Quick Answer
Website accessibility for developers is best delivered by treating "ADA compliant" as a business label and anchoring your work to a testable WCAG target written into the SOW. Define the WCAG version/level, scope (templates/components/journeys), test methods, and "done" criteria, then ship an evidence pack (tests, known issues, sign-off) so you can defend what you built without inheriting the client's broader legal risk.
Key Takeaways
- Translate "ADA compliant" into a specific WCAG version/level, scoped deliverables, and testable acceptance criteria written into your SOW.
- Ship an evidence pack with scope, known limitations, WCAG-mapped test artifacts, and written client acceptance to keep sign-off clean.
- Bind your accessibility commitment to in-scope templates/components/journeys and to the time of delivery, not the client's entire web presence forever.
- Use hybrid verification (automated plus manual keyboard and screen reader checks) and map every finding to a WCAG Success Criterion.
- Protect yourself with contract rails like limitation of liability, indemnification, termination, governing law, jurisdiction, and dispute resolution.
Your client asked for "ADA compliant." Here's the contract-ready, audit-ready way to deliver accessibility without inheriting their legal risk.#
Here's the clean operator move. Do not argue about labels. Anchor the work to a standard you can actually build and verify, then lock scope and sign-off inside the Statement of Work (SOW).
Clients ask for "ADA compliant" because they want accessibility and they want coverage. You can deliver accessibility without pretending you control their entire legal exposure. Move the conversation from "compliance" (a legal outcome) to web accessibility requirements (a buildable, testable deliverable).
The U.S. Department of Justice notes that "existing technical standards provide helpful guidance" for website features, including WCAG and the Section 508 Standards (DOJ web guidance page dated March 18, 2022). That gives you a solid standard to reference as a developer. A standard, not a promise.
The freelancer-safe translation (what you write into the SOW)#
A Statement of Work (SOW) defines "project scope, deliverables, timelines, and responsibilities between parties." Use it as intended. Convert vague language into bounded, testable commitments:
| Client language | Developer translation (SOW-ready) | Why it protects you |
|---|---|---|
| "Make it ADA compliant." | "Implement accessibility to the WCAG level and version specified in this SOW, for the listed templates/pages and components, verified using the agreed test method and acceptance criteria." | Turns a broad ask into bounded deliverables and measurable checks. |
| "Make sure we won't get sued." | "Provide accessibility implementation services. Client retains responsibility for legal compliance determinations and ongoing content governance." | Separates engineering work from legal outcomes and ongoing operations. |
The evidence pack you ship (so acceptance stays clean)#
Ship a lightweight proof bundle alongside the release so everyone signs the same reality:
| Artifact | Included details |
|---|---|
| Scope list | pages, templates, components, platforms, and browsers you covered |
| Known limitations | third-party embeds, legacy PDFs, user-generated content, and anything the client owns after launch |
| Test artifacts | tool outputs plus manual checks tied to the WCAG success criteria you agreed to evaluate |
| Client acceptance | a written acceptance step in the SOW (date, approver, and what counts as "done") |
On the contract side, have baseline risk controls ready to drop in: Limitation of Liability (caps the amount of damages one party can recover from another), Indemnification (shifts risks or potential costs from one party to another), Termination (notice requirements, termination rights, and consequences of ending the contract), Governing Law (which state or country's laws apply), Jurisdiction (which court or legal system has authority), and Dispute Resolution (the process for dealing with disputes arising out of the agreement).
If you want a deeper dive, read Germany Freelance Visa: A Step-by-Step Application Guide.
What does "website accessibility" (and "ADA compliant website") actually mean for developers?#
Website accessibility means you build sites so people with disabilities can actually use them, not just view them. You now have a way to translate "ADA compliant" into SOW-ready acceptance criteria. Next, you need a technical definition you can build to, test, and explain to non-technical stakeholders without absorbing legal risk you cannot control.
The W3C's WAI framing is the safest mental model. Design and develop so people can perceive, understand, handle, and interact with the web. In practice, that means the experience still works across different ways people handle and consume content.
"ADA compliant website" vs. "WCAG compliance" (what you can promise)#
Clients often use "ADA compliant" as shorthand for "we don't want accessibility problems." Treat that as a legal label, not a technical specification.
One key detail you can say plainly: the ADA does not explicitly name WCAG (or any other technical standard). Meanwhile, the U.S. Department of Justice points to WCAG and the Section 508 Standards as helpful technical guidance for accessible website features. That's why WCAG works well as a build target even when the client keeps saying "ADA compliance."
