It’s a loss from the business’ perspective. They could support 2FA with SMS and check a box; to additionally support it with TOTP would only be additional cost -- albeit with the bonus of “doing it right”. Unfortunately, that’s an abstraction which a lot of businesses consider to be achieved when they can check the box.
