Open Date

July 25, 2019

Close Date

August 24, 2019

Report Date

August 30, 2019

TLD

Both

Overview

Purpose: fTLD Registry Services (fTLD) is seeking comments on Registrant Eligibility Policy Amendments for .Bank and .Insurance. The purpose of these Amendments is to clarify and provide transparency and predictability to those seeking to register .Bank or .Insurance domain names. These Amendments are the result of consultations with fTLD’s Advisory Council (the “Council”) and its Board of Directors (the “Board”)

Current Status: Following approval at the Board meeting held on 16 July 2019, fTLD is seeking public comments on the Amendments to the .Bank and .Insurance Registrant Eligibility Policies in accordance with its Policy Development Process Policy accessible here. The updated Definitions (for Policies) is provided for reference purposes only.

Next Steps: fTLD and the Council, as appropriate, will consider and/or address comments received in the summary and analysis of comments document (the “Report”). Following the close of the comment period, fTLD will post the Report. fTLD will determine the appropriate resolution of the comments received and consult with the Council, as appropriate, and if no further changes are needed, fTLD will move toward implementation of the Policies in accordance with its Policy Development Process Policy.

Background

fTLD has received interest from a broad range of prospective Service Providers seeking to register domain names in .Bank and .Insurance. During the past several months fTLD engaged its Council, Operating Manager and Board to consider options for modifying the .Bank and .Insurance Registrant Eligibility Policies and their Implementation Guidelines with the goal of providing predictability of eligibility and to facilitate fTLD’s verification process to confirm qualified Registrants. fTLD’s Board specifically discussed Service Provider eligibility at its meeting on 11 April 2019, and fTLD’s Council further discussed this in meetings held in April and June. The Council recommended Amendments to the .Bank and .Insurance Registrant Eligibility Policies to provide clarity and ensure the trust and integrity of .Bank and .Insurance is maintained for qualified Registrants and not organizations solely seeking to enhance their legitimacy to market to regulated entities. fTLD’s Board approved the Amendments to the Policies on 16 July 2019.

Description and Explanation of Amendments

The main changes to the .Bank Registrant Eligibility Policy include:

  • addition of the word “retail” and “relevant” which adds clarity to how the Policy has been implemented since the launch in 2015 (e.g., investment and other non-retail banks are not eligible);
  • addition of a defined term “Government Regulatory Authority” (which is added to the Definitions for Policies) to clarify what is meant by “relevant” and “retail”;
  • removal of the Service Provider category 3.6;
  • addition of the Board approval category 3.7 (to ensure fTLD has a mechanism for the Board’s authority to deem an organization or category of organizations eligible given the likelihood for the banking sector to continue to evolve); and
  • addition of supervised parent/holding companies to the Policy itself.[1]

The main changes to the Implementation Guidelines to the .Bank Registrant Eligibility Policy:

  • provides a grandfathering provision for the organizations that have been approved under category 3.6 (i.e., as a Service Provider) to address their ongoing eligibility;
  • describes the use restrictions for Service Provider Registrants eligible under Section 3.7 of this Policy: use of the domain name by Service Provider Registrant must predominantly support Regulated Entities and may not be used as the primary, consumer-facing domain of the Service Provider Registrant or in any marketing or promotional capacity; and
  • for clarity, adds a non-exhaustive list of organizations not eligible under Section 3.7 of the Policy.

The main changes to the .Insurance Registrant Eligibility Policy include:

  • addition of the word “relevant” which adds clarity;
  • addition of a defined term “Government Regulatory Authority” (which is added to the Definitions for Policies) to clarify what is meant by “relevant”;
  • removal of the Service Provider category 3.5;
  • addition of a Board approval category 3.6 (to ensure fTLD has a mechanism for the Board’s authority to deem an organization or category of organizations eligible given the likelihood for the insurance sector to continue to evolve); and
  • addition of supervised parent/holding companies to the Policy itself.[1]

The main changes to the Implementation Guidelines to the .Insurance Registrant Eligibility Policy:

  • provides a grandfathering provision for the organizations that have been approved under category 3.5 (i.e., as a Service Provider) to address their ongoing eligibility; and
  • describes the use restrictions for Service Provider Registrants eligible under Section 3.6 of this Policy: use of the domain name by Service Provider Registrant must predominantly support Regulated Entities and may not be used as the primary, consumer-facing domain of the Service Provider Registrant or in any marketing or promotional capacity.

Report

[to be posted within five (5) business days after the close of the Public Comment period]

[1] To provide further transparency and predictability for Registrants, consistent with the announcement of the addition of the regulated/supervised holding or parent companies as a new class of registrants, eligible for automatic approval made on August 22, 2016, fTLD will formally add them to the .Bank and .Insurance Registrant Eligibility Policies.

