AFRINIC is usually described as a regional internet registry in crisis: boardless for years, pulled through Mauritian courts, defended by some as critical infrastructure, attacked by others as a private gatekeeper, and watched by ICANN because the failure of one registry can disturb confidence in the wider numbering system. That is accurate but incomplete. It misses the quieter mechanism by which a technical recordkeeper can acquire sanction-like power.
That mechanism is compliance. Not compliance in the clean sense of obeying a known rule, but compliance as a stack of recognition checks: eligibility tests, member identity controls, abuse-contact duties, due-diligence requests, transfer approvals, fee conditions, court restraints, public-risk labels and route-security dependencies. Each check may be defensible in isolation. Together they can turn a registry entry into something close to an operating licence. No minister has to announce a sanction. No sanctions office has to publish a list. If a registry can suspend recognition, delay a transfer, question membership, impair reverse DNS, affect the credibility of routing-security objects, refuse a vote, threaten resource reclamation or describe a holder as outside acceptable conduct, it can create commercial consequences that resemble sanctions without possessing sovereign authority.
This is why AFRINIC matters beyond Africa. It is the sharpest public stress case for a scarcity-era registry model in which IPv4 numbers have become economically valuable, registry contracts still look administrative, official liability is thin, governance is contested, and compliance language can do work that law has not clearly authorised. It is non-state chokepoint power over network identity, customer continuity and scarce address capital.
Heng Lu's public notes provide the most developed vocabulary for this problem. He is not a detached observer: he is connected to Cloud Innovation, LARUS and the Number Resource Society, all of which sit inside the AFRINIC dispute. That makes the notes interested, not useless. Their value is analytical. They repeatedly separate the ledger from the gatekeeper, the address book from enforcement, administrative coordination from sovereign punishment, and registry continuity from business continuity. Read against independent reporting by the Internet Governance Project, KrebsOnSecurity and The Register, that lens explains the economic structure better than official language about stewardship and community does.
Official materials from AFRINIC, the NRO, ICANN and peer institutions remain important. They show what services exist, what policies say, what elections or court steps occurred, and how institutions framed their own roles. They should be treated as factual exhibits, not as the final authority on the economic question. A registry's statement that it is enforcing policy does not settle whether the enforcement operates as a business-continuity risk. A resource holder's statement that it is defending networks does not settle whether it has complied with all obligations. The central question is narrower and harder: when does compliance over a shared numbering ledger become sanction-like control over the businesses that depend on that ledger?
A sanction without a sanctions office
A state sanction normally works by denying access to a market, bank account, licence, export channel, payment system or legal privilege. A registry sanction is less theatrical. It works through recognition. Who is the holder? Who may update the record? Who is compliant? Who may receive or send a transfer? Whose abuse contact is valid? Whose route-origin assertion is credible? Who may vote? Who counts as a member? The answers can determine whether counterparties view a network's identity as stable.
AFRINIC's formal role is narrower than that. Its public materials describe a member-based registry for Africa and parts of the Indian Ocean, distributing and recording IPv4, IPv6 and autonomous system numbers. Its policy manual addresses allocation, assignment, WHOIS data, abuse contacts, reverse DNS, routing information and related services. Its exhaustion material describes a scarcity regime in which requests are submitted through tickets, reviewed by hostmasters, peer-reviewed, approved by management, invoiced and constrained by final-pool rules. These are administrative functions. They make a shared numbering system coherent.
The sanction-like power appears when administrative recognition becomes a condition of economic life. A cloud operator, ISP, hosting company, bank service, payment processor or government network may not think every day about the registry behind its addresses. Yet customers whitelist those addresses; suppliers document them; fraud systems assess them; banks record them; routers announce them; reverse-DNS entries identify them; route-security objects support them. If the registry record becomes uncertain, the company does not merely update paperwork. It may have to reassure customers, counterparties, auditors, lenders and courts that the same business still stands behind the same network identity.
That is the strongest point in Heng's public writing on network identity and customer continuity. An address begins as capacity, then becomes memory. It is embedded in firewalls, APIs, compliance documents, bank checks, customer contracts, reputation systems and operational playbooks. The cost of losing or destabilising it is not the cost of obtaining another number. It is the cost of re-establishing trust, moving traffic, changing assurances, curing reputation damage, explaining risk and persuading third parties that continuity has survived. Registry pressure therefore reaches far beyond a registry invoice.
Scarcity makes the pressure sharper. In a world of abundant IPv4, registry discretion might have looked like a nuisance. But IPv4 is finite, IPv6 is not an immediate substitute for every legacy dependency, and IPv4 blocks trade or lease in real markets. The Internet Governance Project argued in 2021 that AFRINIC's crisis cannot be understood without the gap between low registry fees and high market prices. That gap makes recognition economically potent. A registry action can destroy more value than the annual administrative fee ever suggested was exposed.
