How does Nominet monitor compliance?
It is in the interests of Nominet and registrars that our shared customer - the registrant - receives fair and equitable treatment regardless of where they register their UK namespace domain. We want to attract and retain customers in the UK namespace and ensure that best practice is being followed throughout our registrar community.
The Nominet registrar compliance programme is designed to ensure that all registrars are meeting their obligations, as set out in the Registry-Registrar Agreement (RRA) and other policies that affect the registration and management of domain names in the UK namespace.
The compliance programme consists of:
- Routine Registrar Reviews - generally undertaken on an annual basis
- Ad hoc Registrar Reviews – undertaken as a result of Nominet becoming aware of an issue that requires investigation
All registrars, regardless of tag type, can expect a Registrar Review once a year.
Registrar Reviews are undertaken by our Compliance team and consist of three phases:
- Notification: the registrar to be reviewed will receive two week’s notice that they have been scheduled for a Registrar Review.
- Registrar Review: a Registrar Review will be conducted using a standard evaluation tool and criteria. This usually takes between two to four weeks to complete.
- Report: at the end of the review period, a report will be shared with the registrar and a discussion will take place regarding the findings.
- If no issues are identified, then the report will be finalised and the evaluation closed.
- If issues are identified, an improvement plan will be developed in conjunction with the registrar following a discussion of the issues and potential remedies. It is Nominet’s intention to have a two-way conversation during this period to assist the registrar in meeting their contractual obligations as quickly as possible. Follow-up with the registrar will continue until all issues are addressed, at which time the review will be closed.
What is being evaluated in a Registrar Review?
The following provides a high-level overview of some of the areas that could be covered during a review. It is important to note that this list is not meant to indicate all areas covered in a review but to provide a sense of the type of things we will cover when conducting a review.
Key areas that are assessed as part of a Registrar Review are:
- Is the registrar complying with the terms set out in the RRA?
- Does the registrar meet the UK namespace Data Quality Policy requirements?
- Does the registrar respond to customer enquiries within the designated timeframes?
- Does the registrar effectively communicate their obligations to their customers?
- Has the registrar published all the necessary information on their website?
- Has the registrar's use of Nominet sysems and services been in line with the Acceptable Use Policies?
During a review we will sample the quality of the registrant information that you provide and will test that key elements such as your data validation processes are robust and working effectively.
Who will conduct the Registrar Reviews?
Nominet’s in-house Compliance team will contact the selected registrars and conduct the review process. Reviews are conducted remotely.
When can I expect to have a Registrar Review conducted?
It is our intention to conduct a review for all registrars annually, and we will give every registrar two weeks advance notice of their review slot.
How can I provide Nominet with feedback on the programme?
We encourage you to provide us with feedback on this programme and ask that you provide your suggestions by email to firstname.lastname@example.org, or by telephone on 01865 332450.
Should the Compliance team identify areas where a registrar does not meet the requirements set out in the RRA, they will work closely with the registrar to develop an improvement plan. This will set out any changes that the registrar needs to make to their systems or business processes and the timescale within which this work must be completed.
Where a registrar is unable to make the necessary changes, or chooses not to make the necessary changes, the Compliance team will look to apply sanctions proportionate to the breach of contract that they have identified.
For example, they may restrict access to certain services or reduce the amount of credit available to a registrar. Such sanctions may be lifted once appropriate corrective action has been demonstrated by the registrar.
Where a registrar consistently breaches terms or has a serious breach of the agreement, the registrar’s tag(s) may be suspended or withdrawn.
If we impose one or more of the sanctions set out in the RRA, registrars can appeal that decision to our Head of Compliance. Such appeals must be received within 10 days of the sanction being applied. When we receive your complaint we will acknowledge it within two working days. We will then fully investigate your complaint and aim to respond within 10 working days. If the situation requires a longer investigation, we will contact you within 10 working days to inform you of this and let you know when you can expect our response.
During an appeal, the Head of Compliance may suspend the sanction or place reduced or increased restrictions on your tag. This will be clearly communicated to you by the Head of Compliance.
If we suspend or end your Contract then you can appeal within 10 days of us notifying you of our decision. Appeals will be referred to an independent adjudicator appointed by the Centre for Effective Dispute Resolution (CEDR) using the ‘CEDR Solve Rules for Commercial Adjudication’.