What is this?
This tool is a reference guide that maps EAA requirements to their counterparts in EU banking regulations, EBA guidelines, PSD2, GDPR, and AML requirements, helping banking compliance teams see the full regulatory picture.
When do I need this?
Use this when you need to understand how EAA accessibility requirements interact with other banking regulations your product must comply with.
Applies to:Banks, payment service providers, fintech companies, and their compliance teams.
- 1Select the EAA requirement you're researching, Browse by EAA Annex section or search by keyword.
- 2Review the cross-reference table, The tool shows related requirements from EBA, PSD2, and other applicable frameworks.
- 3Identify overlapping obligations, Where requirements overlap, a single control or document can satisfy multiple regulatory obligations.
- 4Export the cross-reference, Download the relevant sections for use in your compliance documentation.
Blank checklist, printable form
Banking Accessibility, Regulatory Cross-Reference Checklist
EAA + PSD2 + CCD + MiFID II + GDPR Accessibility Checklist
Blank checklist for offline completion.
Tick one box per row. Add comments and evidence references in the Notes column as needed.
PSD2, Accessible Payment Services
Directive 2015/2366, Strong customer authentication, payment initiation, and transaction information must be accessible.
| Ref | Severity | Requirement | Status | Notes / Evidence |
|---|---|---|---|---|
| PSD2 Art. 97 + EAA Annex I §IV | Critical | Strong customer authentication (SCA) is accessible, alternative to SMS OTP provided.PSD2 mandates strong customer authentication for electronic payments. SMS-based one-time passwords require reading a text message on a separate device and re-entering it, this is inaccessible for blind users and those with motor impairments. At least one SCA method must be fully accessible: push notification approval, hardware security key, or biometric with fallback. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| PSD2 Art. 66 + WCAG 2.1.1 | Critical | Payment initiation process is fully usable by screen reader.PSD2 requires that payment service users can initiate payments through their chosen provider. The entire payment initiation flow, selecting recipient, entering amount, confirming details, must be operable with assistive technology. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| PSD2 Art. 48 + WCAG 4.1.3 | Major | Transaction status and confirmation are announced to assistive technology.PSD2 requires that the payer is informed of the status of the payment transaction. Status messages must be programmatically announced via aria-live regions or equivalent. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| PSD2 Art. 44 + EAA Annex I §IV | Major | Payment confirmation provides accessible summary with amount, recipient, and fees.PSD2 Article 44 requires that before a payment is executed, the payer receives clear information including the amount, any fees, and the payee details. This confirmation must be presented in an accessible format. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A |
Consumer Credit Directive, Accessible Pre-Contractual Info
Directive 2008/48/EC, Standard European Consumer Credit Information (SECCI) and pre-contractual disclosures must be accessible.
| Ref | Severity | Requirement | Status | Notes / Evidence |
|---|---|---|---|---|
| CCD Art. 5 + EAA Annex I §IV | Critical | SECCI form (Standard European Consumer Credit Information) is provided in an accessible format.The Consumer Credit Directive requires creditors to provide the SECCI form before a credit agreement is signed. This form must be available in an accessible format, a tagged PDF with proper structure, or an accessible HTML page. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| CCD Art. 5(1)(g) + WCAG 1.3.1 | Major | APR (Annual Percentage Rate) is explained with a worked example accessible to all users.The APR is a complex financial figure that must be presented with a clear, worked example showing how it translates to actual costs. This example must be in accessible format. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| CCD Art. 14 + EAA Art. 4 | Major | Cooling-off period information is accessible and prominently presented.The Consumer Credit Directive grants a 14-day withdrawal period. Information about this right must be accessible, clearly presented in the contract and in any digital interface. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| CCD Art. 5(1) + WCAG 1.3.1 | Major | Pre-contractual comparison tables are screen-reader navigable with proper headers.When presenting multiple credit offers side by side for comparison, the table must use proper TH cells for column headers and row headers. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A |
MiFID II, Accessible Investor Information
Directive 2014/65/EU, Key Information Documents, risk disclosures, and portfolio statements must be accessible.
| Ref | Severity | Requirement | Status | Notes / Evidence |
|---|---|---|---|---|
| MiFID II Art. 24 + PRIIPs Reg. | Critical | KID (Key Information Document) is available as an accessible PDF.The PRIIPs Regulation (linked to MiFID II) requires a KID for retail investment products. This document must be available in an accessible format. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| MiFID II Art. 24(4) + EAA Art. 4 | Major | Risk disclosures use plain language with visual support, accessible to all users.MiFID II requires that risk information is fair, clear, and not misleading. Under the EAA, this extends to accessibility. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| MiFID II Art. 25(6) + WCAG 1.3.1 | Major | Portfolio statements and periodic reports are accessible.MiFID II requires firms to provide periodic statements to retail clients. These statements must be accessible. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| MiFID II Art. 24(4) + WCAG 1.3.1 | Major | Cost disclosure tables have proper header cells and are screen-reader navigable.MiFID II mandates detailed cost disclosure including entry costs, exit costs, ongoing charges, and transaction costs. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A |
GDPR, Accessible Privacy & Consent
Regulation 2016/679, Privacy notices, consent mechanisms, and data subject rights must be accessible.
| Ref | Severity | Requirement | Status | Notes / Evidence |
|---|---|---|---|---|
| GDPR Art. 12 + EAA Art. 4 | Critical | Privacy notice is accessible, not just a legal PDF.GDPR Article 12 requires that privacy information is provided in a 'concise, transparent, intelligible and easily accessible form, using clear and plain language'. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| GDPR Art. 7 + WCAG 2.1.1 | Critical | Consent mechanisms are keyboard-operable and screen-reader accessible.GDPR consent must be freely given, specific, informed, and unambiguous. The mechanism for giving consent must be fully operable by keyboard and correctly announced by screen readers. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| GDPR Art. 15-22 + EAA Art. 4 | Major | Data subject access request (DSAR) process is accessible.GDPR grants data subjects rights to access, rectify, erase, and port their data. The process for exercising these rights must be accessible. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| GDPR Recital 32 + WCAG 2.1.1 | Major | Cookie preferences are manageable by screen reader and keyboard.Cookie consent management platforms (CMPs) must be accessible. Users must be able to review cookie categories, toggle individual preferences, and save their choices using keyboard and screen reader. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A |
Cross-Cutting Obligations
Requirements that span all applicable regulations, complaint handling, accessible formats, staff training, and accessibility statements.
| Ref | Severity | Requirement | Status | Notes / Evidence |
|---|---|---|---|---|
| EAA Art. 13 + PSD2 Art. 101 | Critical | Complaint handling process is accessible across all regulatory frameworks.PSD2, MiFID II, and the EAA all require accessible complaint handling. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| EAA Art. 4 + CCD Art. 5 | Major | Accessible format of any regulated document is available on request.Across all applicable regulations, customers have the right to receive documents in an accessible format. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| EAA Art. 4 + MiFID II Art. 25 | Major | Staff are trained on accessibility obligations across all applicable regulations.Front-line and digital staff must understand accessibility obligations under each applicable regulation, not just the EAA in isolation. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A | |
| EAA Art. 14 + EN 301 549 §12 | Major | Accessibility statement references all applicable regulations, not just the EAA.The bank's accessibility statement should acknowledge compliance efforts across all applicable regulations. | ☐ Pass ☐ Partial ☐ FAIL ☐ N/A |