European Accessibility Act Is Now Enforced: What Changed on June 28, 2025

<p>On June 28, 2025, the clock stopped being a countdown. The European Accessibility Act (EAA) — officially Directive (EU) 2019/882 — moved from a looming deadline into active enforcement, and businesses that had been watching the horizon now found themselves operating under binding legal obligations. With roughly 87 million people in Europe living with a disability, the legislation represents not just a regulatory shift but a fundamental change in how digital products and services must be designed, delivered, and maintained. If your organisation sells, distributes, or provides digital services to anyone in the EU, the rules have changed — and ignoring them is no longer a low-risk strategy.</p> <h2>What the European Accessibility Act Actually Is</h2> <p>The EAA is an EU directive adopted in June 2019 with a clear mission: harmonise accessibility requirements for products and services across all member states, creating a level playing field for businesses while guaranteeing meaningful access for people with disabilities. Before the EAA, accessibility obligations for the private sector were fragmented across national laws, creating a patchwork of requirements that made cross-border compliance complicated and inconsistent. The EAA set out to fix that.</p> <p>The directive required each of the 27 EU member states to transpose its terms into national law by June 28, 2022, and to begin applying those measures from June 28, 2025. This means the EAA is not directly applicable as a single unified law — instead, it operates through national implementations, each of which must meet the EAA's minimum requirements but may go further. For businesses operating across multiple EU markets, this creates a compliance landscape that is harmonised in principle but variable in practice.</p> <p>Unlike the EU Web Accessibility Directive, which applied exclusively to public-sector websites and apps, the EAA extends accessibility obligations into the private sector. This is a significant expansion in scope. E-commerce platforms, banking services, transport booking systems, telecommunications providers, audiovisual media services, and consumer electronics all fall within its reach. If your digital product or service touches EU consumers and falls within these categories, you are subject to the EAA.</p> <h2>Who Is Covered — and Who Is Not</h2> <p>The EAA applies to economic operators — manufacturers, importers, distributors, and service providers — offering covered products or services in the EU market. Critically, this includes businesses headquartered outside the EU. If a US-based SaaS company, an Australian e-commerce retailer, or a UK bank provides digital services to EU consumers, the EAA applies to them just as it does to their EU-based competitors. Geography of incorporation is irrelevant; geography of the customer is what matters.</p> <p>The sectors and product categories covered are broad. E-commerce platforms, online banking interfaces, electronic ticketing systems, consumer computer hardware, smartphones, tablets, smart TVs, self-service terminals such as ATMs and payment kiosks, e-readers, and audiovisual media services all fall within scope. For each of these categories, the accessibility obligations apply to digital interfaces and the services built on top of them.</p> <p>There are, however, meaningful exemptions worth understanding clearly rather than wishfully:</p> <ul> <li><strong>Microenterprises providing services</strong> — defined as organisations with fewer than 10 employees and an annual turnover or balance sheet below €2 million — are exempt from the service-related accessibility requirements. Note, however, that this exemption does not extend to products. A microenterprise that manufactures or sells a covered product must still meet accessibility standards.</li> <li><strong>Disproportionate burden</strong> — any economic operator can claim an exemption from specific accessibility requirements if compliance would impose an excessive organisational or financial burden. But this is not a get-out-of-jail card. The claim must be formally documented and assessed against criteria set out in Annex VI of the directive, and the assessment must be renewed every five years. Crucially, lacking time, knowledge, or interest in accessibility is not considered a legitimate reason for disproportionate burden.</li> <li><strong>Archived and legacy content</strong> — pre-recorded media published before June 28, 2025, archived website content that will not be updated, and certain long-life products already in use before the deadline may benefit from transitional provisions.</li> </ul> <blockquote>If your business is close to the microenterprise thresholds, the safe assumption is that the EAA applies to you. The exemption was designed for the smallest sole traders, not for growing businesses with established digital operations.</blockquote> <h2>The Technical Standard: WCAG 2.1 AA via EN 301 549</h2> <p>Understanding the technical requirements of the EAA means understanding the relationship between three things: the EAA itself (the law), EN 301 549 (the harmonised European standard), and WCAG 2.1 (the international accessibility guidelines that EN 301 549 incorporates). The EAA sets functional requirements. EN 301 549 is the technical standard that provides a pathway to demonstrating conformity with those requirements. And WCAG 2.1 Level AA is the foundation that EN 301 549 builds upon for web and mobile content.</p> <p>EN 301 549 version 3.2.1 is the current harmonised standard. It incorporates WCAG 2.1 in its entirety, which means that for web content, achieving WCAG 2.1 Level AA conformance satisfies the web content requirements of EN 301 549. However, EN 301 549 goes significantly further than WCAG 2.1 alone — it includes requirements for non-web software, documents such as PDFs, hardware, real-time communication tools, and other ICT components. For most organisations, the practical compliance target can be framed as WCAG 2.1 AA for web and mobile, plus the relevant EN 301 549 clauses for any other digital touchpoints.