver being asked to re-engage, potentially after a period of genuine inattention.

The Act provides for transition-demand regulation, but the critical details are all still to be determined through secondary legislation. How long should a driver be given to respond? How should that window vary depending on whether you are on a motorway, a rural lane, or a busy urban street? And what should the vehicle do if no response comes at all? Those parameters matter enormously when it comes to apportioning fault after an incident, so why are we still waiting for answers?

The concept of a “minimum risk manoeuvre”, controlled deceleration, hazard lights, safe lane positioning, is well established in international technical work. But how and when will UK-authorised systems execute these manoeuvres? And when something goes wrong, will the logs actually tell us what we need to know?

Data: Owned by Whom, for How Long?

European regulations on event data recorders have moved faster than the UK’s own AV-specific standards, which means vehicles on UK roads will often carry some data capture capability by virtue of EU rules. But that baseline is inconsistent, and access to it varies significantly by manufacturer.

The deeper questions remain unanswered. Who owns the raw data generated by an autonomous vehicle? Is it the technology company, the operator, or the person sitting in the seat? On what timeline must it be disclosed to insurers? In what format? And for how long must it be retained after an incident?

These are not technical questions. They are policy and legal questions, and the current consultations have not resolved them. In the absence of clear rules, disputes will multiply and costs will rise. And who ends up carrying those costs? In all likelihood, the mobility customers at the end of the chain.

The “Careful and Competent Driver” Benchmark

We think the careful and competent driver standard is the right one. It is intuitive, legally recognisable, and puts the emphasis on real-world performance rather than abstract specification compliance. But translating it into something testable and auditable is genuinely hard work.

What does a careful and competent driver do at an uncontrolled junction in a rural village? How does that compare to the same driver navigating a motorway merge or a busy city centre crossing? The benchmark needs to be calibrated across all of these contexts and stress-tested against high-risk scenarios. But how many miles of exposure are required before a system can be said to have passed? What confidence intervals are acceptable? And how do we treat rare but catastrophic outcomes in the statistical model? None of that has been defined yet, and until it is, can we really say the standard means anything in practice?

The Ethics Question Nobody Wants to Answer

Here is the issue the industry needs to confront more directly. When an autonomous vehicle faces a physically unavoidable collision, it does not make a mistake. It executes a policy.

This is fundamentally different from human error, distraction, or recklessness. An authorised AV operating within its design domain will, in those final fractions of a second, follow a pre-determined decision framework. It might minimise kinetic energy, position itself to protect vulnerable road users, or initiate a specific manoeuvre sequence. This is the “least-worst” outcome logic, and it is already baked into how these systems are designed.

But does the public have a right to know what those policies are? Should they be certified or independently audited? And should regulators step in to ensure those frameworks cannot, even inadvertently, optimise in ways that disadvantage certain groups of people?

These are not hypothetical trolley problems. They are live regulatory questions with real implications for how claims are assessed, how liability is argued, and how the public ultimately decides whether to trust these systems. So why are they not yet central to the policy conversation?

What Actually Needs to Happen

From where we sit, advising clients navigating the future of mobility risk, the next breakthroughs in autonomous vehicles are not technical. They are regulatory and operational.

Secondary legislation needs to specify transition-demand timings and minimum risk manoeuvre standards. A mandated, standardised claims-grade dataset needs to be defined and enforced. Data ownership and retention rules need to be resolved, not consulted on indefinitely. The “careful and competent” benchmark needs to become something you can actually test against. And the ethical decision policies embedded in AV systems need to be transparent, auditable, and subject to proper oversight.

The UK has the legislative foundations and the political will. It has active trials on real roads with real passengers. But does it have the appetite to do the unglamorous work, the standards, the procedures, the audit trails, that will make autonomous vehicles not just drivable, but insurable, explainable, and trusted?

That is the question. And for those of us in the risk business, how it gets answered is also the opportunity.

Key Take Aways…

  • UK AV laws are strong, but key operational detail in secondary regulation remains unresolved.
  • Insurer-pays-first depends on standardised, accessible claims data that does not yet exist.
  • Handover between system and driver is a major risk without clear timing rules.
  • Data ownership and access remain unclear.
  • Benchmark unmeasurable; ethical decision policies opaque.

Follow us...

Related Posts

Search