- Wednesday, July 8, 2026

The European Accessibility Act is a European Union directive that sets accessibility requirements for products and services to ensure equal access for people with disabilities.

This crucial piece of legislation had an enforcement deadline of June 28, 2025. It applies to any organization selling products or services into the EU market, including companies based in the U.S.

What is at risk? According to recent data, total U.S. exports to the EU (goods and services) are nearly $710 billion, with services exports totaling nearly $295 billion. Additional data shows an estimated $100 billion in EAA-relevant categories, including computer services.



Organizations have an ethical responsibility to make their products and services accessible, but these numbers make clear that EAA compliance is also a multibillion-dollar concern for U.S. businesses.

At this one-year mark, enforcement is not theoretical. Monitoring bodies across Europe have moved to active investigation, fines and litigation, and none of this exposure is limited to companies headquartered in Europe.

The EAA applies based on where you sell, not where you are based, meaning that any U.S. company doing business with EU consumers faces the exact same risk. We know from our own customer data that many U.S.-based companies have already started receiving noncompliance letters from EU regulators requiring them to take immediate action or face penalties.

The real-world implications of noncompliance can be substantive. We have already seen it in Europe. On June 4, a French court ordered Carrefour — one of France’s largest grocery chains — to make its online commerce services fully accessible within six months, with daily fines accruing for each day of delay.

In Austria, fines of up to approximately $92,000 per violation can be levied without ever going to court.

Advertisement
Advertisement

U.S. companies must be proactive to stay ahead of EU regulators, as noncompliant companies could be removed from the EU market. National enforcement authorities follow a defined escalation path: notification, investigation, remediation and verification.

At the end of that path, each EU member state has the authority to bar a company from its market through regulatory order, blocking the offending website or app outright. Each country can separately take action for noncompliance.

So what does compliance require? The EAA is a directive, not a law. Each of the 27 EU member states transposed the EAA into its national legislation, meaning the specific rules can vary from country to country. Yet all of them point back to the same technical benchmark: EN 301 549, a collection of pass-fail criteria that digital products and services must meet to be considered compliant.

In practice, that means testing your websites, apps and digital products against that accessibility standard, fixing what fails and documenting, reporting and proving your status.

These requirements — already a potential challenge for any company that does not yet have a mature digital accessibility program in place — are becoming increasingly mission-critical as artificial intelligence coding tools continue to gain rapid enterprise adoption.

Advertisement
Advertisement

Yet the accessibility of the web is measurably declining rather than improving for the first time in years, with 95% of the world’s top million homepages now containing detectable accessibility failures. At the same time, benchmarks demonstrate that the vast majority of AI models regularly produce “critical and serious” security vulnerabilities by default.

Companies increasing their reliance on AI-assisted development need to increase their accessibility vigilance at the same pace.

To understand the urgency of this vigilance, one need look no further than the European Union’s General Data Protection Regulation, which quickly became the global standard for privacy and security.

Digital accessibility is becoming just as nonnegotiable. Regulatory momentum and technological progress are converging to make it the next pillar of enterprise risk and responsibility, alongside data and privacy. U.S. companies would be wise to get ahead of it now, while they still can.

Advertisement
Advertisement

The bottom line: U.S. companies cannot afford to wait and see. The EAA applies to any U.S. company selling into the EU. Enforcement is active and accelerating. The cost of noncompliance is measured in billions of dollars. U.S. companies must take action now.

• Preety Kumar is the CEO and founder of Deque Systems, creator of the open-source Axe-core engine.

Copyright © 2026 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.