</p> <p>The four POUR principles — Perceivable, Operable, Understandable, and Robust — sit at the heart of these requirements. In practice, this translates to concrete, testable obligations:</p> <ul> <li><strong>Perceivable</strong>: All non-text content must have text alternatives. Audio and video content must have captions and transcripts. Text must meet minimum contrast ratios (4.5:1 for normal text at WCAG AA). Content cannot rely solely on colour to convey meaning.</li> <li><strong>Operable</strong>: All functionality must be accessible via keyboard alone. Users must have enough time to read and use content. Content must not flash in ways that could trigger seizures. Pages must have clear, descriptive titles and logical focus order.</li> <li><strong>Understandable</strong>: Forms must have clear labels and instructions. Error messages must identify the problem and suggest corrections. Navigation must be consistent across pages.</li> <li><strong>Robust</strong>: HTML must be valid and semantic. ARIA roles, states, and properties must be used correctly. Custom UI components — date pickers, modal dialogs, custom dropdowns — must expose the right accessibility information to assistive technologies.</li> </ul> <p>One important nuance: achieving WCAG 2.1 AA conformance is a strong foundation but does not guarantee full EAA compliance on its own. The EAA may require additional documentation, testing against EN 301 549 criteria beyond WCAG, and user journey evaluations for industry-specific needs. Think of WCAG 2.1 AA as a necessary condition, not a sufficient one.</p> <h2>Penalties: What Non-Compliance Actually Costs</h2> <p>The EAA requires that penalties for non-compliance be effective, proportionate, and dissuasive — but it does not set a single EU-wide penalty structure. Each member state defines its own penalties through national law, which means the financial exposure varies significantly depending on where your customers are.</p> <p>Here is a snapshot of how penalties look in some of the EU's major markets:</p> <ul> <li><strong>Germany (BFSG)</strong>: Fines of up to €100,000 for selling non-compliant products, and up to €10,000 for failure to provide accurate accessibility information about products and services. Enforcement is handled by the Federal Network Agency.</li> <li><strong>France</strong>: Base fines of €7,500 per violation for legal entities, but aggregate penalties for systemic non-compliance can reach €250,000. Multiple enforcement agencies are active, including ARCOM for digital platforms and DGCCRF for consumer-facing retail. France has already shown enforcement intent, with major retailers including Carrefour, Auchan, and Leclerc receiving formal notices requiring e-commerce accessibility remediation.</li> <li><strong>Netherlands</strong>: One of the most aggressive enforcement frameworks, with maximum fines of up to €900,000 or 10% of annual revenue — whichever is higher. The ACM (Authority for Consumers and Markets) can impose penalties without lengthy court proceedings when systematic non-compliance is found.</li> <li><strong>Ireland</strong>: Fines of up to €60,000 and, for severe violations, the possibility of imprisonment for up to 18 months.</li> <li><strong>Italy</strong>: Monetary penalties ranging from €5,000 to €40,000 under the EAA transposition, with additional exposure under the legacy Stanca Law for entities it still covers.</li> </ul> <blockquote>A single accessibility complaint filed in one EU member state can trigger investigations in others. Cross-border enforcement is coordinated through the EU's market surveillance framework, meaning a finding in one country can cascade across the entire bloc.</blockquote> <p>Beyond financial fines, enforcement authorities have additional tools: non-compliant products can be restricted or removed from the EU market under Article 20 of the EAA, and businesses may be suspended from operating in the EU market entirely. Non-compliance also carries procurement consequences — organisations that do not meet EAA requirements can be excluded from public-sector contracts. For B2B and B2G businesses in particular, this is a significant commercial risk beyond the regulatory penalties themselves.</p> <p>Critically, enforcement is typically graduated. Authorities generally notify organisations of non-compliance and provide a remediation period — usually 30 to 90 days — before imposing financial penalties. Organisations that respond in good faith, demonstrate documented effort, and show active remediation work are in a substantially stronger position than those that take no action at all. The biggest risk belongs to organisations that are visibly non-compliant and unresponsive.</p> <h2>What Actually Changed on June 28, 2025</h2> <p>For organisations that had been tracking the EAA, the question is: what actually shifted on that date? The answer is more than a symbolic threshold. Before June 28, 2025, the EAA was law on paper but not yet enforceable against private-sector organisations. After that date, any EU consumer who encounters an accessibility barrier on a covered digital product or service can file a formal complaint with their national enforcement authority — and that authority has the legal power to investigate, mandate remediation, and impose penalties.</p> <p>New products and services placed on the EU market on or after June 28, 2025 must comply with the EAA requirements from day one. For products and services that were already on the market before that date, transitional provisions apply — but these primarily cover long-life physical products such as ATMs and self-service kiosks. For digital services and websites, the practical expectation from regulators and consumer advocacy groups is that existing services should be accessible now, or demonstrably moving toward compliance.</p> <p>The enforcement landscape that has emerged since June 2025 confirms that this is not a paper regulation. France's disability rights organisations have already used emergency court procedures to compel major retailers to remediate their digital platforms. Germany's Federal Network Agency is actively monitoring compliance in telecommunications and e-commerce. The Netherlands' ACM has positioned itself as one of the bloc's most assertive enforcers. The EAA is being treated with the seriousness its text demands.