Use this translation:
| Phrase you'll hear | What it usually means | What you can deliver safely |
|---|---|---|
| "ADA compliant website" | A legal outcome and risk concern | Accessibility implementation scoped to a WCAG conformance level, plus test evidence for the agreed scope |
| "WCAG compliance" | A technical conformance target | Work mapped to WCAG Success Criteria with defined test methods and acceptance |
Define the terms in kickoff (so scope stays real)#
Lock these definitions into your kickoff doc and SOW so you do not inherit unbounded legal risk:
- WCAG Success Criteria are the requirements within WCAG that teams test against. WCAG defines three conformance levels (Level A, AA, AAA), and each level has its own Success Criteria.
- ARIA (WAI-ARIA) is a W3C standard that defines a way to make web content and web applications more accessible, especially for dynamic content and advanced controls. Translate that into dev tasks: correct semantics first, ARIA only when needed, predictable focus order, and no keyboard traps.
- Accessibility is a team sport. Section 508 guidance explicitly emphasizes that developers work together with designers and content creators. Content creators also usually write better alt text because they know what the image needs to communicate.
- Accessibility statement is a public-facing page that states your commitment to accessibility. Include your commitment to accessibility, contact info for problems, any known limitations, and the environments you tested. If you're applying a specific accessibility standard, say what it is. This protects users and keeps expectations aligned.
Which WCAG version and level should you build to in 2026-and when does it become "legal"?#
For new builds in 2026, WCAG 2.2 Level AA is often a practical technical target-unless a client's written policy requires a different version/level. Put the exact version and level in the SOW. Once you define accessibility in developer terms, you still need a crisp decision that holds up when procurement, legal, or a VP asks, "So what exactly are we building to?"
WCAG 2.2 matters because it is current (W3C published it as a Recommendation on 5 October 2023) and it adds 9 additional success criteria over WCAG 2.1. If you want accessibility to be a repeatable service, you want a stable target that translates into acceptance criteria and test evidence.
Pick the level like an operator (risk, scope, proof)#
WCAG success criteria come in A, AA, AAA. Many client conversations land on AA because it creates a meaningful bar without turning the project into a research lab.
Treat AAA as a special case. WCAG itself warns you here: "It is not recommended that Level AAA conformance be required as a general policy for entire sites."
Two contract moves reduce legal risk immediately:
- Bind the commitment to in-scope deliverables. Example: "Marketing site templates and components listed in Exhibit A," not "the entire web presence."
- Bind the commitment to time of delivery. Example: "Conforms at handoff based on agreed test methods," not "forever," and not "for all future content updates."
When does it become "legal" (and what you should promise)#
Accessibility laws often focus on outcomes and duties, not a single WCAG version by name. Your job is to avoid promising global "legal compliance," and instead promise documented alignment to a chosen WCAG target.
| Regime (examples) | What "legal" tends to mean in practice | What to anchor in your SOW |
|---|---|---|
| US private sector (ADA, ADA Title III) | Litigation risk exists, but standards can stay fuzzy. A bar association summary notes DOJ "has refused to develop specific regulations that can be used to measure compliance" for business websites. | "Implement accessibility aligned to WCAG X.Y AA using defined test methods, with an accessibility statement and evidence." |
| US government / procurement (Section 508) | The Revised 508 Standards incorporate WCAG 2.0 Level AA success criteria by reference (see Section508.gov). | Match the procurement requirement, then document conformance. |
| US state and local government (ADA Title II) | DOJ picked WCAG 2.1 Level AA for Title II web and mobile apps (final rule published April 24, 2024). | If the client is a public entity, do not "upgrade" the standard casually. Mirror their requirement. |
| EU (European Accessibility Act, EAA) | The EAA "will come into effect on 28 June 2025," with scope depending on what the client sells and where. | Ask where they operate and what they provide. Then set a WCAG target and evidence package. |
| UK (Equality Act 2010) | GOV.UK frames a duty to make services accessible (public sector guidance): orgs "have to make changes... to make sure that services are accessible." | Promise WCAG alignment and remediation within scope, not a blanket legal conclusion. |
| Canada (Ontario, AODA) | Ontario's statute is the Accessibility for Ontarians with Disabilities Act, 2005. Requirements vary by jurisdiction. | Confirm jurisdiction, then set the standard and testing process. |
Safe operator rule: you are not selling "ADA compliance" everywhere. You are selling WCAG conformance work to an agreed target (for example, WCAG 2.2 AA when appropriate, or whatever version/level the client requires), plus test methods and documentation that a professional can defend.
