June 11, 2020

Website Compliance Reviews – WST

Website Compliance Review.  (Yawn) Wazzat?  Yes, you read that correctly; now wake up!  When was the last time you had your financial institution’s website reviewed for accessibility and regulatory compliance?  Has the importance of having one done even crossed your mind?  Let’s look at why you should consider it.

Consider what your financial institution’s website truly is: an advertisement of all the services your brick and mortar branches provide in a graphical, electronic format.  And it’s at the fingertips of almost three hundred (300) million people in the USA.  Wait – what?  Oh, yeah; this internet thing has gotten kind of big, which is why your VP of Marketing insisted that you have a website.  Because without one it will be difficult to keep up with the big dogs; or even the small dogs – the ones with websites.

Okay, so the website is needed, it talks about the services you offer, and it costs you money to have it hosted, to have it maintained, to have search-engine optimization (SEO) done, etc.  AND it is in the institution’s best interests to have a compliance review done on it.

Let’s get back to those 300 million people that potentially have an opportunity to navigate to your website.  According to the Centers for Disease Control (CDC) approximately sixty-one (61) million people in the United States are affected by some form of disability.1 That’s one (1) out of every four (4) people that may experience visual, auditory, cognitive or some other impairment that could make it difficult or impossible to use your website if you haven’t taken steps to ensure accessibility.

Over the last few years, the Americans with Disabilities Act (ADA), which was signed into law in 1990 has been referenced in lawsuits against companies whose websites don’t comply with the World Wide Web Consortium’s (W3C) Website Compliance Accessibility Guidelines (WCAG).  According to UsableNet,  lawsuits filed since 2016 against companies that don’t comply with the ADA website standards have reached an average of one filed per hour in 2018 and remained at that rate in 2019.2  The banking industry accounted for roughly twelve (12) percent of those cases in 2017 and 2018,3 but only made up two (2) percent of cases in 2019.4  While that number has dropped significantly, it is predicted that the number of lawsuits filed will continue to increase, so the risk is still there.

In addition to the ADA concerns there are also several FDIC, NCUA, OCC, FRB, GLBA, FTC, and other regulations that apply to your website.  A few things to consider:

  • Does it advertise your lending rates?
  • Does it include disclosures about annual percentage rates (APR) or fees for opening accounts?
  • What about annual percentage yield (APY)?
  • Does it advertise mortgage lending?
  • How about non-deposit investment products (NDIPs)?
  • Does it offer loan calculators?
  • Does your institution allow online account opening?
  • Does it provide PDF forms?
  • What about links to other websites that are affiliates, subsidiaries or have no relationship with your institution?

If you can answer “yes” to even one of the questions above, then you should have a Web Compliance review done on your website.  While the legal ramifications for not doing them are murky, it’s a best practice to ensure you’re complying with all of the standards and regulations set forth by the industry.  There are several sites that offer checklists for conducting them yourself. 10-D Security also performs these assessments at a nominal fee. Good luck, and happy complying.

1 https://www.cdc.gov/ncbddd/disabilityandhealth/disability-inclusion.html

2 https://blog.usablenet.com/usablenet-releases-its-2019-ada-web-accessibility-and-app-lawsuit-report

3 https://blog.usablenet.com/2018-ada-web-accessibility-lawsuit-recap-report

4 https://info.usablenet.com/2019-ada-web-accessibility-lawsuit-recap-report

Past Weekly Security Tips – WST