The important distinction is between public-law sanctions and private chokepoint sanctions. The first are imposed by states through formal machinery. The second emerge when a non-state institution controls a critical recognition layer. A registry may say it is only applying policy. A resource holder may experience the same act as an existential restraint. Downstream users may experience it as reachability risk. A lender may experience it as collateral uncertainty. A customer may experience it as a question about whether service can continue. The same administrative act is priced differently by every layer of reliance.
AFRINIC's dispute with Cloud Innovation made that pricing visible. According to the Internet Governance Project, AFRINIC alleged discrepancies between registered use and actual use, questioned out-of-region use and later asserted that it could terminate Cloud Innovation's Registration Service Agreement and reclaim resources. Cloud Innovation disputed the interpretation and argued that such demands would turn the registry into a central planner over network use. The merits belong to contracts and courts. The economic structure is already clear: once a registry can threaten recognition over a contested compliance theory, compliance has become leverage.
Compliance as capital control
Compliance sounds dull because it is supposed to be dull. A registry should know the legal name of a member. It should know which organisation controls a block. It should publish useful contact data. It should prevent duplicate claims. It should verify that a request meets applicable criteria. It should have a way to correct fraud. It should not allow abandoned records to become a hunting ground for hijackers. None of that is controversial.
The danger begins when compliance migrates from record accuracy to capital control. IPv4 is now a scarce input with market value. Transferability, leasing, financing, collateral treatment, route reputation, customer continuity and jurisdictional risk all affect that value. If a registry can decide whether a holder's business model is acceptable, whether the geography of customers is acceptable, whether a transfer has sufficient need, whether a contact failure deserves more than a data-quality flag, or whether a changed use requires re-approval, compliance becomes a gate over capital movement.
AFRINIC's scarcity materials show the administrative origin of this gate. The Soft Landing regime was designed to manage a declining free pool and guide the region through exhaustion. Requests are evaluated by staff. Members seeking more space must meet efficiency conditions. In Phase 2, request sizes are limited. These procedures can be defended as conservation for future allocations. They become more dangerous when the same rationing logic attaches to already-embedded resources around which holders have built customers, contracts and revenue.
The Internet Governance Project's 2021 account described the boundary in concrete terms. AFRINIC's enforcement letters, as IGP reported them, did not merely ask for corrected records. They raised concerns about countries of use, original need statements and a regional-service concept. AFRINIC asserted a power to request changes and potentially reclaim resources. IGP criticised AFRINIC's approach as overzealous and also criticised Cloud Innovation's legal response as excessive. That dual criticism matters. The structural risk does not require one party to be pure. It requires only that ambiguous compliance power and high asset value collide.
Heng's note on enforcement creep makes the same point from the holder's side. He argues that transfer review, retroactive usage questioning and market intervention reintroduce rationing through technical language. A market cannot price an asset-like resource cleanly when recognised control depends on opaque future approval. Buyers discount for transfer risk. Lessors discount for revocation risk. Customers discount for continuity risk. Holders become defensive. Liquidity dries up not because demand disappears, but because every transaction inherits an option held by an institution that may not bear the economic downside of exercising it.
This is how compliance becomes capital control without saying so. A policy can be framed as regional stewardship while functioning as a movement restriction. A need check can be framed as responsible allocation while functioning as transaction approval. An abuse-contact duty can be framed as public safety while functioning as a revocation hook. A member-verification process can be framed as anti-fraud while functioning as vote control. A public communication about a court order can be framed as correcting confusion while functioning as market signalling about the legality of commercial use.
The language need not be dishonest. Institutions often believe their own risk vocabulary. AFRINIC had reason to fear abuse and fraud after public reporting on alleged manipulation of address records. KrebsOnSecurity reported in 2019 that researcher Ron Guilmette alleged that tens of millions of dollars' worth of African IPv4 space had been commandeered through companies linked to a former AFRINIC policy coordinator; AFRINIC's then-chief executive said the organisation was investigating. That report did not decide every legal question. It did show why a registry emerging from such allegations would want stronger controls.
Scandal, however, can legitimate overcorrection. A registry accused of past weakness may seek moral repair through toughness. Members may welcome stronger review because the alternative appears to be impunity. Staff and board figures may begin to treat broad discretion as the price of restoring trust. The affected holder experiences the same discretion as a threat to business continuity. The court sees a contractual dispute. The community sees a test of loyalty. Scarcity makes each interpretation expensive.
The economics are unforgiving. If the registry is wrong, the holder and its customers bear the first operational loss. If the holder is wrong, the registry and community bear the integrity loss. A sound compliance system reduces both risks through narrow triggers, independent review, proportional remedies and continuity protections. A weak system swings between passivity and nuclear sanction. AFRINIC's crisis shows why that swing is so costly.