The "5-Gate Accessibility Delivery System" (your mental model before tactics)#
Treat accessibility like compliance operations: gated, traceable, and defensible, not a vague "we'll try." Once you pick a WCAG target (based on the client's required version/level), you need a delivery model that keeps scope clean, verification repeatable, and the paper trail obvious.
Here's the operator mental model. Every gate produces an artifact you can point to later. If a gate stays vague, the project turns into infinite remediation and you end up "owning" the client's accessibility compliance posture forever.
The gates (what you decide, what you document)#
Gate 1: Scope (SOW). Define what you evaluate and what you do not. WCAG-EM (W3C's evaluation methodology) starts with "define the scope of your evaluation," and it includes selecting a representative sample when it's not feasible to evaluate every page.
| Gate | What you decide | What you document |
|---|---|---|
| Gate 1: Scope (SOW) | what you evaluate and what you do not | named templates, components, and critical journeys; third-party widgets, embedded iframes, client-authored CMS content, and anything that changes outside your release process (unless explicitly included) |
| Gate 2: Standard | WCAG version/level and assumptions | supported browsers, breakpoints, and assistive-tech expectations for testing |
| Gate 3: Verification | hybrid testing + mapping | WAVE plus other automated checkers as appropriate; keyboard-only pass, focus order, visible focus, and a screen reader smoke test; every finding maps to a WCAG Success Criterion |
| Gate 4: Sign-off | report + known-issues register | fixed, not fixed (out of scope), and deferred |
| Gate 5: Change control | maintenance triggers | explicit retest triggers in writing and schedule when testing occurs |
Put that into your Statement of Work (SOW) using nouns, not vibes:
- In scope: named templates, components, and critical journeys (checkout, signup, contact).
- Out of scope by default: third-party widgets, embedded iframes, client-authored CMS content, and anything that changes outside your release process (unless explicitly included).
Gate 2: Standard (WCAG target + interpretation rules). Specify the WCAG version/level you're targeting and write down your assumptions: supported browsers, breakpoints, and assistive-tech expectations for testing. WCAG says "success criteria are written as testable criteria for objectively determining" conformance, so your rules must make tests reproducible.
Gate 3: Verification (hybrid testing + mapping). WCAG says testing involves "a combination of automated testing and human evaluation." Use automation to scale and humans to validate behavior:
- Automated checks: WAVE (it can identify many WCAG errors and also "facilitates human evaluation," which makes it useful for guided review), plus other automated checkers as appropriate.
- Manual: keyboard-only pass, focus order, visible focus, and a screen reader smoke test.
- Every finding maps to a WCAG Success Criterion. No orphan "bug vibes."
Gate 4: Sign-off (report + known issues register). Deliver a conformance-style report in a consistent format (W3C provides a recommended report template for WCAG evaluations). Include a known-issues register that separates fixed, not fixed (out of scope), and deferred. This becomes your audit trail and stops scope creep from rewriting history.
Gate 5: Change control (maintenance triggers). Accessibility is maintained, not achieved once. Content or feature changes can invalidate prior results. Put explicit retest triggers in writing and schedule when testing occurs (Section508.gov frames this as planning when accessibility testing will happen). That way your work stays current instead of quietly expiring.
You might also find this useful: A Guide to the Isle of Man's 0% Corporate Tax Regime.
What should be in scope (and out of scope) for accessibility so you don't get stuck owning the whole internet?#
Scope accessibility around what you can control, ship, and retest, then put the boundary in writing so "accessibility compliance" doesn't turn into an unlimited obligation. With your gating model in mind, this section turns "Scope" into language you can defend when a client adds pages, plugins, or "one more flow" after launch.
Scope what you can actually test (templates, components, journeys)#
WCAG evaluations work best when you define a target you can fully evaluate. WCAG-EM scope includes "all web pages, web page states, and functionality" within that target. So pick units that stay stable: templates/components and critical user journeys, not "every URL that ever exists."
Practical default:
- List in-scope templates by name (Homepage, Product Detail, Checkout, Contact, Account, Blog Article).
- List in-scope components (Header/nav, modal, carousel, filters, form fields, error summary, pagination).
- List in-scope journeys (signup, checkout, password reset, contact submission), including key states (empty, error, success).