13 Responses

  1. This change is of some concern: “use of the domain name by Registrant must predominantly support Regulated Entities and may not be used as the primary, consumer-facing domain of the Registrant or in any marketing or promotional capacity.”

    I am very confused by the meaning and goal of this change. The phrase “predominantly support” is ambiguous, and the restriction “may not be used as the primary, consumer-facing domain of the Registrant or in any marketing or promotional capacity” leaves me with no compelling reason to use .bank domain at all.

    The new restriction if I understand it correctly seems unreasonable. Every retail website is inherently marketing and promotional by its nature. As I understand this new restriction it says that I cannot have “myinstitution.bank” as the domain for my main public website, prior to the login to online banking site. Is that really its intent? So I must have a .com domain for my main marketing site, and then may have a .bank domain for the secure online banking site? If so, what compelling reason would I have to purchase a .bank domain at all? If I am incorrect and this is not the intent, then I propose the language for this restriction should be modified to clarify.

  2. I had the pleasure of speaking with Heather Diaz. She addressed all of the concerns mentioned in my previous comment. This restriction is not for banks but is for Service Providers. Banks can use a .bank domain as their primary website whereas service providers may not. That eases my mind entirely. I would withdraw my original comment if I could. Thanks again for the clarification.

  3. The addition of “supervised parent/holding companies” should fix a lot of confusion that we felt during the registration and re-verification processes. I strongly support the addition of that clause.

  4. The additional clarifying language to the .Insurance Registrant Eligibility Policy are much appreciated and the the addition of the Board approval category will be important as the insurance industry continues to evolve. We support these changes.

  5. As an early adopter of .Bank and member of the Advisory Council, we also voted in favor of these changes to maintain the integrity and security of the domain.

  6. I generally agree with the policy changes for the .Bank registrant eligibility, however, I am concerned about the use of the term “retail bank” – does that exclude commercial and investment banks? (In my opinion, commercial and investment banks should be permitted to register for a .bank domain.)

    Would it be helpful to add definitions for retail (commercial, investment) banks?

    Jeff, thank you for your comment and question.

    In the U.S., commercial banks and retail banks are eligible in .Bank, and while slightly different bank types in terms of the clients they serve, are regulated by the same government regulatory authority; however, as mentioned before, investment banks are not regulated the same. The reason we chose the term retail is that it’s representative of the retail banking (i.e., consumer banking) activities which are conducted by both commercial and retail banks and therefore, either would identify themselves as being eligible under our Policy. We’ve also added Government Regulatory Authority as a defined term to our Definition for Policies document, so that it is clearly defines the banking government regulators that meet this definition.

    Most Investment banks are not eligible for .Bank domains unless they are regulated by the relevant Government Regulatory Authority. In the U.S., for example, investment banks are overseen by the SEC and as such, do not qualify to register domains in .Bank due to their government regulatory authority not being the same as for retail banks. In other jurisdictions, such as Japan, the government regulatory authority is the same for investment and retail banks, so investment banks in Japan are eligible. At this time, most investment banks are not eligible under the .Bank Registrant Eligibility Policy, and we have denied some requesting to register names in .Bank.

    Heather Diaz
    Sr. Director, Compliance and Policy for fTLD Registry

  7. I am generally supportive of the Registrant Eligibility Policy Amendments for .Insurance. The proposed changes should provide greater clarity and are aligned with the overall purpose and goals of .INSURNCE.

  8. I am on the Advisory Board and have worked with the changes suggested. My Comments lend themselves to the .Insurance use mores than .Bank. I do see quite a bit of separation between the Banking and Insurance business, and regulatory entities overlaying on these businesses, that may want to use either .bank and the .insurance. My comments are directed to, and inclusive of, my thoughts for the .insurance domain alone. They are presented in an effort to prompt full conversation and consideration before any final changes are made. I intend to be neutral in my comments so as to focus on how we serve consumer AND the revenue desires generating from the use of .Insurance.

    Thought #1: People are adapting away from .com to the newly arrived extensions. A person would naturally type in Car.Insurance, or Geico.Insurance (although people know Geico.com.). New Insurance entities OUGHT to be encouraged to use .insurance over .com. We want people to naturally type in XYZ.insurance; it aids us selling more .insurance domain names. As the bots and the phishers and such expand, I think people will gravitate towards specialty providers, like .insurance, when it is clear these sites have some powerful oversight that makes them safe. Simply, this policy raises the question, why have a .insurance extensional all if It cannot use it as branding with the consumers. As a marketer, I WANT my consumer seeing my name and insurance together; especially as .insurance means safety/security/validation. It is my belief that any entity that qualifies to get issued a .insurance domain will wisely market it in a fashion that supports the goals of the fTLD and its desires with .insurnace domains. Perhaps we need language that allows us to restrict use if the domain is not being used in accordance with our policies, or such.