Abuse, contactability and the enforcement premium
Abuse is the easiest word in internet governance to expand. It begins with spam, phishing, malware, hijacking, fraudulent records, unreachable contacts and customer harm. It can then grow to include unwanted business models, controversial leasing, out-of-region routing, speculative holding, political influence, voting campaigns and litigation strategy. The word carries moral urgency. That is why it is useful, and why it is dangerous.
AFRINIC's policy manual contains an abuse-contact section that, in its older form, is modest. It specifies a dedicated WHOIS object for public abuse contact information, with an email field and an abuse-mailbox field, so reports can reach the right network contact. The manual itself notes that the object does not solve the data-accuracy problem. That is a narrow registry function: improve contactability. It is not an abuse court.
Heng's public "Policy Mirror" critique treats that boundary as crucial. His proposed replacement would limit abuse-contact policy to deliverability and directory accuracy, forbid the registry from judging the substance or adequacy of a holder's abuse process, and reject revocation, transfer denial, RPKI suspension, reverse-DNS removal or reassignment for contact failure alone. One need not accept the whole reform platform to see the institutional logic. Contactability belongs naturally in the registry. Punishment for underlying conduct belongs elsewhere unless the conduct is record fraud, duplicate claim, abandonment, a binding court order or a genuine security-integrity emergency.
The risk is collateral damage. Abuse usually occurs downstream from the registry: a customer sends spam, a compromised server hosts malware, a reseller ignores complaints or a routing anomaly appears. The registry may have useful data, but it is rarely best placed to investigate every customer, determine legal responsibility, weigh proportional remedies and protect innocent users. If it uses address recognition as punishment, innocent customers may suffer before any competent authority has determined responsibility.
This is the registry version of de-risking. Banks facing anti-money-laundering pressure sometimes close whole categories of accounts because investigating every customer is expensive and regulatory downside is asymmetric. Platforms remove users or content because the cost of mistaken permission can exceed the cost of mistaken denial. A registry under abuse pressure can behave similarly: require more data, freeze more transactions, delay more updates, escalate more cases and treat uncertainty as evidence of risk. The institution appears prudent. The market experiences an enforcement premium.
That premium is not theoretical for AFRINIC. Independent reporting has linked its later enforcement mood to the 2019 address-record allegations and to broader concern that African address space could be diverted, leased, sold or routed in ways critics viewed as contrary to regional development. The Register later reported AFRINIC's March 2026 accusation that Cloud Innovation, LARUS and associated advocacy campaigns were trying to paralyse the registry through litigation and procedural roadblocks. AFRINIC's defenders framed stronger policy and resistance as protection of the region. Critics framed the same posture as registry chokepoint power.
Both sides use abuse-adjacent language. AFRINIC has pointed to misuse, paralysis, false claims, voting-right grabs and threats to community stability. NRS has warned about registry chokepoints, member funds, vote protection and network destruction. The symmetry should make readers cautious. Every actor wants to describe its preferred control as risk management and the other side's control as abuse. The analytical task is to ask what concrete power follows from the claim.
If the power is to publish accurate abuse contacts, the registry remains inside its natural lane. If the power is to require holders to be reachable for registry notices, it is still close to that lane. If the power is to decide whether a network operator's abuse desk is legally or morally sufficient, the lane widens. If the power is to revoke, deregister, deny transfers, impair route-security objects or remove reverse DNS because of contested abuse handling, the lane has become an enforcement road. At that point the registry is no longer only a bookkeeper. It is imposing a sanction-like consequence.
The bookkeeper analogy recurs throughout Heng's notes because it disciplines the debate. A bookkeeper can correct false entries. A bookkeeper can refuse forged instructions. A bookkeeper can record a dispute. A bookkeeper cannot confiscate a factory because a customer's customer behaved badly. Internet registries do more than bookkeeping, so the analogy is imperfect. But its imperfection is less dangerous than the opposite metaphor, in which a registry becomes a guardian of regional destiny and therefore finds enforcement authority wherever policy language can be stretched.
Transfers, member status and the price of recognition
Transfer approval is one of the cleanest ways registry recognition becomes market power. A holder may think of a block as operational capacity. A buyer may think of it as scarce inventory. A lessee may think of it as continuity. A bank may think of it as a risk-bearing asset. The registry sees a policy event: who is eligible, what records are accurate, what need has been shown, whether fees are paid, whether a dispute exists and whether the transfer fits regional rules. The same transaction is thus priced through two systems at once: market value and administrative permission.
In an ideal regime, those systems would be predictably connected. The registry would verify authority, prevent duplicate claims, check objective criteria, record the result and preserve a dispute trail where needed. It would not judge price, politics or the moral quality of every business model unless a clear rule required it. In a weak regime, transfer approval becomes a discretionary bargaining position. Buyers demand warranties. Sellers discount for delay. Lessors build continuity language into contracts. Lenders hesitate. Customers ask whether future registry recognition can be relied upon.
