Module 6 Applicant Evaluation Procedures

Evaluating applicants for new gTLDs is vital for safeguarding end-users and organizations dependent on these domains. New gTLD Program applicant evaluation procedures confirm that prospective registry operators possess the necessary financial, operational, and technical capabilities to uphold this infrastructure and comply with ICANN policies.

Module 6 outlines the comprehensive assessment process, which includes:

• Conducting applicant background screenings.

• Reviewing financial statements and operational practices.

• Examining registry service provisions.

• Evaluating security policies and abuse mitigation strategies.

By thoroughly vetting potential registry operators, ICANN aims to maintain the integrity and reliability of the domain name ecosystem. This process supports ICANN’s mission to maintain a secure, stable, and interoperable Internet.

6.1 Background Screening

ICANN has designed the New gTLD Program: 2026 Round to prioritize registrant protections. Beyond the features of the gTLD Base Registry Agreement and the implementation of data and financial escrow mechanisms, background screening serves as a crucial tool in safeguarding registrants. This process ensures only established legal entities, organizations, or institutions (for example, corporations) in good standing are eligible to apply for a new gTLD.

Background screening is in place to protect the public interest in the allocation of critical Internet resources. ICANN reserves the right to deny an otherwise qualified application based on findings from the background screening process.

6.1.1 Background Screening Procedures

6.1.1.1 Application Information

The application requires applicants to furnish details regarding the legal establishment of the applying entity,¹ along with the identification of its directors, officers, partners, and major shareholders,² as well as the ultimate parent or individuals with control of the applicant. The names and positions of individuals included in the application will be published as part of the application; other information collected about the individuals will not be published.³ Any information shared as part of the background screening process and related to the criteria listed in Section 6.1.2 Background Screening Criteria below will not be disclosed publicly by ICANN.

6.1.1.2 Publicly Traded Corporations

Publicly traded corporations that are listed and in good standing on any of the world’s largest 25 stock exchanges (as determined by the World Federation of Exchanges) may be subject to a more limited background screening process (see Section 6.1.2 Background Screening Criteria). The top 25 exchanges are identified based on domestic market capitalization reported at the end of the most recent year prior to launching the round.⁴

Before being listed on an exchange, an entity must undergo significant due diligence including an investigation by the exchange, regulators, and investment banks. As a publicly listed corporation, the entity is continuously scrutinized by shareholders, analysts, regulators, and exchanges. These requirements are expected to meet or exceed the eligibility criteria as described in Section 6.1.2 Background Screening Criteria.

6.1.1.3 Background Screening Inquiry

ICANN will submit identifying information for the applicant (that is, entity, officers, directors, and major shareholders) to an international background screening service. The service providers will use the criteria listed in Section 6.1.2 Background Screening Criteria and return results that match these criteria.

The inquiry is based on the applicant Organization information provided⁵ during the application pre-submission phase (creating the Organizational Account Record, which includes information such as, for example, applicant information, primary and secondary contact information, and proof of legal establishment). An applicant is responsible for ensuring that its inclusion of any personal data from individuals or data from entities in the application complies with local laws and regulations. This may include obtaining consent from individuals or entering into specific agreements with legal entities. If requested by ICANN, applicants must demonstrate to ICANN or ICANN's background screening vendor that the data of entities or individuals named in the Organizational Account Record, concerning background screening activities, is shared in compliance with local laws and regulations, which may include providing consents from individuals. See Question Set 4 Applying Entity Background and Organization in Appendix 1 Application Questions for questions related to Organizational Account Record.

6.1.1.4 Timing of Background Screening

Background screening will generally be conducted for all applicants as part of applicant evaluation. If there is a change in the application that requires additional or repeat background screening (for example, a change⁶ in applying entity or change to major shareholders, officers, or directors of the applying entity), then this additional background screening on any changes or new information will occur during the contracting process (see Section 1.2.15 Contracting).

6.1.2 Background Screening Criteria

Background screening will be conducted at both the organizational and individual levels to confirm eligibility and assess risk. Information may vary based on the accessibility of data and local data protection laws. ICANN may take into account information received from any source if it is relevant to the criteria listed below and in compliance with local data protection laws, such as comments received via the Application Comment Forum (see Section 4.1 Application Comments).