</p> <h2>Building a Practical Compliance Programme</h2> <p>For organisations that are not yet fully compliant, the priority is not panic — it is structured, documented action. Enforcement is complaint-driven and graduated, which means the compliance journey matters as much as the endpoint. Here is a practical framework:</p> <ul> <li><strong>Audit your current state</strong>: Run automated scans across your key pages and user journeys to identify common failures — missing alt text, insufficient colour contrast, unlabelled form fields, inaccessible custom components. Automated tools are excellent for breadth, but they can only detect around 30–40% of accessibility issues. Manual testing against WCAG 2.1 AA, including keyboard-only navigation and screen reader testing, is essential for depth.</li> <li><strong>Prioritise remediation strategically</strong>: Not all accessibility failures carry the same weight. Start with issues that block core user journeys — checkout flows, account creation, form submission, authentication. A user who cannot complete a purchase because of an inaccessible modal is experiencing a fundamental barrier, and that is the kind of issue that generates complaints.</li> <li><strong>Publish an accessibility statement</strong>: The EAA requires organisations to make accessibility information available. Your accessibility statement should include the scope of your conformance, the standard you are targeting (WCAG 2.1 AA via EN 301 549), known gaps, a remediation roadmap, and a clear mechanism for users to report issues or request assistance. This document is also your paper trail if an enforcement authority comes knocking.</li> <li><strong>Embed accessibility into development workflows</strong>: Point-in-time compliance is not sustainable. Accessibility needs to be part of design reviews, code reviews, QA processes, and content workflows. Role-specific training for designers, developers, and content creators is not optional — it is how you prevent the debt from accumulating again after remediation.</li> <li><strong>Monitor continuously</strong>: Websites change. New features are shipped, third-party scripts are added, content is updated. Continuous automated monitoring catches regressions before they become complaints. Pair scheduled automated scans with periodic manual audits and user testing with disabled participants.</li> <li><strong>Assess your supply chain</strong>: If your digital product embeds third-party widgets, SDKs, or platforms, their accessibility failures become your compliance risk. Update vendor contracts to require WCAG conformance and obtain accessibility conformance reports (ACRs or VPATs) from key suppliers.</li> </ul> <p>For organisations using accessibility overlay widgets or SDK solutions — like Accsible — it is important to understand what these tools can and cannot do. A well-implemented accessibility widget can provide meaningful assistive features that improve the experience for users with disabilities and address certain WCAG criteria. However, no overlay solution replaces the foundational work of making your underlying codebase semantically correct and keyboard-navigable. The most effective compliance strategies use overlay tools as a complement to remediation, not a substitute for it.</p> <h2>The Bigger Picture: Why This Matters Beyond Compliance</h2> <p>It is tempting to frame EAA compliance purely as a legal obligation to be managed, but that framing misses the point. The 87 million Europeans living with a disability represent a significant and underserved market. Accessible websites consistently show improved conversion rates, reduced customer support load, and better SEO performance — not because accessibility is a magic growth lever, but because the same practices that make a site usable for someone with a visual impairment also make it faster, clearer, and more reliable for everyone.</p> <p>The EAA is also widely compared to GDPR in terms of its potential impact on how organisations build and operate digital products. GDPR transformed data handling across the globe, not just in Europe. Organisations that treat the EAA as a comparable inflection point — embedding accessibility into product strategy rather than bolting it on as a compliance exercise — will be better positioned as accessibility regulations proliferate globally. Australia, Canada, the United States, and the UK all have active accessibility regulatory frameworks, and the EAA's influence on global best practices is already visible.</p> <p>Accessibility is also increasingly embedded in procurement requirements. Public institutions and large enterprises are incorporating accessibility conformance into their vendor selection criteria. For B2B software providers, SaaS platforms, and digital agencies, EAA compliance is becoming a baseline expectation for closing enterprise deals — not just a regulatory obligation but a commercial prerequisite.</p> <h2>Key Takeaways</h2> <ul> <li><strong>Enforcement is live and active.</strong> As of June 28, 2025, EU consumers can file formal accessibility complaints against your digital products or services, and national authorities have the power to investigate and impose penalties. Early enforcement actions in France and active monitoring in Germany and the Netherlands confirm this is not theoretical.</li> <li><strong>Non-EU businesses are not exempt.</strong> If you sell products or provide digital services to EU consumers, the EAA applies to you regardless of where your business is incorporated or headquartered.</li> <li><strong>WCAG 2.1 Level AA is your technical baseline, but it is not the whole picture.</strong> EN 301 549 extends beyond web content to cover software, documents, and hardware. Pair WCAG conformance with an accessibility statement, documented testing, and ongoing monitoring.</li> <li><strong>Documented effort is your best defence.</strong> Enforcement is graduated and complaint-driven. Organisations that can show active, documented remediation work — even if not yet fully compliant — are in a far stronger position than those that have taken no action. Start building your paper trail now.</li> <li><strong>Compliance is not a project with an end date — it is an ongoing programme.</strong> New features, content updates, and third-party integrations all introduce accessibility risk. Continuous monitoring, embedded accessibility practices in development, and periodic manual audits are what separate organisations that maintain compliance from those that drift back into violation.</li> </ul>