| Field | Value |
|---|---|
| Author | BTW Research |
| Published | 2026-07-01 |
| Primary category | arin |
| Categories | governance; rir-watchdog; arin |
| SEO title | ARIN and the economics of auditability and transparency |
| SEO description | A research analysis of why ARIN's post-exhaustion legitimacy depends on audit trails, member accountability, transfer-market evidence, and the boundary between registry ledger and gatekeeper. |
| Focus keyword | ARIN auditability transparency |
| Primary domain | Governance |
| Content type | Research |
| Topic | auditability and transparency |
| Subject | ARIN |
| Region | North America |
| Time horizon | 12-24 months |
| Impact | HIGH |
| Confidence | B / 0.88 |
The test case inside a mature registry
ARIN is a useful test of registry accountability precisely because it is not the regional Internet registry most associated with institutional drama. It operates in a wealthy, legally dense and commercially sophisticated region. It has a long public record, a recognisable policy process, published bylaws, annual reports, elections, public meetings, transfer documentation and a large base of service relationships. A registry with those advantages should not need mythology to maintain legitimacy. It should be able to show, in records that outsiders can test, that its decisions are rule-bound, consistent, contestable and proportionate.
The subject is not whether ARIN is benevolent or malign. That vocabulary is too crude for an institution whose daily work consists of evaluating requests, maintaining registration data, enforcing number-resource policy, processing transfers, administering agreements, running elections, supporting routing-security services and preserving enough confidence for network operators to keep using a common registry. The harder question is what a post-exhaustion registry must disclose if it wants resource holders to trust decisions rather than institutional folklore. Before IPv4 exhaustion, allocation decisions could be defended by reference to scarcity discipline, future supply and the need to prevent duplicate use. After exhaustion, the same decisions have more visible distributional consequences. IPv4 blocks have market value, contractual status and liquidity risk. A delay, denial or transfer approval can affect a business plan.
ARIN's public materials provide much of the evidence for this analysis, but they should not provide the conclusion. The Number Resource Policy Manual states principles of registration, conservation, routability and stewardship. The transfer guidance describes mergers and acquisitions, specified-recipient transfers and inter-RIR transfers. The 2025 annual report gives membership, request and transfer counts. The bylaws describe member classes, voting rights and Board authority. The legacy resources guidance records a distinct bargain with early resource holders. The policy development materials explain how policy proposals are documented, discussed and adopted. These are valuable public exhibits. They are not a neutral frame through which every conflict should be settled.
The economic problem is that ARIN now sits at the intersection of registry truth, market scarcity and membership politics. It is expected to be a ledger for who holds which resources, a policy machine for deciding who may receive more, a gatekeeper for transfers, a service provider for routing-security tools and a corporate body accountable to a voting subset of its customers. Those roles can coexist only if the audit trail is strong enough to separate record-keeping from discretion. A ledger earns trust by being observable. A gatekeeper often asks for trust because it cannot publish, or chooses not to publish, the reasoning behind a decision. A mature post-exhaustion registry must be more ledger than gatekeeper, even when some facts in individual cases must remain confidential.
Scarcity changed the meaning of discretion
IPv4 exhaustion did not make Internet number resources property in the formal sense usually rejected by registry language. It did make them economically consequential in a way that old allocation theory cannot fully absorb. The transfer market makes this plain. ARIN's transfer rules maintain that number resources are not sold under ARIN administration and that transfers require explicit written approval. Around that official position, however, the market prices blocks, brokers transactions, finances acquisitions and treats clean registration status as a form of liquidity. The official theory and the commercial practice live in tension. That tension is manageable only when affected parties can audit decisions without relying on institutional memory or private interpretation.
Scarcity also changes the cost of ambiguity. When a registry had unallocated IPv4 space, a rejected or delayed request could be painful, but it might not change the structure of a firm. In a constrained market, an approval, denial, wait-list position or transfer delay can influence capital expenditure, customer acquisition, network migration and route-risk planning. A block that can be transferred is worth more than a block caught in a chain-of-title dispute. A recipient that can demonstrate need can move faster than one stuck in documentation review. A legacy holder with current contacts and a clear agreement position has more certainty than one whose records require organisational recovery. These are not abstract governance concerns. They affect the cost of address space and the allocation of operational risk.