ICANN, in compliance with local laws and regulations, will perform background screening to ensure the applicant meets the New gTLD Program Eligibility Criteria described in Section 6.1.2.1. The eligibility criteria are aligned with the “crimes of trust” standard sometimes used in the banking and finance industry. ICANN reserves the right to reject an application, even if the applicant is otherwise qualified, based on information uncovered during the background screening process.

In the absence of exceptional circumstances, applications from an entity that includes individuals who do not meet the eligibility criteria listed below will be disqualified from the Program.

6.1.2.1 New gTLD Program Eligibility Criteria

1. Applicant and individuals named within the Organizational Account Record must be in good corporate standing under their applicable laws and regulations.

2. Applicant and individuals named within the Organizational Account Record must confirm that they are free and absent of:

   1. Convictions of any crime related to financial or corporate governance activities, or judgments by a court to have committed fraud or breach of fiduciary duty, or subject of a judicial determination that is the substantive equivalent of any of these within the last ten years.

   2. Disciplinary actions by any government or industry regulatory body for conduct involving dishonesty or misuse of funds of others within the last ten years.

   3. Convictions of any willful tax-related fraud or willful evasion of tax liabilities within the last ten years.

   4. Convictions of perjury, forswearing, failing to cooperate with a law enforcement investigation, or making false statements to a law enforcement agency or representative within the last ten years.

   5. Convictions of any crime involving the use of computers, telephony systems, telecommunications or the Internet to facilitate the commission of crimes.

   6. Convictions of any crime involving the use of a weapon, force, or the threat of force.

   7. Convictions of any violent or sexual offense victimizing children, the elderly, or individuals with disabilities.

   8. Convictions within the last ten years of the illegal sale, manufacture, or distribution of pharmaceutical drugs, or a conviction or successful extradition for any offense described in Article 3 of the United Nations Convention Against Illicit Traffic in Narcotic Drugs and Psychotropic Substances of 1988.

Note: A past conviction for an offense that is no longer a criminal offense in the jurisdiction at the time of application shall not be considered.

9. Convictions or been successfully extradited for any offense described in the United Nations Convention against Transnational Organized Crime (all Protocols).

10. Convictions of aiding, abetting, facilitating, enabling, conspiring to commit, any of the listed crimes above.

11. Entrance of a guilty plea as part of a plea agreement or having a court case in any jurisdiction with a disposition of Adjudicated Guilty or Adjudication Withheld (or regional equivalents) within the respective time frames listed above for any of the listed crimes.

12. Systematic or repetitive engagement in cybersquatting, as defined in the Uniform Domain Name Dispute Resolution Policy (UDRP), Anti-cybersquatting Consumer Protection Act (ACPA), or other equivalent legislation, or was engaged in reverse domain name hijacking under the UDRP or bad faith or reckless disregard under the ACPA or equivalent legislation. Three or more such decisions with one occurring in the last four years will generally be considered to constitute a systematic or repetitive engagement in cybersquatting.

6.1.2.2 Applicant Onboarding Questions

An applicant must answer the following questions concerning the eligibility criteria, ensuring that all information provided complies with applicable laws and regulations:

1. Confirm to have read and understood the eligibility criteria and declare that neither the applicant nor any individuals named within the Organizational Account Record are subject to any of the above criteria that could impede eligibility.

2. Confirm that neither the applicant nor any of the individuals or entities named within the Organizational Account, whether in their current capacity or as part of a previous entity over which they had ownership or control, have been subject to any decisions indicating involvement in cybersquatting, as defined in the Uniform Domain Name Dispute Resolution Policy (UDRP), Anti-cybersquatting Consumer Protection Act (ACPA), or equivalent legislation. This includes engagement in reverse domain name hijacking under the UDRP or bad faith or reckless disregard under the ACPA or equivalent legislation within the last ten years. If unable to confirm, please provide an explanation.

Note related to question 2 above: Three or more such decisions with one occurring in the last four years will generally be considered to constitute a pattern.

1. Confirm that neither the applicant nor any individuals named in the Organizational Account Record, either in their current capacity or as part of a previous entity over which they had ownership or control, has been subject to a final determination by a dispute resolution provider or a court of competent jurisdiction for intellectual property infringement related to registration or use of a domain name within the last ten years. If unable to confirm, please provide an explanation.