- Tie acceptance criteria to a named standard for those deliverables (for example, the WCAG version/level you and the client choose-e.g., WCAG 2.2 AA or WCAG 2.1 AA, as appropriate) and to WCAG Success Criteria (which are "testable criteria for objectively determining" conformance).
Exclude (or explicitly price) the landmines: third-party, content, and change#
Here is the uncomfortable truth you should say plainly: a page conforms only if all content on the page, including third-party content, meets all WCAG Success Criteria. Third-party libraries, plugins, and widgets can break conformance even when your code stays clean. WCAG also recognizes "partial conformance" when the page fails only because of content legitimately outside the author's control.
Use this to structure scope, not to argue.
| Area | Your default stance | How to write it into scope (operator style) |
|---|---|---|
| Third-party embeds (chat, booking tools, payment iframes, cookie banners) | You cannot remediate what you cannot change | Identify them, document constraints, and map any known issues to impacted WCAG Success Criteria. Offer replacement research as a separate line item (WCAG advises choosing third-party products that meet WCAG). |
| Client-generated content (CMS posts, uploads, PDFs) | Content authorship sits with the client | Make the client responsible for authoring and reviewing content. Offer training or a content QA retainer if they want coverage. |
| Post-launch edits | Accessibility can regress | State that conformance verification applies to the release you deliver. Put retesting and monitoring under change control. |
Boundaries for semantics and interaction (so nobody "forgets" who owns what): You are making the ownership line explicit, so nobody "discovers" it at launch.
- Dev owns: headings/landmarks, keyboard focus order, form labels, error handling, ARIA patterns where needed, screen reader support for implemented UI.
- Client owns: alt text and meaning (WAI notes the "text alternative needs to be determined by the author" based on context), captions/transcripts, final copy approvals, and any brand decisions like allowing contrast adjustments.
SOW paste block (hard boundary checklist):
- In-scope templates/components/journeys: [list].
- Standard: Conformance efforts performed against WCAG (version/level) for in-scope deliverables, verified via the agreed test plan.
- Third-party items present: [list]. Treated as third-party constraints where you can't control remediation; any related issues are documented as such.
- Client content responsibilities: alt text, media alternatives, copy approvals.
- Post-handoff: regressions from CMS edits/plugins/features sit outside this SOW unless covered by a maintenance agreement.
- Accessibility statement owner: Client (you can draft as an add-on).
How do you prove a site is accessible (without pretending automated tools equal compliance)?#
You do not "prove ADA compliance" with a tool score. You document reasonable WCAG conformance efforts with repeatable testing and artifacts mapped to WCAG Success Criteria. Once scope boundaries are in writing, your job shifts to verification. Show what you tested, how you tested it, what passed, and what remains a known constraint.
W3C puts the core truth plainly: "Testing the success criteria would involve a combination of automated testing and human evaluation." And separately: "no tool alone can determine if a site meets accessibility standards." Treat every automated report as a fast signal, not a certificate.
A baseline verification stack (what many teams run every release)#
Automated sweep (fast fail detection): Run automated web accessibility evaluation tools across the in-scope templates and key states (for example, WAVE). Use these tools to surface likely failures and create a baseline you can rerun after fixes. WAVE frames this correctly: it "identif[ies] many... WCAG errors, but also facilitates human evaluation."
| Verification step | What you do | Examples or checks |
|---|---|---|
| Automated sweep | Run automated web accessibility evaluation tools across the in-scope templates and key states | WAVE; surface likely failures and create a baseline you can rerun after fixes |
| Manual content + keyboard pass | Review the content, and walk the critical flows using only a keyboard | visible focus; a focus order that follows the intended reading/visual order; no keyboard traps; menus, dialogs, and form errors usable without a mouse |
| Screen reader spot check | Use a screen reader as part of manual testing, and document what you used in your report | VoiceOver + Safari on macOS, or NVDA + Firefox on Windows; accessible names and labels; headings and landmarks; key changes that are understandable when handling with a screen reader |
Manual content + keyboard pass (non-negotiable): Review the content, and walk the critical flows using only a keyboard. Check for things like:
- Visible focus on interactive elements.
- A focus order that follows the intended reading/visual order.
- No keyboard traps (especially in modals and menus).
- Menus, dialogs, and form errors that stay usable without a mouse.