ARIN's policy text recognises scarcity through wait-list rules, transfer restrictions, needs-based review and utilisation requirements. The wait list caps qualification, excludes larger holders from applying, states sequencing rules and treats transfer fulfilment as removing a request. Transfer rules impose different timing consequences depending on the role of the party and the source of the address space. Specified-recipient transfers require operational use, a signed agreement and documentation of need. In-region and inter-region transfers are not clerical updates. They are institutional judgments about who may acquire scarce resources under community-developed policy text.
The harder issue is how well outsiders can reconstruct those judgments. A registry can publish rule text and still leave the application of the rule obscure. It can publish aggregate charts and still make it difficult to know whether similar cases receive similar treatment. It can publish a transfer log and still omit the reason categories that explain why some tickets close, some pause and others fail. It can publish meeting minutes and still leave members unable to tell whether Board oversight examines hard operational trade-offs or merely receives management summaries. Auditability is not the same as disclosure volume. It is the quality that lets a reasonable observer trace a decision from rule to record to outcome.
Mythology grows where records are incomplete. Every registry has convenient myths: that staff always know best, that policy consensus is unambiguous, that members fully represent the affected community, that policy text speaks for itself, that legacy holders are either free riders or victims, that brokers are either parasites or necessary market makers, or that demands for disclosure are always disguised bids for control. Such myths are cheap coordination devices. They reduce the cost of decision-making by asking participants not to ask too many questions. They become expensive when assets are scarce, governance participation is uneven and the registry's decisions influence market liquidity.
North America is unusually exposed
ARIN's service region gives the auditability question unusual weight. It covers the United States, Canada, much of the Caribbean and North Atlantic region, Antarctica and several outlying areas. This is a region with deep capital markets, large network operators, cloud concentration, government networks, universities, hosting demand, small ISPs, enterprises that hold early allocations and an active secondary IPv4 market. A hyperscale platform's address strategy, a rural broadband provider's growth constraint, a Caribbean operator's access problem, a university's legacy holdings and a brokered transfer into or out of the region all meet the same institutional machinery.
That diversity makes a single official story unconvincing. The North American market is not one homogenous community of technically aligned operators. Some networks need scarce IPv4 space to serve customers. Some organisations hold more than current operations require but face legal, financial or reputation constraints in returning or transferring space. Some want IPv6 adoption to reduce dependence on IPv4 scarcity. Some benefit from IPv4 scarcity because it raises the value of holdings. Some treat ARIN primarily as a service provider. Others treat it as a governance institution whose decisions can alter the economics of routing, transfer and compliance. A transparent registry must speak to all these constituencies without pretending their incentives are identical.
ARIN's 2025 annual report says it served roughly 40,000 organisations and managed roughly 8m registration records. It also records 25,085 Service Members and 1,472 General Members at the end of 2025. That difference is institutionally important. Service Members are customers under an agreement. General Members are the voting class. Under the bylaws, Service Members do not vote in ARIN elections, while General Members in good standing do. The formal structure therefore separates the broader universe of registry users from the smaller electorate that chooses trustees and advisory council members. This is not inherently illegitimate; many membership bodies have differentiated voting rights. It does mean that "the community" cannot be used as a simple synonym for all affected parties.
The transfer market magnifies the point. In 2025 ARIN reported 540 transfers due to mergers, acquisitions and reorganisations under section 8.2, 1,795 transfers to specified recipients within the region under section 8.3, and 445 inter-RIR transfers under section 8.4. Those figures show that transfer administration is not a side activity. It is one of the main places where registry judgment meets market value. Each transfer type carries different evidence requirements and policy consequences. Each gives participants reasons to structure transactions, documentation and timing around ARIN's rules. When transfer activity is this large, the audit trail is not a courtesy to observers. It is part of the market's institutional infrastructure.