AFRINIC's regional scarcity politics make transfer risk especially sensitive. AFRINIC and its supporters have reasons to worry that scarce resources issued in the region may be treated as global inventory while African networks face their own constraints. IGP took a different view in 2021, arguing that AFRINIC's remaining free pool was too small to sustain long-term regional growth and that Africa would still need market imports of IPv4 or more IPv6 adoption. Those are policy arguments. The compliance question is whether a registry should resolve them through clear prospective rules or through contested review of existing holders.
Member status adds another control surface. The most visible AFRINIC compliance dispute in 2025 was not about an address block but about who could vote. The Register reported that AFRINIC's June 2025 board election was suspended shortly before the in-person voting period ended because of questions about powers of attorney. South Africa's ISPA alleged that authorised representatives found votes or authority claimed on their behalf through documents they said they had not provided. AFStar also alleged fraudulent powers of attorney. ICANN raised concerns and asked questions. The receiver later annulled the election, citing concerns over voter documentation and the need to protect transparency and fairness.
These were allegations and institutional reactions, not proof of every claim. The public record remains incomplete. A registry election is not merely association theatre when the registry sits over scarce resources. Board control can affect litigation strategy, bylaw changes, member rights, transfer policy, budgets, senior appointments and the relationship with ICANN. Identity checks therefore become an economic control surface.
The Register's May 2026 report on AFRINIC's bylaw review showed how dry and consequential this can become. ISPA told its members that Mauritian legal advice had found a dissonance between AFRINIC resource members and registered members under local company law, and suggested bylaw amendments so resource members could participate through community resolutions. NRS criticised that approach and called for new representation. The legal question was whether resource members possess enforceable governance rights or only process participation. The economic question was who gets to legitimate registry discretion.
Control over the member map can produce sanction-like outcomes indirectly. If a holder cannot vote because its authority documents are questioned, it loses influence over the board that may decide policy affecting its resources. If a bloc can aggregate proxies, it may shape policy without operating the affected networks. If a receiver or committee cannot verify documents transparently, the resulting board inherits legitimacy risk. If ICANN signals a compliance review because election controls look weak, local governance becomes subject to higher-level pressure. Each step is framed as identity assurance. Each step reallocates power.
The same dynamic applies to onboarding and resource requests. AFRINIC requires legal names, registration information, physical addresses, service-region claims and evidence of need for many resource processes. These requirements can protect against shell entities and hijacked records. They can also become tools for discretionary judgment. A multinational may route globally. A data-centre customer may be outside the service region. A leasing structure may separate resource holder, routing customer, billing entity and abuse desk. A rigid identity model may treat commercial complexity as suspicious even when no fraud has been established.
Registry identity is therefore different from ordinary customer due diligence. A bank can close an account and another bank might open one, though de-risking can make that hard. A registry has fewer substitutes. If AFRINIC's record is the recognised regional record and no credible failover exists, a failed identity check can become a business-continuity event. The cost is not only losing a vote or delaying an update. It is losing confidence that the institution will continue to recognise the holder's network identity under predictable criteria.
Route security and the credibility premium
The most underpriced compliance lever is routing-security credibility. WHOIS and RDAP records are public directories. Reverse DNS turns address control into naming. IRR data supports routing practice. RPKI adds cryptographic assertions about which autonomous systems are authorised to originate prefixes. These systems do not make the registry a policeman, but they make registry recognition operationally visible. If the registry's view becomes disputed, the dispute can move from paper to routing confidence.
RPKI deserves particular care because it is not just a label. It is a trust system used by networks to validate route-origin information. A holder whose route-origin authorisations are questioned, delayed or impaired may still route traffic in practice, depending on counterparties and configuration. But uncertainty around route-security standing changes how sophisticated operators assess risk. It can affect transit relationships, customer assurances, incident response and the willingness of counterparties to accept a network as cleanly documented.
That is why a registry's compliance powers should not casually reach RPKI, reverse DNS or publication services. Fraud, duplicate claims, binding court orders and urgent security-integrity emergencies may require decisive action. A stale contact, disputed business model, hostile public campaign or contested regional-use theory should not automatically become a route-security penalty. If it does, compliance has moved from record correction to operational pressure.
The credibility premium also cuts the other way. A registry that cannot maintain trusted publication services loses authority even if its policy arguments are right. AFRINIC's official service list and related materials show that the registry sits beneath WHOIS, RDAP, reverse DNS, IRR and RPKI functions. A registry can win a policy dispute and still damage the region if litigation, insolvency, board paralysis or emergency transition leaves these services uncertain. Conversely, a critic can be right about overreach and still be wrong if its proposed alternative lacks a credible service-succession plan.