Screen reader spot check (reality check): Use a screen reader as part of manual testing, and document what you used in your report (example: VoiceOver + Safari on macOS, or NVDA + Firefox on Windows). Validate things like:
- Accessible names and labels (buttons, inputs, links).
- Headings and landmarks for navigation.
- Key changes that are understandable when handling with a screen reader.
Deliverables clients can review (and you can point back to later)#
Give the client a clean packet:
| Deliverable | What it includes | Why it matters |
|---|---|---|
| WCAG-mapped checklist (by flow) | Login/signup/checkout/contact form checks mapped to WCAG Success Criteria | Turns "web accessibility" into testable acceptance criteria |
| Known-issues register | Issue, impacted WCAG SC, severity, owner (you/client/vendor), remediation decision, ETA | Makes constraints explicit instead of hidden |
| Optional accessibility statement draft | Client-owned public statement; you provide template plus technical notes and known constraints | Helps the business communicate status without you making legal promises |
Make it audit-ready by default. Store automated reports, manual test notes, issue tickets, and sign-off emails in one shared "accessibility conformance file." It will not guarantee outcomes, but it will keep your practice consistent and easy to retest.
Want a quick next step for "website accessibility for developers"? Try the SOW generator.
The contract playbook: clauses, acceptance criteria, and the exact language that keeps you out of court#
You reduce accessibility legal risk by translating "ADA compliant" into written, testable acceptance criteria (often anchored to WCAG), then tying sign-off to documented testing records. Once you have that documentation, your contract should make those artifacts the finish line, not a vague promise.
Section508.gov gives you the operational principle: when you write a Statement of Work (SOW), you should "clearly define your criteria." For accessibility work, that means you define (1) which standard you build to, (2) how you test, and (3) what "Done" means.
Convert "ADA compliant" into acceptance criteria you can actually deliver#
Use ADA language for the business, and WCAG language for the engineering. ADA.gov points to WCAG as a technical standard that provides guidance for web accessibility, so anchor your build and your tests there.
Here is contract-ready language you can adapt:
| Contract component | Example language you can use | What it protects |
|---|---|---|
| Standard + scope | "In-scope deliverables will be engineered to support the Web Content Accessibility Guidelines (WCAG) standard, as specified in this SOW (including any agreed version/level)." | Stops the "everything forever" interpretation of web accessibility |
| Test methods | "We will measure support using automated and manual testing, and (where applicable) user testing or simulations, and we will keep records of results." | Replaces opinions with a repeatable method |
| Definition of Done | "Done means: the agreed test plan is executed, issues are remediated per the priorities defined in this SOW, testing records are delivered, and Client sign-off is received." | Turns "ADA compliance" into a closeout checklist |
Operational note: sample accessibility contract language in the wild explicitly calls for keeping "records of any automated, manual, and user testing or simulations." That maps cleanly to the testing documentation you should be producing anyway.
Put risk where you have use: responsibilities, change control, and liability rails#
In many projects, you won't fully control all client-managed content or third-party components-so write that reality into the SOW.
- Client responsibilities: clearly define what the client owns (including content and third-party components), what they need to provide on time for testing, and what happens to schedule and acceptance if inputs or approvals slip.
- Change control: state that new pages, features, plugins, theme edits, or content changes may trigger re-testing, because changes can invalidate prior test results.
Then add baseline legal safety rails (run these by a lawyer in the governing jurisdiction):
- Limitation of Liability: LegalClarity defines a limitation of liability clause as a provision designed to cap recoverable damages. Use it so a fixed-fee build cannot create open-ended exposure.
- Indemnification: an indemnification clause makes a guarantee that one party will cover certain losses. Keep any indemnity aligned to what you actually control and are agreeing to deliver.
- Governing law (and, if included, venue/jurisdiction terms): governing law specifies which jurisdiction's laws apply to a contract. Pick it on purpose, especially for cross-border freelance developer work, so you avoid surprise legal friction.
Cross-border reality check: what changes by country/program, and how to confirm safely#
Accessibility obligations change by market and buyer type, so you stay safe by confirming the applicable policy in writing and scoping your delivery to an auditable standard. Once your contract defines "Done" as testable WCAG acceptance criteria, you need one more system. A repeatable way to handle cross-border work without guessing which law applies.

What actually changes (and why your client type matters)#
Think in two tracks: procurement-driven requirements (often explicit) vs general legal exposure (often interpreted through case law and regulator guidance).
