ICANN releases January 2026 audit report on gTLD registry compliance
ICANN has published the results of its latest audit of generic top-level domain registries, reviewing how operators comply with contractual and policy obligations, including newer rules on addressing DNS abuse.
The Internet Corporation for Assigned Names and Numbers has released its January 2026 Contractual Compliance gTLD Registry Audit Report, summarising the findings of a year-long review of registry operators. The audit examined whether selected registries are meeting the requirements set out in the Base Registry Agreement and related ICANN policies.
The audit covered 21 generic top-level domains and ran from October 2024 to October 2025. It was designed to reflect changes introduced in April 2024, when new obligations related to Domain Name System abuse mitigation came into force. These rules require registries to take timely action against certain forms of abuse and to provide clear public channels for reporting abuse.
To carry out the review, ICANN assessed documentation submitted by registry operators, examined registry websites, reviewed correspondence, and analysed information from approved data escrow providers. In total, more than 1,800 documents from 14 countries and territories were reviewed, spanning six languages. This made the audit one of the first comprehensive checks of how the updated DNS abuse rules are being implemented in practice.
Nine of the 21 audited registry operators were found to have at least one unresolved compliance issue at the close of the audit period. Most of these issues related to the handling of reserved domain names or inaccuracies in Internationalized Domain Name tables. ICANN noted that some operators have already resolved these issues, while others have submitted plans with clear deadlines for remediation. Follow-up by ICANN Contractual Compliance is ongoing.
The report also includes practical recommendations aimed at improving future audits. These focus on encouraging registries to carry out internal checks before audits begin, to communicate clearly during the process, and to engage early with ICANN when questions arise. Overall, the report provides a snapshot of how registry-level obligations, particularly around DNS abuse, are being applied following recent contractual changes.