This is the practical meaning of "protect the ledger, not the gatekeeper". The ledger is not only a spreadsheet of allocations. It is the historical record, the data-publication layer, the uniqueness function, the route-security dependencies, the reverse-DNS machinery, the member-authority trail and the procedural record of disputes. The gatekeeper is the discretionary layer that can decide access, legitimacy and acceptable commercial evolution. Some gatekeeping is unavoidable. It should be named, bounded and appealable. It should not hide inside security language.
For operators, routing-security credibility is a balance-sheet issue even if accounting standards do not say so. Customers buy a service that must keep working. Banks and insurers ask whether the operational inputs are stable. Security teams ask whether abuse and route-origin evidence is clean. A registry dispute that clouds these answers can raise costs before any route is actually invalidated. The sanction-like effect comes from expectation as much as execution.
Financial rails and the missing insurer
Sanctions become powerful when they touch financial rails. AFRINIC's crisis has already shown how finance and registry function intersect. In 2021, the Internet Governance Project reported that Mauritian court orders provisionally froze up to US$50 million of AFRINIC funds in the dispute with Cloud Innovation, crippling operations. AFRINIC was not merely fighting over legal interpretation. Its bank accounts, board capacity and member services were pulled into the conflict.
That episode is normally discussed as litigation risk. It is also a compliance lesson. Financial institutions, courts and registries all operate by recognising legal identity and authority. Who controls the account? Who may instruct the registry? Who may represent a member? Who may receive fees? Who may be paid? Who is under an injunction? Who is subject to a winding-up application? Who may sign an undertaking? Once these questions become uncertain, operating continuity moves from engineering to paperwork.
AFRINIC's fee schedule adds another layer. Annual membership categories depend on the amount of billable resources held, and even the largest IPv4 categories are priced as administrative membership fees, not as insurance premiums for the full economic value of address-dependent business. The schedule makes sense for a member-funded registry. It makes less sense as a measure of the risk the registry can create. A holder may pay tens of thousands of dollars in annual fees while the addresses support many millions of dollars of customer contracts, market value or operating dependency.
Heng's notes on registry power and liability attack this mismatch directly. They argue that RIR contracts and budgets were built for administrative bodies, while IPv4 scarcity turned registry discretion into high-consequence economic power. They point to liability caps and association-scale balance sheets across RIRs, including AFRINIC's Registration Service Agreement as described in public materials and LARUS commentary. The argument is interested, but its economic core is difficult to dismiss. If an institution can affect an asset-like resource and its liability is trivial relative to foreseeable harm, the missing liability is priced by members, customers and counterparties as risk.
Counterparties react before legal finality. A bank, insurer, data-centre partner, buyer or lender does not need a final judgment to become cautious. It may ask whether a holder's address rights are disputed, whether the registry recognises the holder, whether transfers are blocked, whether a court order constrains statements, whether invoices are paid, whether the holder's identity is verified, whether abuse complaints are unresolved, or whether future registry action could force renumbering. Each question is reasonable. Together they can raise the cost of doing business.
This is how quasi-sanctions propagate. The registry may not cut off the holder. It may only open a review, send a notice, question a use, reject a transfer, flag a dispute or issue a public communique. But commercial counterparties see a live recognition question and adjust. Suppliers hesitate. Customers demand warranties. Lenders discount collateral. Lawyers write protections. Boards request contingency plans. The sanction is not always the initial notice. Often it is the market's response to uncertainty around future recognition.
The deepest economic problem is not that AFRINIC has compliance power. Every registry must have some. The problem is that registry power sits above high-value reliance while no actor clearly insures the resulting harm. The registry's administrative revenue does not match the market value of resources. The holder's contracts may not protect downstream customers from registry action. Courts can issue interim orders before technical consequences are fully understood. ICANN can intervene to protect continuity, but it may not compensate injured businesses. The liability gap becomes a hidden tax on address value.
IPv4 scarcity exposed this gap. In the early internet, addresses were technical identifiers distributed under professional norms. As scarcity matured, they became inputs into balance sheets, leasing contracts, cloud capacity, customer identity, anti-fraud systems and infrastructure strategy. Yet the legal form of many registry relationships remained annual, policy-bound and administrative. Heng calls this the fracture between clerical shell and economic substance: a polemical phrase for a real mismatch.
Consider a large holder under review. The registry may believe it is protecting policy. The holder may believe its business is being threatened. Customers may have no standing in the review. A court may preserve status quo or freeze funds. The registry may disclaim broad damages. The holder may seek injunctions. ICANN may warn of systemic continuity. Banks may worry about the dispute. None of these actors fully absorbs the downstream cost of a wrong decision. That is why a policy dispute can escalate beyond the value of the immediate policy question.
The absence of an insurer also encourages hard rhetoric. If a registry bore full liability for wrongful revocation, it would prefer narrow powers and careful review. If a holder bore full cost for bad records, fraud or abusive customers, it would prefer transparent compliance and credible evidence. If customers could recover easily for collateral harm, both sides would protect continuity. Instead, risks are asymmetric. The registry faces legal cost and reputational harm. The holder faces asset and business risk. Customers face operational harm. Each actor tries to shift risk before it is priced.