    Thought #2: Banking and Insurance are as different as cars and music. One is a hard place that has a money product, one is a soft product or service that few see as a place. I am going to the bank, no one goes to an insurance. It feels like we are trying to bundle our thoughts together on these two. Banks and banking relates to one genre of activity consumers instinctively understand. Plus, Bank has always been a physical thing (like a car.) I understand the positions of the bankers. Insurance is far different. You don’t go to insurance, you get insurance…for many things. With the wider use of “insurance” in our language, and with non-physical things moving to the internet, we ought to consider a wider use of .insurance. Adoption of some indexing back to the regulatory oversight “.insurance” offers makes sense (we would not want to offer up urls to someone who provides “hair loss insurance” as this is certainly not on par with “Auto Insurance.”)

    I think we need to recognize the word “insurance” differently from we do with “bank” and expand the acceptable use cases accordingly.

    Jim, thank you for your comment and contributions to fTLD’s Advisory Council.

    On Thought #1, we could not agree with you more on the value of the verified Top-Level Domain .Insurance to not only serve as a marketing channel tool, but with the pre-verification of Registrants and the Registrant Security Requirements, .Insurance provides a trusted domain for the insurance community in the myriad of domain extensions. fTLD’s Acceptable Use / Anti-Abuse Policies (https://www.ftld.com/policies/) address the requirements for registering and using a .Bank/.Insurance domain. In Section 4.5 of the Policies, fTLD may impose additional use restrictions, at any time, on a Registrant’s use of a domain name.

    On Thought #2, with the verification and Registrant Security Requirements of .Insurance, fTLD has created a differentiated, more secure product from traditional domain extensions in the marketplace. In order to ensure the ongoing integrity of .Insurance, it is important to consider the critical role of the verification process to keep bad actors out of the .Insurance community and retain its pristine reputation. With the proposed Amendment, the .Insurance community is ensuring there are clear and transparent eligibility requirements and encourages Registrants to leverage third-level domains (e.g., serviceprovider.purple.insurance) for use by their existing vendors or service providers within the more secure .Insurance umbrella. As fTLD has shared, the service provider categories have always been a small class of Registrants across .Bank and .Insurance (at .012% of our total registrations), and with the proposed Amendments we are explicitly affirming we intend to keep it that way for the benefit of our community.

    Heather Diaz
    Sr. Director, Compliance and Policy for fTLD Registry

  9. In order to use .bank it should be required that the organization has a bank charter. Non-bank entities should not be able to use .bank

  10. Our insurance firm has been a .insurance for nearly 9 months. From what I have read I am in support as long as non-bank/non-insurance firms are still excluded and extensive reviews are continued before anyone is approved for .insurance. That being said, the issue that I, to my surprising, continue to run into *daily* at work when dealing with very large insurance carriers (think Protective, Principal, Lincoln etc) when we are doing policy reviews is that even the CARRIERS are not familiar with .insurance. We do a lot of business via email and when we provide our email addresses its very common they ask “and .com at the end?” . The awareness is not there, even in our own industry, and I feel that a lot could be done on this end to raise awareness of .insurance. These domains were released in 2016 – which means there’s been 3 years that should have been happening of .insurance domains, yet even when you google it there is not much information out there aside from being directed to ftld website. There should be an increase in press releases and advertising not only to help facilitate the growth of this and bring more firms on board, but should specifically be made aware of to carriers. For instance, when we are trying to submit drip ticket applications or submit an email address to be registered on a companies site we have *consistently* had issues of a .insurance not being an accepted email address. We have to use our old .com emails and have them rerouted into our inbox for the .insurance – so in addition to charges we are already paying to have .insurance, we also have had to hold onto old email accts and pay our IT to assist in managing routing.

  11. CLHIA is generally supportive of the recent amendments made to the Registrant Eligibility Policy for .Insurance as they will ensure the trust and integrity of .Insurance towards qualified Registrants while restricting access to organizations solely seeking to enhance their legitimacy to market to regulated entities.

  12. Our bank greatly appreciates the security that being able to provide a .Bank domain provides. However, similar to others here, we are concerned about the wording of the Restraint Eligibility Policy Implementation Guidelines for both .Bank and .Insurance, specifically the statement that “use of the domain name by Registrant […] may not be used as the primary, consumer-facing domain of the Registrant or in any marketing or promotional capacity”. We understand from reading comments below from Heather Diaz, Sr. Director, Compliance and Policy for fTLD Registry, that this statement only applies to Service Providers, rather than Regulated Entities. However, we still believe that the aforementioned statement in the paragraph is too vague and depends on implicit context from the statement above that this refers to the Service Provider category, rather than explicitly stating in the paragraph directly that the statement only applies to Service Providers, and not Regulated Entities. A reiteration of the previous paragraph’s intended context within the relevant paragraph may assist in clarifying this statement’s actual purpose. Thank you.