Contractual Compliance

The Office of Contractual Compliance is an ICANN department charged with gathering information from and enforcing the contractual compliance of registries and registrars through complaint-driven informal and formal resolution processes, ICANN-initiated monitoring, and random auditing.

Complaints

Complaints commonly handled by this office include unauthorized domain name transfers or unsuccessful transfer requests; registry violations, such as providing more favorable treatment to some registrars; renewal reminders, fees, or redemption issues; and incorrect WHOIS data or access issues.^[1]

Monitoring

Auditing

The Audit Program is a continuous, ongoing activity that follows a recurring cycle. Each audit round consists of six phases:^[2]

Planning Phase: ICANN plans the audit scope and timeline.
Request for Information Phase: ICANN issues a notice of audit to the selected contracted parties, who must compile information and respond to the audit request.
Audit Phase: ICANN reviews, tests, and validates the responses to ensure compliance with the contractual obligations.
Initial Report Phase: ICANN issues a confidential initial audit report to each auditee containing the initial findings and allowing the contracted party to address the findings or provide clarity.
Remediation Phase: ICANN collaborates with the auditees to remediate issues.
Final Report Phase: ICANN issues a confidential final audit report to each auditee. ICANN also summarizes the audit round in an overall audit report

DNS Abuse

On 6 November 2018, ICANN Contractual Compliance (Compliance) launched a Registry Operator Audit for Addressing DNS Security Threats^[3]

[1] Contractual Compliance Complaints

[2] Audit Phases, ICANN

[3] CC Audit of DNS Security Threats, ICANN Announcements

[1]

[2]

[3]