2. Confirm that the applicant and individuals or entities named within the Organizational Account, either in their current capacity or as part of a previous entity over which they had ownership or control, have not been subject to a final determination related to the Uniform Rapid Suspension System (URS) Policy or Post-Delegation Dispute Resolution Procedures (PDDRP). If unable to confirm, please provide an explanation.

6.1.3 Background Screening Clarifying Questions

If the background screening provider identifies any areas where the applicant has not met the criteria, clarifying questions may be issued to obtain additional information. To ensure timely processing of applications, all applicants are encouraged to respond to clarifying questions as quickly as possible, but no later than 21 days after receiving the clarifying question.

6.1.4 Background Screening Results

Based on the background screening results, ICANN reserves the right to approve or deny an application progression in the process. For example, a final and legally binding decision issued by a national law enforcement or consumer protection authority, finding the applicant engaged in fraudulent and deceptive commercial practices as defined in the Organization for Economic Co-operation and Development (OECD) Guidelines for Protecting Consumers from Fraudulent and Deceptive Commercial Practices Across Borders⁷ may lead to application rejection. ICANN may also contact the applicant with additional questions based on information obtained in the background screening process (see more in Extended Evaluation for Background Screening).

6.1.5 Extended Evaluation for Background Screening

If an applicant does not meet the background screening criteria, it may request an Extended Evaluation. During this process, the background screening provider may issue additional clarifying questions or request additional information to facilitate additional analysis. Applicants have 21 days to provide the requested information. If the applicant does not respond or its responses do not satisfy the background screening criteria, the applicant will not pass the screening.

6.2 Financial and Operational Evaluation

The Financial and Operational Evaluation assesses whether an applicant has the financial capacity to fund the registry long-term, thereby ensuring DNS stability, and mitigating financial risks like revenue shortfalls or cost overruns, including for those managing multiple TLDs. This evaluation also mitigates risks to the security and stability of the DNS and overall Internet security, stability, and resiliency. The operational component ensures that the applying entity has reasonable safeguards in place to support robust business operations and effective handling of abuse concerns.

The Financial and Operational Evaluation is based on an applicant’s responses to application questions (see 3.1.3 Application Questions and Appendix 1 Application Questions), which are determined based on the applicant profile model.⁸ This model recognizes that different criteria are required for different types of applicants.

The evaluation occurs during the Applicant Evaluation phase described in this module (Module 6 Applicant Evaluation Procedures). Financial and Operational Evaluation is performed at the applying entity level. If the applicant applies for multiple strings, the results of the Financial and Operational Evaluation performed at the applying entity level will apply to each of its strings.

A third-party evaluation panel will conduct the Financial and Operational Evaluation, assessing whether the applicant’s responses satisfy the specific criteria for the applicant’s profile.

Most financial information submitted by the applicant remains confidential; the application questions are individually marked as to whether the responses are published or remain confidential.

6.2.1 Execution of Evaluation

ICANN will assign each applicant one of four potential profiles based on its unique traits, determined by responses to the applicant profile selection questions.

The applicant will answer a series of “Yes” or “No” questions to determine the profile. Based on the applicant’s responses, the TLD Application Management System (TAMS) directs the applicant to the questions specifically assigned to that profile. Below is the list of the questions in the order that they are asked:

1. Is the applying entity a governmental entity or an intergovernmental organization recognized in its jurisdiction? If “Yes,” assign the Government profile.

2. Is the applying entity a current registry operator or an affiliated⁹ entity of a current registry operator with one or more active Registry Agreements? If “Yes,” assign the Registry Operator profile.

3. Is the applying entity a publicly traded company listed on any of the Top 25 Public Stock Exchanges or an Affiliated entity of a publicly traded company listed on a Top 25 Public Stock Exchange, as defined by the World Federation of Exchanges and specifically included on ICANN’s list dated (Month/Day/Year)?¹⁰ If “Yes,” assign the Top 25 profile.

4. If the applying entity is none of the above profiles, assign the Standard profile.¹¹

6.2.2 Financial and Operational Evaluation Criteria

Based on an applicant’s responses to the questions in Appendix 1 Application Questions and the profile assigned to an applicant, an applicant must meet different criteria for the evaluation. The three components of the evaluation are Financial Statements, Self-Certification, and Operational/Planning.

