Research
The state of bank and financial website accessibility, 2026
Financial services is one of the most frequently sued sectors in US web-accessibility litigation, so its sites have more reason than most to be in good shape. We ran the same scanner we used on stores, hospitals, and government over 59 bank, brokerage, card, and fintech homepages to see whether that pressure shows up in the code. Mostly it does not. A serious failure was the norm, and along the way the sector did something none of the others did at this rate: it locked our scanner out. Here is the aggregate data, with the caveats that matter.
The headline numbers
Of the 59 bank and financial homepages we tested, the homepage alone showed:
- 69% had at least one serious accessibility failure (a critical or serious WCAG issue), just over two in three.
- 34% had at least one critical issue, a third, the kind that can hard-block a screen-reader user.
- Only 8%, about one in twelve, passed every automated check.
- The median site had 7 detectable issues on its homepage; the worst had 127.
These are detectable failures from an automated scan. They are the floor, not the ceiling (more on that below). And to be clear: this is 69% of the financial sites we tested, a curated sample of large banks, brokerages, card networks, and fintechs, not a census of the whole industry.
The sector that could least afford it
What makes this stand out is not the rate, it is who it belongs to. Financial services is consistently among the most-targeted sectors in US website-accessibility lawsuits, alongside retail. A failure on a bank homepage is not just a barrier, it is a barrier in the sector most likely to end up in a demand letter over exactly this.
Set against the other sectors we have scanned, banks landed in the middle: a critical issue on 34% of homepages, close to hospitals (35%) and government (18%), and below online stores (49%). The median financial homepage had 7 detectable issues, similar to hospitals and government, and far below the 17 we saw on stores. So the money and the legal exposure buy a middling result, not a good one.
The most common failures
Ranked by the share of tested sites affected, the recurring WCAG problems were:
- Colour contrast (32%) — text that does not meet the 4.5:1 ratio, WCAG 1.4.3. The most common WCAG failure here, as in every sector, and our figure includes text on CSS gradients that most scanners skip.
- Images missing alt text (19%) — WCAG 1.1.1. This ran higher on financial sites than on government or hospital ones, and it fits: bank homepages lean heavily on promotional hero imagery and product tiles, which is exactly where alt text tends to get dropped.
- Buttons with no accessible name (14%) — usually icon-only buttons, WCAG 4.1.2.
- Touch target size (12%) — controls smaller than the 24×24px minimum, WCAG 2.5.8.
- Links with no discernible text (12%) — usually icon-only links, WCAG 2.4.4 / 4.1.2.
Structural best-practice issues were more widespread than any single WCAG failure: content not contained in landmarks showed up on 54% of sites and out-of-order headings on 37%. Those are advisory rather than WCAG success-criterion failures, so we have kept them separate from the figures above.
The sector locked our scanner out
One finding here is about what we could not measure. Of the financial sites we tried, roughly a quarter returned a bot-protection block, a redirect loop, or a protocol error instead of their homepage, the highest rate of any sector in this series. That is a rational security posture for a bank. But it has a side effect worth naming: the same walls that keep bots out also make a site harder to audit from the outside, and they do nothing for the accessibility of the page a real user eventually reaches.
We report only the sites that returned a genuine homepage. If the locked-out sites are no better or worse than the rest, the figures above hold; we simply cannot see them.
The part an automated scan cannot see
The honest caveat that runs through this series applies here too. The median financial site had 2 items flagged as "needs human review", things an automated test cannot decide on its own, like whether alt text is accurate or whether a custom account-opening form is actually operable by keyboard.
Automated testing only covers the machine-checkable part of WCAG, which independent research puts at roughly a third of the success criteria. So the failure rates above are almost certainly an undercount of the real barriers, not an exaggeration, and on financial sites the hardest parts to get right, multi-step applications and logged-in account flows, sit behind the homepage where an anonymous scan cannot reach.
What this means (and what it does not)
The takeaway is not that these institutions are breaking the law, automated failures are not a legal compliance verdict, and we are naming no one. The takeaway is that in the sector with the clearest financial and legal incentive to get accessibility right, a serious failure on the homepage is still the common case, and the failures are mostly ordinary front-end work: contrast, alt text on promotional imagery, button and link names.
These are fixes that belong in the code itself, not in a layer added on top of it, which is why the durable path is to find the real issues and correct them at the source. You can see where your own site stands with the free scan, or wire it into CI with the CLI and GitHub Action so it does not regress after the next release.
Methodology and limits
In the interest of not overclaiming:
- Sample: homepages of 59 US bank, brokerage, card-network, and fintech sites, scanned in July 2026. We attempted 78; 19 were excluded because they returned bot-protection blocks, redirect loops, or protocol errors rather than a real homepage, the highest exclusion rate in this series, which is itself discussed above. This is a curated sample of recognisable financial brands, not a random or asset-ranked one, so read it as a snapshot of major financial sites rather than a census.
- Engine: the axe-core rules for WCAG 2.x Level A and AA, plus our own resolution of colour contrast over CSS gradients. The same engine and settings we used for the other reports, so all four are directly comparable.
- Scope: public homepages only. Account opening, online banking, and transfer flows sit behind login and often fare worse; they are out of reach of an anonymous scan.
- As loaded: pages were scanned as they rendered, including any cookie or consent overlays, which can both add and mask issues.
- Not a compliance audit: detectable WCAG failures are not a legal determination, and automated testing does not cover the criteria that need a human. We have reported aggregate figures only and named no individual institution.
Frequently asked questions
How accessible are bank and financial websites?
Of the 59 US financial homepages we tested, 69% had at least one serious WCAG failure and 34% had a critical one; only 8% passed every automated check. These are detectable, automated failures and likely undercount the real barriers, especially the account flows that sit behind login.
Are banks sued over website accessibility?
Financial services is consistently among the most-targeted sectors in US website-accessibility litigation under the ADA, alongside retail. Our data is not a legal determination about any specific site, but it shows serious detectable failures remain common in the sector.
How do banks compare to other sectors on accessibility?
In the middle. Banks had a critical issue on 34% of homepages, close to hospitals (35%) and above government (18%), but below online stores (49%). Their median issue count was similar to hospitals and government and well below stores.
What was the most common accessibility issue on financial sites?
Insufficient colour contrast, on 32% of the sites we tested (WCAG 1.4.3), followed by images missing alt text, which ran higher here than in most sectors because of heavy promotional imagery.
Which banks did you test?
We report aggregate figures only and do not name individual institutions, by design. The sample was a cross-section of recognisable US banks, brokerages, card networks, and fintechs.
Related guides
See what's actually broken on your site
Real axe-core results, every element outlined. No email wall, no fake “compliant” badge.
Run a free scanLast updated 2026-07-03.