Zero registrars pass ICANN audit
Some of the biggest names in the registrar game were among a bewildering 100% that failed an ICANN first-pass audit in the latest round of random compliance checks.
Of the 55 registrars picked to participate in the audit, a resounding 0 passed the initial audit, according to data released today.
Among them were recognizable names including Tucows, Register.com, 1&1, Google and Xin Net.
ICANN found 86% of the registrars had three or more “deficiencies” in their compliance with the 2013 Registrar Accreditation Agreement.
By far the most problematic area was compliance with sections 3.7.7.1 to 3.7.7.12 of the RAA, which specifies what terms registrars must put in their registration agreements and how they verify the contact details of their customers.
A full three quarters of audited registrars failed on that count, according to ICANN’s report (pdf).
More than half of tested registrars failed to live up to their commitments to respond to reports of abuse, where they’re obliged among other things to have a 24/7 contact number available.
There was one breach notice to a registrar as a result of the audit, but none of the failures were serious enough for ICANN to terminate the deficient registrar’s contract. Two registrars self-terminated during the process.
ICANN’s audit program is ongoing and operates in rounds.
In the current round, registrars were selected from those which either hadn’t had an audit in a couple of years, were found lacking in previous rounds, or had veered dangerously close to formal breach notices.
The round kicked off last September with requests for documents. The initial audit, which all registrars failed, was followed by a remediation phase from January to May.
Over the remediation phase, only one third of the registrars successfully resolved all the issues highlight by the audit. The remainder issued remediation plans and will be followed up on in future rounds.
The 0% pass rate is not unprecedented. It’s the same as the immediately prior audit (pdf), which ran from May to October 2016.
If you find this post or this blog useful or interestjng, please support Domain Incite, the independent source of news, analysis and opinion for the domain name industry and ICANN community.
Can we have a link to the audit report, which this article is based on? There is a link called “ICANN’s report (pdf).” but it refers to a document dated September 2016. Thanks.
That’s the correct report. The URL, you’ll notice, dates it as June 20, 2017. The September dating in the report itself refers to the date upon which the audit cycle commenced.