How to Choose an ADA Compliance Partner for Your Agency
Giriprasad Patil·· 7 min read·Comparison & Strategy
When a law firm sends a demand letter to your client over ADA violations, the question that follows is almost always the same: "But we paid for an accessibility audit." The audit's existence is not the question. What the audit actually checked — and what it couldn't see — is what determines whether it provides any legal protection at all.
**Choosing an ADA compliance partner is not a procurement exercise — it is a risk management decision.** The agency or tool you select shapes what violations get found, what gets fixed, and whether a future lawsuit can be defended. With 4,800+ ADA web accessibility lawsuits filed in 2025 — a 37% year-over-year increase according to UsableNet — and the European Accessibility Act now in enforcement since June 28, 2025, the stakes for getting this selection right have never been higher.
## Why Most "Accessibility Audits" Fall Short
The accessibility industry has a compliance theater problem. Many agencies offer "ADA audits" that amount to running axe-core or a similar open-source engine against the public-facing homepage, exporting the results to a PDF, and billing for a remediation plan. This produces a deliverable. It does not produce compliance.
The critical gaps in this approach:
**The scan ran against HTML source, not the rendered DOM.** Dynamic components — cart drawers, modals, pop-ups, AJAX-loaded product grids — are invisible to scanners that read the page source rather than executing JavaScript and checking the live DOM state.
**Authenticated pages were never checked.** Account dashboards, checkout flows, logged-in product pages, and subscription portals are the most legally risky pages on any e-commerce site. Standard scanners cannot access them. If the audit only covered public pages, it missed the parts of the site where most user interaction — and most legal risk — lives.
**The audit was a snapshot, not a posture.** A site that passes an audit in January does not stay compliant. Every theme update, app addition, and content change can introduce new violations. An audit without ongoing monitoring is a receipt for what was fixed once, not evidence of continued compliance.
## Six Criteria for Evaluating an ADA Compliance Partner
These criteria separate partners who deliver actual compliance from those who deliver documentation that looks like compliance.
| Criterion | What to Ask | Red Flag |
|---|---|---|
| **Scanning methodology** | Does your scanner render JavaScript and test the live DOM? | "We use axe-core" (without specifying DOM rendering) |
| **Authenticated coverage** | Can you test password-protected pages, checkout flows, and logged-in states? | "We test publicly accessible pages" |
| **WCAG version** | Which WCAG version do you test against — 2.1 or 2.2? | Offering 2.0 only in 2026 |
| **Ongoing monitoring** | Do you provide continuous monitoring or a one-time audit? | Audit-only with no monitoring option |
| **Remediation specificity** | Do reports include WCAG criterion numbers, element selectors, and fix priority? | Generic findings without actionable detail |
| **Overlay stance** | What is your position on accessibility overlays as a compliance solution? | Recommending overlays as a primary fix |
This last point deserves attention. Accessibility overlay vendors — services that inject JavaScript widgets claiming to "auto-fix" accessibility violations — have been named in dozens of ADA lawsuits as the compliance solution a business relied upon before being sued. The National Federation of the Blind, the American Council of the Blind, and the Disability Rights Advocates organization have all published statements that overlays do not achieve WCAG conformance and may actually worsen the experience for assistive technology users. A compliance partner who recommends overlays as a solution is not providing compliance — they are providing liability transfer.
## What Authenticated Scanning Actually Requires
The ADA's reach does not stop at the login wall. Courts have consistently held that inaccessible members-only portals, checkout flows, and account management pages violate Title III of the ADA for businesses open to the public. The DOJ's 2023 rulemaking under Title II explicitly references that covered entities must ensure accessibility of "all content and functionality."
A real compliance partner must be able to test:
- **Checkout flows** — form labels, error announcements, button accessible names, focus management between steps
- **Login and account registration** — password field labeling, error identification, session timeout handling
- **Subscription and membership portals** — if the user must be logged in to use the product, those pages must be tested
- **Post-authentication product pages** — personalized content, saved items, recommendation carousels loaded after login
Testing these pages requires either authenticated scanning — where the scanner logs in using stored credentials before running checks — or dedicated manual testing of authenticated flows. Neither is possible with a standard public-page scan.
ADAGuard's authenticated scanning capability navigates the login process using Playwright-based automation, capturing the full session state and then running its 23-module check suite against the authenticated page state. This means violations inside checkout flows, account dashboards, and gated product areas appear in the same structured report as public-page findings.
## What the Remediation Report Should Look Like
An audit report that does not support fix prioritization is not useful. The deliverable should include, for every finding:
- The specific WCAG criterion number (e.g., "1.3.1 Info and Relationships")
- The affected element with a CSS selector or DOM path
- The severity rating (critical, warning, informational)
- The fix category: platform configuration vs. theme code vs. third-party app
- The WCAG level (A or AA) for prioritization
The fix category distinction matters practically. Some violations are fixed by changing a platform setting — Shopify's accessibility options, WooCommerce's label configuration. Others require a code change in the theme. Others require opening a support ticket with a third-party app vendor and citing the specific WCAG criterion number. A good compliance partner will tell you which category each finding falls into so you can route it to the right team.
## The Monitoring Requirement
A single audit provides legal evidence of one thing: your site was reviewed on a specific date. It does not provide evidence that you maintain compliance, respond to new violations, or have a continuous improvement process.
Courts, in evaluating ADA accessibility claims, look at whether a defendant had a good-faith compliance program — not just whether they had an audit receipt. Good faith requires:
- Documented accessibility policy
- Regular scanning cadence (monthly minimum for active e-commerce sites)
- A remediation process for newly discovered violations
- Evidence of monitoring and response over time
This is why monthly automated monitoring is not optional for businesses operating under ADA litigation risk. A compliance partner who provides only audit-and-fix — with no ongoing monitoring offering — is not equipped to support a defensible compliance program.
## Using ADAGuard as the Scanning Backbone of Your Agency Practice
For agencies building accessibility service offerings, ADAGuard provides the technical layer that turns audit capacity into a scalable practice. The scanner runs against the live DOM, covers 50+ checks across 22 custom categories plus axe-core, and produces structured reports with WCAG criterion references and fix-effort ratings.
The free tier allows scanning any public URL instantly without signup — useful for prospecting conversations where showing a client their actual violation count before the engagement starts. Paid tiers support authenticated scanning, scheduled monitoring, multi-page crawls, and report exports.
The 97% cost difference versus enterprise tools like Siteimprove ($1,548/year vs. $28,000/year) makes ADAGuard viable as the scanning engine behind agency retainer models that would be economically impossible with enterprise tooling at per-client pricing.
## The 30-Second Fix
Before committing to any compliance partner or auditing tool, run a scan of your own (or your client's) site at [adaguard.io](https://www.adaguard.io) — free, no signup, results in under a minute. Compare the findings against any existing audit report. The delta between what ADAGuard finds in the live DOM and what a prior audit reported is exactly the gap your current program is not covering.
That gap is the legal exposure your compliance posture does not address.