Here are the high-signal regimes you will run into:
| Scenario | What tends to drive requirements | Practical impact on website accessibility for developers |
|---|---|---|
| U.S. federal agency (or vendor selling into one) | Revised Section 508 Standards. GSA states compliance is mandatory for federal agencies, and the standards include scoping and technical requirements for ICT accessibility and usability. W3C notes agencies get encouraged to use Revised 508 in procurement. | Expect procurement language that demands specific evidence. Plan to attach a test method and deliver an evidence pack. |
| U.S. private sector | ADA.gov says technical standards that provide guidance include WCAG and the Section 508 Standards. | Anchor engineering in WCAG Success Criteria, avoid "legal compliance" promises, and document verification. |
| EU-related work | The European Accessibility Act (EAA) "will come into effect on 28 June 2025" (AccessibleEU Centre). | Your client may ask for EAA-focused assurance. Treat that as a separate compliance review (specialist audit), not an implied outcome of a build. |
| UK public sector | UK guidance says public sector accessibility regulations build on obligations under the Equality Act 2010. | Plan for documented testing evidence and any required public-facing accessibility documentation the program asks for. |
| Ontario (AODA) | Ontario guidance: public websites and certain web content posted after January 1, 2012 must meet WCAG 2.0 Level AA success criteria (with exceptions). | Your WCAG target might need to match their policy language. Capture that in the SOW. |
Don't guess: install a "confirm locally" step (and ship procurement-friendly artifacts)#
Make this a standard step in your intake and SOW workflow:
- Ask, in writing: "Which policy or standard are you held to (procurement requirement, regulator guidance, internal accessibility policy)?"
- If they cannot answer, propose a default: engineer to WCAG Success Criteria for in-scope deliverables (version/level agreed in writing) (as a project standard, not a legal claim) plus an optional specialist audit tailored to their jurisdiction/program.
Then reduce friction (and protect yourself) with two artifacts:
- One-page "Accessibility Approach" appendix in the SOW: scope boundaries, target WCAG level/version, test methods (automated plus manual), and your evidence pack (test plan, results, known-issues register).
- Draft accessibility statement template for the client's legal/compliance team to approve. You provide structure and inputs, they own the legal positioning.
Finally, handle "client in one country, users in another" cleanly. Specify Governing Law and Jurisdiction for the contract, and offer an upgrade path (for example, a regional audit add-on) without implying the site becomes "compliant everywhere." If a client demands a guarantee of legal compliance, refuse the guarantee and sell what you can control: WCAG-aligned engineering plus documented verification.
The safe default: ship WCAG as a gated, documented service, not a vague promise#
Treat "ADA compliant" as a translation problem, not a promise you can safely guarantee. At this point you have the definitions, the test approach, and the scope boundaries. Now you turn it into an ops system: WCAG 2.2 AA (or WCAG 2.1 AA) + explicit scope + explicit tests + sign-off artifacts.
MDN frames WCAG as recommendations developed by W3C's WAI, and it notes WAI recommends using the most recent version (WCAG 2.2) to drive the best possible accessibility. ADA.gov also positions WCAG (and the Section 508 Standards) as existing technical standards that provide helpful guidance. That combination gives you a professional anchor without turning your SOW into a legal guarantee.
Your next-project implementation: the 5-Gate system (kickoff to sign-off)#
Put this directly into your kickoff doc and Statement of Work (SOW). The goal: every gate produces an artifact. No artifact, no progress, no ambiguity.
- Gate 1: Target + scope. Name WCAG 2.2 AA (or 2.1 AA) and list in-scope templates/components and key user flows. Map relevant WCAG Success Criteria to those flows.
- Gate 2: Test plan. Define manual and automated checks. Use an automated tool like WAVE, but remember WAVE explicitly says it "facilitates human evaluation," which matches how conformance actually works.
- Gate 3: Build + remediate. Track findings in an issues register, including severity, owner, and status.
- Gate 4: Verification. Re-test the scoped flows and document results. For Level AA conformance, W3C defines it as meeting all Level A and Level AA success criteria (or providing a Level AA conforming alternate version).
- Gate 5: Client sign-off. Require written acceptance plus a known-issues register (what remains, why, and who owns it).
