Structuring a Registry-Registrar Hybrid Under New ICANN Rules
- by Staff
As the next round of new gTLDs approaches, one of the more complex strategic considerations for applicants is whether to operate both as a registry and a registrar. This registry-registrar hybrid model—often referred to in industry shorthand as vertical integration—offers potential advantages in terms of market control, branding, data insights, and user experience. However, it also carries intricate compliance obligations under ICANN’s evolving contractual framework. The structure, governance, and operational model of such a hybrid must be designed with precision to ensure regulatory alignment while maximizing the commercial and strategic benefits of controlling both the top-level and second-level domain layers.
Historically, ICANN imposed strict cross-ownership restrictions between registries and registrars, rooted in early internet governance concerns about anti-competitive behavior and market abuse. These restrictions were substantially relaxed during the 2012 new gTLD round, allowing registry operators to own or control ICANN-accredited registrars under certain conditions. Yet even with the formal policy barriers removed, implementing a compliant and efficient hybrid model requires careful navigation of the Registry Agreement (RA), Registrar Accreditation Agreement (RAA), and the ongoing enforcement environment surrounding vertical integration.
Under the current ICANN regime, a registry-operator applying for a new gTLD may also own and operate a registrar, provided it meets specific non-discrimination and equal access obligations. This means the hybrid entity cannot unfairly advantage its registrar arm over competing registrars in terms of access to registry services, pricing, or operational support. To meet this requirement, registry service systems—such as EPP interfaces, Whois/RDAP services, and DNS update cycles—must be available to all registrars on equivalent terms, with thorough documentation and auditability. This creates a scenario where the hybrid operator must function with operational firewalls and accountability structures that effectively separate its registry-facing and registrar-facing activities, at least in practice if not in legal entity.
Structuring this model typically involves creating distinct legal subsidiaries or business units under a shared parent company. The registry operator applies to ICANN for the new gTLD, completes the Pre-Delegation Testing (PDT), and executes the Registry Agreement. Simultaneously, or beforehand, the registrar arm obtains ICANN accreditation under the RAA and establishes its presence within the registrar ecosystem. Although both entities may share common ownership, they must maintain separate credentialing systems, support teams, and contractual processes to satisfy compliance audits and mitigate perceived or real conflicts of interest. In some jurisdictions, national competition laws may also require further separation or disclosures, especially if the operator is dominant in other sectors such as telecom or e-commerce.
From a technical operations perspective, one of the first challenges is ensuring the registry’s shared systems architecture does not prioritize its affiliated registrar. If the backend is outsourced to a third-party registry service provider, as is common, the operator must ensure that its agreement with that provider includes clauses ensuring fair and equal access across registrars. If the backend is developed in-house, this obligation becomes a matter of internal governance and external transparency. Logging, reporting, and incident response procedures must be demonstrably registrar-neutral, and interfaces must comply with the same Service Level Agreements (SLAs) and specifications defined in ICANN’s Base RA. The hybrid operator must also ensure that its registrar access policies and registry pricing do not result in undue advantage or foreclose competitive registrar participation.
Commercially, one of the strongest motivations for the hybrid model is the ability to streamline onboarding and support for end-users. Particularly in brand-owned or niche gTLDs, users may be best served by a vertically integrated model that allows registration, billing, DNS management, and value-added services to be delivered through a single interface. This model is especially powerful for dot-brand applicants, who may wish to control their internal namespace tightly and offer domains only to subsidiaries, affiliates, or customers. In such cases, the registrar entity may serve a limited and specialized population, but it must still comply with ICANN’s registrar obligations including data escrow, WHOIS/RDAP compliance, and abuse response protocols. Even in closed environments, the registrar must maintain a valid accreditation and participate in ICANN’s registrar ecosystem as a bona fide actor.
Policy changes under discussion in the lead-up to the next gTLD round may further shape how registry-registrar hybrids operate. ICANN’s community continues to debate improvements to DNS abuse mitigation, data protection obligations, and the operational transparency of vertically integrated registries. Proposed changes could introduce more rigorous audit mechanisms or increase the visibility of pricing structures and registrar relationships. Hybrid operators should expect a higher degree of scrutiny and be prepared to demonstrate compliance not only during onboarding but throughout the lifecycle of the TLD. In some cases, ICANN Contractual Compliance may require detailed documentation of internal structures and procedures separating registry and registrar operations.
Governance strategy is therefore central to structuring a compliant hybrid. Boards or executive committees must be designed to avoid conflicts of interest, with clearly delineated oversight responsibilities between the registry and registrar arms. Internal compliance officers may need to be appointed to ensure ongoing monitoring of regulatory obligations, and training programs should be instituted to ensure that all staff understand the distinctions and obligations associated with their role. In some cases, hybrid models may benefit from third-party compliance audits or external legal review to validate their separation mechanisms.
Looking forward, the hybrid registry-registrar model is likely to expand as more digital-native brands, cloud service providers, and community organizations seek to manage their own namespaces in the next round. These entities are often uniquely positioned to benefit from vertical integration, offering integrated user experiences and leveraging first-party data responsibly under their own domains. For them, structuring a registry-registrar hybrid is not merely about compliance—it is about building a platform that supports secure identity, branded communication, and controlled digital interactions in an increasingly fragmented internet.
The key to success lies in detailed planning, informed governance, and operational discipline. Whether applicants aim to use their TLDs for global outreach, community coordination, or internal branding, those who approach the hybrid model with a clear understanding of ICANN’s rules—and with infrastructure designed to support transparency and neutrality—will be best positioned to thrive in the next era of domain innovation.
As the next round of new gTLDs approaches, one of the more complex strategic considerations for applicants is whether to operate both as a registry and a registrar. This registry-registrar hybrid model—often referred to in industry shorthand as vertical integration—offers potential advantages in terms of market control, branding, data insights, and user experience. However, it…