This was visible in the litigation cycle reported by IGP. Cloud Innovation secured a bank freeze after AFRINIC moved toward reclamation; IGP criticised that remedy as excessive and damaging while also criticising AFRINIC's initial enforcement posture. The dual criticism is economically important. Extreme registry remedies invite extreme legal remedies. Extreme legal remedies then justify calls for registry protection. The cycle does not solve the liability gap. It reallocates it through courts and public campaigns.
The sanction problem sits inside the same gap. A state sanction is backed by sovereign responsibility, however imperfectly. A registry sanction is backed by an organisation whose capital, mandate and liability may be far smaller than the harm it can cause. A registry can say it did not sanction anyone; it only applied policy. A holder can say the policy action was commercially destructive. The difference will be litigated after risk has already propagated through customers and counterparties.
Geopolitics without sovereign decision
The AFRINIC dispute is full of geopolitical language even when the legal filings are local. Critics of Cloud Innovation and LARUS have questioned out-of-region use, Chinese customers, African resource protection, continental governance and alleged influence campaigns. Heng's notes answer with a different geopolitical argument: RIRs are private entities under particular national laws, yet their decisions can affect operators across many jurisdictions; sanctions, political pressure, governance failure or financial distress at one registry can cascade into national or regional internet risk. The competing frames share one assumption: registry discretion can matter geopolitically.
Formal sanctions are imposed by states; registry sanctions need not be. A non-state registry can create a comparable commercial effect if it controls recognition of network resources used by operators in many countries. If a holder is associated with a politically unpopular jurisdiction, a disputed business model or a controversial campaign, compliance rhetoric can turn into political screening. The registry may not say it is sanctioning a nationality, government or market. It may say it is enforcing service-region policy, protecting the community, reviewing usage, ensuring compliance or resisting capture.
A company whose addresses are delayed, frozen, challenged or publicly questioned must explain the risk to customers regardless of whether the label is "sanction", "policy review" or "community protection". A government whose domestic operators depend on a foreign-law registry must ask whether a private body can create operational consequences that the government itself did not order. A bank or insurer must ask whether registry controversy affects service continuity. The geopolitical effect arises from dependency, not from a sanctions office.
External guardians add another layer. ICANN warned after the annulled 2025 election that it could review AFRINIC compliance and, in a failure scenario, ask another RIR to act as an emergency registry. The Register later reported that the wider RIR community was revising the framework for recognising RIRs, including assistance and possible derecognition. Such mechanisms may be necessary for continuity. They also move sanction-like power upward. A registry can be disciplined by a global coordination layer, which can itself become a gatekeeper over regional governance.
This is why official continuity language should be treated as an exhibit rather than a conclusion. ICANN's May 2026 intervention in a winding-up application, as reported by The Register, aimed to ensure the Mauritian court understood that numbering resources are not AFRINIC assets available for distribution. That is a valid narrow point. It does not decide whether a particular holder breached a contract, whether a leasing model is lawful, whether a transfer restriction is wise, or whether a board election is legitimate. The risk is that a narrow continuity argument becomes a broad mandate claim.
The same caution applies to continental language. Smart Africa's endorsement of seven of eight elected directors in September 2025, as reported by The Register, was presented in a context of preventing institutional capture and protecting critical internet functions. That may be a legitimate concern. It also raises the question of whether pan-institutional support becomes another route by which political actors shape registry discretion. Capture by a commercial litigant is one risk. Capture by a state-aligned or continental bloc is another. The answer is not to choose a preferred captor. It is to reduce the discretionary prize.
The discretionary prize is large because every compliance lever can become a political lever. Transfer policy, member verification, abuse rules, route-security controls, court communications and ICANN escalation can each protect continuity or reallocate power. The more each lever matters, the more actors will fight to control the institution that holds it.
The compliance stack below every address
For operators, the registry layer often feels remote until something fails. The visible network stack is routers, transit, data centres, clouds, firewalls, DNS, certificates and customer systems. Beneath it sits a compliance stack: membership status, fee payment, contact data, authorised representatives, resource certificates, route objects, reverse DNS, policy eligibility, transfer history, dispute status, court orders, sanctions screening by counterparties and board approvals. AFRINIC's crisis makes that lower stack visible.
The AFRINIC record includes several points where the stack can bind. Fees can trigger closure processes. Resource requests require evaluation. Reverse DNS, WHOIS and RDAP depend on maintained records. Abuse contacts depend on reachable objects. RPKI and IRR functions depend on registry systems and authority. Transfers depend on policy and recognition. Elections depend on member identity. Litigation can freeze money or constrain communications. Receivership can preserve status but slow ordinary governance. Each control may be reasonable in isolation. Together they create dense dependency.
