ICANN Releases January 2026 gTLD Registry Audit Report: Key Compliance and DNS Abuse Findings

The Internet Corporation for Assigned Names and Numbers (ICANN) has published its January 2026 Contractual Compliance gTLD Registry Audit Report, outlining the results of its most recent review of generic top-level domain (gTLD) registry operators. This report represents the first full audit cycle reflecting the 2024 amendments to the Base Registry Agreement (RA), which introduced expanded and more explicit requirements related to Domain Name System (DNS) Abuse mitigation.

The audit was conducted between October 2024 and October 2025 and was designed to assess registry operators’ adherence to contractual obligations and applicable ICANN policies. Particular attention was given to how registries implement and document DNS Abuse detection and mitigation processes. The review covered documentation submitted by registry operators, publicly available information on registry websites, correspondence with ICANN Contractual Compliance, and data provided by ICANN-approved escrow agents. In total, more than 1,800 documents were reviewed from registry operators operating in 14 countries and territories and working in six different languages.

Expanded Scope and Audit Methodology

This audit cycle was notable for its expanded scope, as it was the first to fully evaluate compliance with all RA obligations following the April 2024 updates related to DNS Abuse. A total of 21 gTLD registry operators were selected for audit using a data-driven methodology intended to reflect relevance to the updated requirements. The assessment went beyond surface-level policy checks and examined how registries operationalize abuse monitoring, including the use of periodic technical analysis tools and the availability of public abuse reporting mechanisms.

Under the updated RA, registry operators are required not only to identify DNS Abuse but also to take documented, timely, and appropriate mitigation actions. The audit therefore focused on both procedural readiness and real-world execution. ICANN Contractual Compliance incorporated additional testing steps and follow-up requests to better understand how consistently these obligations are implemented across different registry environments.

Key Findings and Compliance Outcomes

Out of the 21 audited registry operators, nine were found to have at least one unresolved instance of noncompliance at the conclusion of the audit period. The most frequently identified issues related to the handling of reserved names and inaccuracies within Internationalized Domain Name (IDN) tables. These areas are considered critical, as they directly affect the integrity and predictability of delegated namespaces.

ICANN noted that several registry operators have already completed corrective actions to address identified deficiencies, while others have submitted remediation plans with defined timelines. The findings indicate that even experienced registry operators can encounter challenges when implementing newer or more detailed contractual requirements, particularly those introduced through recent amendments to the RA.

Observations and Forward-Looking Guidance

In addition to documenting compliance findings, the report includes observations aimed at improving future audit effectiveness. ICANN encourages registry operators to perform regular internal self-assessments, maintain thorough and up-to-date documentation, and communicate proactively with Contractual Compliance throughout audit cycles. Early engagement is highlighted as a practical way to reduce misunderstandings and prevent minor issues from escalating into formal findings.

Overall, the January 2026 audit report reinforces ICANN’s emphasis on transparency, accountability, and consistent enforcement of community-developed requirements. Through recurring audits and structured follow-up, ICANN aims to ensure that registry operators not only meet their contractual obligations on paper, but also apply them in daily operations to support the security, stability, and resilience of the DNS.