WCAG, ADA & SOC II Compliance

Compliance work on the B2B rebates platform wasn’t a parallel initiative or a checkbox exercise, it was inseparable from the platform’s credibility as a system of record for financially material incentive programs.

As the platform scaled across enterprise customers and partner networks, expectations around accessibility, data handling, and operational controls increased. Meeting those expectations required product-level decisions, not just technical remediation.

Context and Scale

The rebates platform was used by a diverse set of internal and external users, including finance teams, sales operations, and partner organizations operating in regulated enterprise environments.

Because the platform handled sensitive commercial data, financial calculations, and partner-facing workflows, it was subject to scrutiny not only from customers, but also from auditors, procurement teams, and legal stakeholders. Accessibility and security controls were increasingly prerequisites for adoption, renewal, and expansion.

Compliance gaps here didn’t just create risk they blocked growth.

The Problem

The platform had grown functionally faster than its compliance posture.

Accessibility standards were not consistently enforced across workflows, creating barriers for some users and increasing legal exposure. At the same time, enterprise customers required stronger assurances around data handling, access controls, and auditability, particularly for rebate calculations tied to financial reporting.

The challenge was improving compliance without destabilizing a live, revenue-impacting platform or slowing down delivery to the point where the product lost momentum.

My Role

I was responsible for treating compliance as a product requirement, not an afterthought.

That meant prioritizing WCAG and ADA alignment across critical user journeys, working with design and engineering teams to remediate accessibility gaps in a structured way rather than through isolated fixes. I focused on ensuring that compliance improvements were baked into shared components and workflows so they scaled with the product.

For SOC II, I worked closely with security, engineering, and operations teams to align product behavior with required controls around access, change management, and data integrity. This involved clarifying ownership boundaries, documenting system behavior, and making product decisions that supported auditability without introducing unnecessary friction for users.

Decisions

One key decision was sequencing. Rather than attempting to remediate everything at once, compliance work was prioritized around the most business-critical workflows

• Claim submission,
• Rebate calculation,
• Approvals,
• Reporting

where risk and exposure were highest.

Another was embedding compliance checks into ongoing delivery. Accessibility and control requirements were incorporated into definition-of-done criteria, reducing the likelihood of regressions and preventing compliance from becoming a recurring clean-up exercise.

There were also tradeoffs around speed versus rigor. In some cases, delivery timelines were adjusted to ensure compliance improvements were implemented correctly rather than quickly, especially where remediation would be difficult to undo later.

Risks 

Compliance initiatives can fail quietly.

Superficial fixes may pass initial checks but break under real usage. Overly rigid controls can degrade user experience and slow adoption. Poorly scoped changes can introduce regressions into critical financial workflows.

Managing these risks required balancing legal and audit expectations with usability and operational reality — and being clear about what “compliant” actually meant in practice.

Go-To-Market

The go-to-market approach positioned compliance improvements as enablers of enterprise adoption and expansion, not as internal hygiene work.

Rather than marketing compliance as a feature, improvements were aligned with procurement and security review requirements, removing blockers during customer onboarding and renewal cycles. Accessibility enhancements expanded the platform’s usability across a broader user base, while SOC II alignment increased confidence among enterprise buyers evaluating the platform as a long-term system of record.

Internally, compliance milestones were used to unlock new sales conversations and reduce friction in deal cycles, directly supporting revenue continuity and growth.

Outcomes

The platform achieved stronger alignment with accessibility and security expectations without disrupting core rebate workflows. Accessibility improvements reduced usability barriers across key journeys, while SOC II controls increased confidence among enterprise customers and internal stakeholders.

Most importantly, compliance shifted from being a reactive obligation to a proactive capability that supported adoption, retention, and enterprise trust.