That density is the compliance pressure described in this article. It is not one dramatic lever. It is many small levers that can be pulled by different actors: staff, board, receiver, court, member committee, policy group, ICANN, bank, counterparty or public campaign. The holder faces a composite risk. A disputed transfer may trigger customer caution. A court order may affect public statements. A member-status issue may affect governance rights. An abuse-contact dispute may affect reputation. A policy change may affect financing. A litigation claim may affect banks.
LARUS markets its leasing model by saying operators should move registry-layer exposure upstream rather than keeping it inside the operating company. That is a commercial claim, and readers should treat it as such. But its existence is evidence of market demand for risk separation. If buyers and lessees thought registry recognition were merely clerical, there would be little market for continuity rhetoric. The fact that "registry-layer risk" has become a sales category shows that compliance pressure has become visible enough to price.
The same point appears in Heng's RIPE phishing note. A fake email could exploit members' fear because members believe a registry has the power to threaten their business. The incident concerned RIPE NCC, not AFRINIC, but the psychology travels across the RIR system. When a private registry is perceived as capable of altering the recognised status of a resource, a fraudulent compliance demand becomes more credible. Fear itself becomes an attack surface.
For AFRINIC members, that attack surface is enlarged by years of public conflict. If a member receives a demand concerning documentation, a proxy, an abuse contact, payment, review, transfer or policy compliance, it must ask whether the request is routine, fraudulent, politically motivated, legally compelled or part of a broader dispute. That uncertainty increases transaction costs. Serious operators respond by involving counsel, slowing decisions, documenting authority, building contingency plans and seeking commercial structures that reduce direct exposure.
Good compliance lowers these costs. Bad compliance raises them. A good system tells the member what rule applies, what fact is missing, how to cure it, what data will be kept confidential, what service continues during review, who can appeal, what remedy is proportionate and what the registry will not do. A bad system leaves the member guessing whether a small documentation problem can become a recognition problem. AFRINIC's future legitimacy depends on moving from the second condition to the first.
The market will not wait for perfect reform. Resource holders will price AFRINIC space differently if transfer rules are uncertain, if out-of-region use is politically contested, if board legitimacy remains challenged, if emergency registry mechanisms loom, if abuse duties carry unclear consequences, or if courts keep revisiting member status. The address itself may route perfectly. The compliance stack around it may still be discounted.
What a bounded compliance regime would look like
A credible AFRINIC compliance regime would begin by defining the protected function. The core is uniqueness, accurate records, reliable publication services, dispute isolation, fraud control, security continuity and lawful updates. These registry functions are not optional. Without them, the ledger decays and the internet becomes less reliable.
The second step is to define what the registry will not adjudicate. It should not decide the morality of leasing as such, the proper profit margin for IPv4, the business model of every downstream customer, the geopolitical desirability of a routing location, or the region's industrial policy through individual enforcement letters. Governments may regulate operators within their jurisdictions. Courts may decide legal disputes. Contracting parties may allocate risk. Security communities may handle reputation. A registry can support these systems with records; it should not absorb all their authority.
The third step is to separate data quality from punishment. If a contact is missing or unreachable, the default remedy should be notice, cure and a visible data-quality marker where appropriate. If a member's authority document is unclear, the default should be verification, not disenfranchisement unless the risk cannot be cured in time. If a transfer file lacks objective evidence of authority, the registry should identify the missing criterion and cure path. The compliance system should make correct records easy and safe, not make disclosure a path to sanction.
The fourth step is independent review before irreversible harm. A registry should not be claimant, investigator, judge and executioner in serious adverse actions. AFRINIC's crisis is the strongest argument for a rapid independent review mechanism capable of preserving the last verified operational state, ordering corrections, approving interim updates and distinguishing legal disputes from registry-function disputes. Courts remain necessary, but courts should not be the first practical appeal for every high-stakes registry action.
The fifth step is member-identity assurance that does not become factional control. Powers of attorney, proxies, corporate authorisations and member categories must be verified professionally. Audit trails should be sufficient to explain disputed elections without exposing unnecessary private data. Proxy limits and online or in-person rules should be coherent. Resource members should know what governance rights they have under Mauritian law and AFRINIC bylaws. A community cannot legitimate registry power if the community's legal and voting map is ambiguous.
The sixth step is a clear sanction firewall. Registry recognition should not be impaired for reasons that belong to other institutions unless an independent order or narrow emergency exists. Fraud in registry records, duplicate claims, abandonment and court orders are different from political dislike, public criticism, commercial leasing, out-of-region customers, high prices, slow abuse response or adversarial litigation. Some of those behaviours may be unattractive. Some may be regulated elsewhere. They are not automatically grounds to threaten the address book.