Legal rails to insert (risk control, not legal theater):
| Clause | What you want (plain language) | Why it matters |
|---|---|---|
| Limitation of Liability | Cap your downside | Prevents a small project from becoming existential legal risk |
| Indemnification | Keep it narrow and mutual where possible | Stops you from inheriting third-party or client content liability |
| Termination | Clear exit and payment terms | Lets you stop work if scope explodes or access gets blocked |
| Governing Law / Jurisdiction / Dispute Resolution | Pick a forum and a process | Reduces cross-border chaos when disagreements happen |
Copy/paste freelancer checklist (ship this every time)#
- WCAG target named (2.1 AA or 2.2 AA) plus WCAG Success Criteria mapping for key flows
- In-scope templates/components listed; third-party tools listed as exclusions
- Test plan defined (keyboard + screen reader + automated) and automated tool(s) named (for example, WAVE)
- Acceptance/sign-off process written plus known-issues register included
- Contract includes: Limitation of Liability, Indemnification, Termination, Governing Law, Jurisdiction, Dispute Resolution
If you want accessibility work to run like an ops system, package it as a repeatable compliance pack: scoped, gated, and audit-ready, like a reconciliation pack finance teams expect. That posture keeps deals moving and keeps your risk contained.
Frequently Asked Questions
What does "ADA compliant website" mean for developers?
For a freelance developer, "ADA compliant" usually means the client wants web accessibility work that reduces legal risk, anchored to a testable standard. W3C defines web accessibility as designing and developing sites so people with disabilities can use them. In practice, you deliver WCAG-aligned engineering plus evidence, not a guarantee of legal compliance.
Which WCAG level should I commit to in a freelance contract: WCAG 2.1 AA or WCAG 2.2 AA?
Commit to a specific target in writing, and treat it as an engineering standard, not a legal promise. If the client has a policy (procurement, regulator guidance, internal standard), match that language. If they do not, commit to WCAG Level AA and choose the version explicitly (for example, WCAG 2.2 AA, published October 2023) for in-scope deliverables, with a documented test method and known-issues register.
Is WCAG legally required, or is it just a guideline?
You cannot safely claim the ADA requires a specific WCAG version for all private-sector websites. What you can say: ADA.gov states that existing technical standards that provide helpful guidance include WCAG and the Section 508 Standards (page dated March 18, 2022). So you use WCAG to define "done" because it stays auditable.
How can a developer prove a website is accessible (and what evidence should I keep)?
Prove process and results, not perfection. Keep an evidence pack: scoped success criteria list, test plan, automated scan outputs, manual testing notes, issues log, and the final verification summary. For conformance language, remember: Level AA conformance means meeting all Level A and Level AA success criteria (or providing a conforming alternate version).
Can I rely on automated testing tools like Lighthouse, axe, or WAVE for WCAG compliance?
Use tools, but do not outsource judgment to them. Automated tools alone cannot make a website fully WCAG compliant, and no single tool score proves ADA compliance. WAVE explicitly positions itself as identifying many WCAG errors while also facilitating human evaluation, which matches how you should sell accessibility work.
What should be excluded from accessibility scope (third-party widgets, CMS content, PDFs)?
Do not call these "legally out of scope." Make them contract-scoped. Exclude or caveat third-party widgets you cannot modify, client-authored CMS content after handoff, and PDFs or legacy documents unless you price remediation, provide templates, and define who owns ongoing governance.
Do I need an accessibility statement, and who should own it?
An accessibility statement often helps set expectations and reduce user frustration. W3C says statements should include at least a commitment to accessibility, and it's advisable to list known limitations. You can draft the template and provide technical inputs, but the client (or their legal/compliance owner) should approve and publish it.
Try a related tool
Researched and edited by the Gruv editorial team. Gruv builds cross-border billing, payouts, and finance-operations software for global businesses.
Sources
Educational content only. Not legal, tax, or financial advice.
Related Posts

Germany Freelance Visa Application Path for Freiberufler and Gewerbe
Choose your track before you collect documents. That first decision determines what your file needs to prove and which label should appear everywhere: `Freiberufler` for liberal-profession services, or `Selbständiger/Gewerbetreibender` for business and trade activity.

The Best Digital Nomad Cities in Southeast Asia
Pick the city that can support a normal workweek, not the one that looks best across a dozen tabs. If you want one practical answer from this Southeast Asia shortlist, use these three gates in order and drop any city that fails one.

When Isle of Man 0% Corporate Tax Is Defensible for Freelancers
Start with the hard rule: **0% is a filing conclusion, not a default.** The table includes a standard 0% rate for resident and non-resident companies, but you rely on that only after four gates pass: residence, PE exposure, income classification, and period alignment.