• Financial Statements: The applicant (except for those qualifying under the Government profile) must provide audited, reviewed, or compiled financial statements, prepared by a third-party accounting firm, for the applying entity that complies with the accounting standards required by the jurisdiction of the applying entity. Alternatively, the applicant may provide third-party audited, reviewed, or compiled statements from an ICANN-approved Qualified Parent Entity (QPE), prepared by a third-party accounting firm. A Qualified Parent Entity (QPE) is a legal entity that has at least 51% ownership in the applicant, directly or indirectly. Qualified Parent Statements (QPS) are audited financial statements from a QPE.

• Self-Certification: The applicant must provide a self-certification document, signed by the CEO, President, or CFO of the applying entity. If financials are provided by a QPE, that QPE must co-sign the certification document. Self-certification statements may vary depending on the applicant’s profile.

• Operational/Planning: The applicants must submit various operational and planning documents as required by its profile.

Table 6-1: Overview of Financial Evaluation Requirements by Profile Type

6.2.3 Financial and Operational Evaluation Clarifying Questions

The evaluation panel may issue clarifying questions (CQs) to request additional information needed to sufficiently evaluate the application. Applicants are required to respond within 21 days following the date of issuance of the CQ.

6.2.4 Extended Evaluation for Financial and Operational Evaluation

An Extended Evaluation is a secondary review process available to applicants that do not pass Financial and Operational Evaluation. An applicant may request Extended Evaluation to provide clarifying information that addresses deficiencies in its initial application. To qualify, an applicant must formally elect to undergo Extended Evaluation after receiving its Financial and Operational Evaluation results. There is no fee associated with Extended Evaluation.

6.2.5 Financial and Operational Evaluation Instructions

The Financial and Operational Evaluation assesses an applicant’s ability to fund registry start-up and long-term operations through four distinct profiles:¹³

• Government Profile: Applies to governmental entities or intergovernmental organizations within a recognized government’s jurisdiction.

• Registry Operator Profile: Applies to current registry operators with active Registry Agreements or their affiliated entities.

• Top 25 Public Stock Exchange Profile: Applies to publicly traded companies on a Top 25 Public Stock Exchange, as defined by the World Federation of Exchanges list (as of December 2025),¹⁴ or their affiliated entities.

• Standard Profile: Applies to applicants not meeting criteria for the other three profiles.

All applicants must complete “Security Policy and Planning” and “DNS Abuse” questions, in addition to profile-specific questions. ICANN will assign each applicant to a profile based on the criteria defined above in Section 6.2.1 Execution of Evaluation.

The Questions for each of the four applicant profiles in the Financial and Operational Evaluation are located in Appendix 1 Application Questions. Additionally, the templates used for the Standard profile are located in Appendix 5 Templates for Standard Financial Profile.

The following general instructions and guidelines apply to the Financial and Operational Evaluation:

• The applicant must answer all questions.

• The applicant must follow the instructions without exception and provide complete, commercially reasonable, and good-faith responses.

• If, for any reason, the applicant believes a question does not apply to its profile, it must explain why.

• Once the application is submitted, the applicant cannot provide any additional information unless requested by ICANN or in response to an application comment. ICANN is not obligated to request any additional information or clarification of the submitted information.

• When asked “why,” “describe,” “explain,” or “provide detail,” the applicant must respond with content that demonstrates due diligence appropriate for the request. Most responses should consist of several paragraphs, but should not exceed two pages. Exceptions to this guidance are all types of financial statements, contracts, reference material, or any documentation that may require some additional content.

• All currency values must be in USD (United States dollars) or the nationally recognized currency for the jurisdiction of the applicant or Qualified Parent Entity (QPE).

• For applicants submitting multiple applications, financial responses apply to all applications planned for this round. Applicants will complete Financial and Operational Evaluation (including templates) only once for their first application, providing aggregate information for all applied-for strings in the response.¹⁵

• Financial and Operational Evaluation is performed once per applying entity. One Financial and Operational Evaluation will consider all applied-for strings and their variant strings (if any) for a single applying entity.

• When completing the Financial and Operational Evaluation templates (Most Likely Scenario, Worst Case Scenario, etc), applicants must consolidate all Domains Under Management (DUMs) across all applied-for strings, including any variant strings. When providing expenses, including RSP expenses, applicants must consolidate all expected expenses across all applied-for gTLDs and variant strings.