The seventh step is service continuity. WHOIS, RDAP, reverse DNS, IRR and RPKI need tested continuity procedures. A registry can win every policy argument and still fail if its services cannot survive litigation, insolvency, bank restraints, board disputes or emergency transition. Conversely, a critic can be right about overreach and still be wrong if its proposed alternative lacks credible service succession. Protecting the ledger means protecting live services, not merely winning institutional arguments.
The eighth step is economic honesty. IPv4 addresses may not be owned as ordinary freehold property in the official registry view. That does not make them economically weightless. They support revenue, customer trust, technical identity and balance-sheet decisions. Policy should not pretend that reclaiming or impairing a large block is like correcting a spreadsheet cell. Nor should holders pretend that scarcity eliminates all obligations. A sustainable regime must preserve both record integrity and reliance value.
AFRINIC does not need to become powerless. It needs power that is more boring. Boring power is rule-bound, appealable, documented, proportionate and predictable. It does not depend on a heroic board, a trusted receiver, a sympathetic court or a global guardian. It is the kind of power a market can price. Scarcity-era resources do not require a registry to pretend they are ordinary property in every legal sense. They do require the registry to admit that business reliance is real.
AFRINIC could become stronger by narrowing itself. After crisis, the temptation is to seek more authority, immunity, oversight, political backing and discretionary tools. In a scarce-asset environment, that increases the prize value of institutional control. The safer path is to make control of the registry less valuable by making the registry less discretionary.
Watchpoints for operators and policymakers
The first watchpoint is whether AFRINIC's post-2025 board turns compliance into routine administration or renewed leverage. Boring evidence will matter most: clear minutes, audited budgets, published review procedures, stable service reporting, transparent membership rules, cautious public language and fewer emergency communiques. A board that reduces discretionary stakes will lower risk. A board that speaks mainly in the language of enemies, capture and regional destiny will raise it.
The second watchpoint is the bylaw and membership review. If resource members are not clearly situated within Mauritian company law, the legitimacy problem will remain. If reforms reduce resource members to a consultative audience while preserving board discretion, the compliance state becomes less accountable. If reforms create transparent, enforceable participation without allowing proxy capture, the registry becomes more resilient. The detail will matter more than the slogan.
The third watchpoint is abuse-contact implementation. Contact data is useful. Revocation hooks are dangerous. AFRINIC should be judged by whether abuse-contact policy improves reachability while avoiding collateral sanction. Any move to tie contact failures, abuse-response substance or customer-disclosure demands to resource recognition should be treated as an expansion of enforcement power, not as mere data hygiene.
The fourth watchpoint is transfer policy. Regional retention arguments will remain politically attractive. They may also trap African-held resources behind lower liquidity, higher risk discounts and informal workarounds. A serious transfer regime should record lawful movement quickly, preserve dispute status where necessary, and avoid judging price, speculation or customer geography unless a clear legal rule requires it. If the official database becomes dangerous, the market will route around it.
The fifth watchpoint is ICANN and the revised RIR lifecycle framework. Emergency help for a failing registry is sensible. Derecognition and replacement mechanisms may be necessary. But if the global layer acquires broad discretion without matching accountability, sanction-like power moves upward rather than disappearing. The test should be whether the framework protects records, services, security and lawful member reliance, not whether it protects the institutional comfort of the incumbent RIR system.
The sixth watchpoint is court language. Orders about member registers, winding-up applications, public statements, receivership, powers of attorney or election process should be read narrowly. A court order correcting a register does not necessarily approve a leasing model. An order restraining misleading statements does not necessarily decide the legality of IPv4 leasing. An intervention by ICANN does not decide every AFRINIC policy dispute. In a compliance-pressure environment, every procedural win will be marketed as broad validation. Operators should ask what the order actually changed in the registry state.
The seventh watchpoint is financial counterparty behaviour. Banks, insurers, data-centre partners, buyers and lessees will reveal the market's confidence before policy statements do. If contracts require more registry-risk warranties, if transfer discounts widen, if customers demand continuity clauses, if lenders refuse to treat address holdings as stable, or if leasing shifts toward specialised continuity structures, the market is saying that registry compliance has become an asset risk.
The final watchpoint is whether the language of sanctions enters the debate openly. It should. Not because AFRINIC is a state sanctions authority; it is not. Not because every enforcement action is illegitimate; some are necessary. The term is useful because it describes effect rather than title. A non-state registry that can impair recognition of scarce resources can create sanction-like consequences. Once that is admitted, the design question becomes more disciplined: who may impose such consequences, under what rule, with what evidence, through what review, causing what collateral harm, and bearing what liability if wrong?
AFRINIC's crisis is therefore not only a story of litigation, elections or IPv4 scarcity. It is a warning about compliance power in a world where network identifiers have become capital, identity and continuity at once. The registry should keep the ledger accurate. It should help prevent fraud. It should make contacts useful. It should preserve publication and security services. It should not become a sanctions office by accident. The more valuable IPv4 becomes, the more dangerous that accident will be.

