certvo.com

Industry · Banking & Financial Services

Accessibility requirements for Banking & Financial Services websites

The EAA explicitly names consumer banking services. ATMs, payment terminals, mobile apps, and online banking portals are all covered. Sector-specific rules (PSD2 strong customer authentication, ECB requirements) intersect with accessibility — which means OTP entry, biometric flows, and timeout warnings need extra design care.

Run a free scan See pricing

Regulations that apply

Banking & Financial Services sits at the intersection of general digital-accessibility law and sector-specific obligations. The most relevant items to track:

  • EAA — Annex I, Section III

    Specific banking obligations: ATM, online banking, mobile banking.

    EU

  • PSD2

    Strong customer authentication that must remain accessible.

    EU

  • Section 508

    Required for federal credit unions and any contractor.

    US federal

The accessibility risks specific to Banking & Financial Services

Every industry has its own failure pattern. The combination below is what audits, complaints, and lawsuits in this sector keep returning to. Fixing them clears the most-cited issues without touching every page.

  • Session timeouts without warning

    Banks set short timeouts; without 2.2.1 timeout warnings, users with cognitive disabilities lose work mid-transfer.

    2.2.1

  • Inaccessible OTP and 2FA flows

    Auto-advancing 6-digit OTP fields and biometric prompts often skip keyboard and screen reader support.

    2.1.1, 4.1.2

  • Statement PDFs that are scanned images

    Account statements delivered as scanned PDFs are unreadable by screen readers.

    1.1.1, 1.3.1

A short remediation checklist

Most Banking & Financial Services teams do not need a 200-item audit before they fix anything. They need an ordered list of the highest-impact moves. Start with these and re-audit after each pass.

  • Audit login flows including 2FA paths

  • Test session timeout warnings with assistive tech

  • Verify statement PDFs are tagged and text-based

  • Review every error message for inline + announced status

Run a free Certvo scan against your homepage and one task-flow URL (login, checkout, booking). It pinpoints which of the issues above apply to you, and how often.

Frequently asked questions

Does PSD2 conflict with accessibility?

It does not have to. Strong customer authentication can be implemented accessibly using passkeys, properly-labeled OTP fields, and accessible biometric prompts.

Other industries

Accessibility for E-commerce

WCAG 2.1 AA + EAA + ADA for online stores: cart, checkout, product pages. Lawsuit risks, a

Accessibility for SaaS / B2B Software

B2B SaaS accessibility: VPAT, ACR, EN 301 549, enterprise procurement requirements. Free s

Accessibility for Healthcare

WCAG 2.1 AA, ADA, HIPAA-aware accessibility for hospitals, clinics, telehealth, and patien

Accessibility for Education

WCAG 2.1 AA for schools, universities, LMS, EdTech: Section 504, ADA, US DOJ rule, EAA. Fr

Accessibility for Government & Public Sector

Government accessibility: Section 508, DOJ Title II, EN 301 549, RGAA, BITV. Compliance ch

Accessibility for Media & Publishing

WCAG 2.1 AA for news sites, magazines, and publishers: video captions, paywalls, audio des

Find every accessibility issue on your site in 60 seconds.

Free public scan. No card. AI-generated fixes for every issue we find.

Run my free scan Compare plans