ARIN also reported that, among member categories at the end of 2025, 51.8% were IPv4-only, 36.2% held both IPv4 and IPv6, 6.5% were IPv6-only and the remaining group was marked as other. That composition matters. A registry may promote IPv6 adoption and routing security, but much of its member base still has economic exposure to IPv4 scarcity. It cannot assume that IPv6 progress removes the need for precise IPv4 transfer governance. Nor can it assume that IPv4 scarcity justifies opacity. The more durable scarcity becomes, the more discipline is needed around decisions that determine who may move, hold or receive address space.
Member power is a partial check
ARIN has a real membership structure. The Board is not a faceless ministry. The Advisory Council is not merely decorative. Public policy meetings, mailing lists, consultations, petitions and published policy records create channels through which participants can influence rule text. The bylaws assign formal power to the Board of Trustees, provide for member voting by General Members, and state that bylaws, articles, audit reports and meeting minutes are publicly available. The policy development page says number-resource policy changes are developed through open processes with public participation, and that mailing-list records, consultation proceedings, Advisory Council minutes and Board minutes are published.
These features are better than a closed administrative monopoly. They give ARIN more procedural capital than a registry that relies only on staff discretion. Yet member power should not be oversold. First, the voting electorate is small relative to the total universe of affected organisations. The 1,472 General Members reported at the end of 2025 are only a fraction of Service Members and a still smaller fraction of organisations whose operations may depend on accurate registry records. Second, voting is an intermittent control. It can change trustees and advisory council members, but it cannot by itself audit thousands of operational decisions. Third, participation is costly. Small operators, Caribbean networks, non-specialist enterprises and holders that encounter ARIN only during a transfer may lack the time to follow meeting records, policy texts and mailing-list debates.
The economics of participation matter because governance power tends to be exercised by those with the greatest expected return from using it. Firms with large number-resource holdings, transfer-market exposure, compliance staff or policy specialists can monitor ARIN more cheaply than small organisations. Retired engineers with deep registry history can participate more easily than new entrants. Brokers and specialist counsel may understand transfer bottlenecks better than a network operator that transfers addresses once. This does not prove capture. It means that the existence of an open process is not the same as equal practical access to influence.
Auditability helps correct this imbalance. A clear public record lets less powerful participants verify outcomes without attending every meeting or hiring a specialist. If a transfer ticket closes, a participant should be able to understand the public category of closure without seeing confidential contracts. If a policy is adopted, the record should connect problem statement, staff and legal review, community support, Board decision and implementation. If a resource review leads to return, revocation or no action, the public should be able to observe enough aggregate and categorical data to know whether review authority is exceptional, routine or concentrated in particular classes of case. The same transparency that protects outsiders also protects the registry from allegations of arbitrary treatment.
There is a further tension. ARIN's Board has fiduciary and operational responsibilities. It must protect the organisation from legal risk, preserve services and manage budget and staff. It also votes on policies that emerge from community deliberation. Those are not identical functions. Fiduciary oversight can require caution where participants want aggressive disclosure. Community support can be ambiguous. Legal review can narrow the range of permissible options. If the Board rejects, remands, suspends or modifies the course implied by public discussion, the audit trail must make the institutional reason legible. Otherwise Board accountability becomes a matter of reputation rather than evidence.
Legacy certainty is a governance asset
Legacy resources remain one of ARIN's most sensitive institutional subjects because they pre-date the modern contract and policy environment. ARIN's public legacy guidance says early IP address space was allocated liberally without a formal legal agreement, that ARIN was formed in December 1997 with responsibility for the early North American registry record, and that the Board decided at formation to provide registration services for legacy resources without requiring original holders to sign an agreement or pay service fees. It also says legacy holders not under an ARIN agreement can maintain Whois and RDAP registration, update public data, manage reverse DNS, maintain records through ARIN Online and access DNSSEC, while RPKI and IRR access require an ARIN agreement.
The fee bargain has changed. The legacy guidance states that the Legacy Fee Cap expired on 31 December 2023. Organisations with an active Legacy Registration Services Agreement entered before 1 January 2024 continue to have fees limited for legacy resources covered before that date; no additional legacy resources may be added after 1 January 2024, and resources covered after that date are subject to annual Registration Service Plan fees. This is an institutional transition that affects certainty. It does not eliminate legacy rights or convert all early resources into ordinary modern holdings. It narrows the terms under which legacy holders can retain special fee treatment.
The economic issue is not whether legacy holders deserve sympathy. It is whether their status is predictable enough to support registry trust. Legacy resources are often large, valuable and historically messy. Corporate reorganisations, dissolutions, university restructurings, name changes and old contact data can make authority difficult to prove. If legacy certainty depends on private interpretation, the transfer market will price uncertainty into these blocks. If certainty depends on clear published standards, the market can distinguish documentation risk from arbitrary risk. That distinction is central to liquidity. A block with a documented path to recognised control is more useful than a block whose status depends on undisclosed administrative judgment.
ARIN's policy text also states that the resource-review section does not create additional authority to revoke legacy address space, although legacy utilisation may be considered during review to assess overall compliance. That sentence is institutionally significant. It signals that legacy resources are not simply absorbed into ordinary revocation authority. It also creates a need for careful explanation when legacy resources appear in compliance analysis. Resource holders need to know whether legacy holdings are being used as context, as a trigger, as a limit or as a bargaining point. The public does not need every document submitted by a holder. It does need enough procedural clarity to know what legacy status protects and what it does not.
Legacy certainty is also connected to routing security. If RPKI and IRR access require an agreement, then a holder's decision to sign or not sign affects the security tools available for those resources. That is not a trivial incentive. A registry that wants more secure routing should want legacy holders to enter the contractual environment. If holders fear that doing so exposes them to unpredictable fees, policy changes or review risk, they may resist. The answer is not exhortation. It is a stable and auditable bargain. When an institution wants holders to move from historical accommodation to modern services, it must make the price of that move clear in financial and governance terms.
The transfer market exposes the ledger-gatekeeper divide
ARIN's transfer system is where the ledger-gatekeeper distinction becomes concrete. A pure ledger records who holds which resources after a valid change. A gatekeeper decides whether the change may occur. ARIN must do both. It must record transfers accurately, but it must also enforce source conditions, recipient requirements, regional connection rules, agreement requirements and documentation standards. The danger is not that ARIN has gatekeeping functions; scarce global identifiers require rule enforcement. The danger is that the gatekeeping role can crowd out the ledger role, leaving resource holders uncertain whether the public registry is a transparent record of rule-bound decisions or merely the visible surface of private administrative judgment.
The transfer rules show the complexity. Section 8.2 treats mergers, acquisitions and reorganisations differently from specified-recipient transfers because the recipient may have acquired the assets or entity using the resources, and the resources are not subject to a needs-based assessment during that transfer. Section 8.3 allows in-region specified-recipient transfers under source and recipient conditions. Section 8.4 allows inter-RIR transfers only with counterpart registries that share reciprocal, compatible, needs-based policies. Section 8.5 requires the receiving entity to sign an agreement, use resources on an operational network, respect a /24 minimum, document projected use and satisfy utilisation tests for additional blocks. These rules are not self-executing. Staff must evaluate documents, disputes, timing, holdings and regional connection.
The transfer guidance adds practical detail. It says both sides of an 8.3 transfer submit separate requests, that staff link the tickets once source and recipient are identified and confirmed, that each request is processed independently after fees, and that ARIN respects the privacy and confidentiality of each organisation. It also says ARIN cannot provide information on ticketed requests from other organisations and that parties should coordinate directly. This is understandable. Contracts, financial terms and corporate documents can be sensitive. But the same confidentiality that protects parties can weaken market-wide learning. If no public reason categories exist, participants cannot distinguish ordinary review time from a systemic bottleneck, a policy ambiguity or an unusually hard proof problem.
ARIN publishes transfer statistics and supports the NRO transfer log format. The log format provides a common publication method for transfers within and between registries, including cumulative files and dated snapshots. This is useful because completed transfers can be observed and compared over time. Yet a completed-transfer log is only one part of auditability. It shows that a transfer happened. It may not show what was contested, how long the ticket waited in each stage, whether the recipient failed an earlier review, how common redactions are, or which documentation categories most often determine outcomes. A strong ledger should not expose confidential deal terms, but it should publish enough process statistics to prevent private bottlenecks from becoming public mythology.
Market participants already price uncertainty. They care whether an address block is cleanly registered, whether the current holder is recognised, whether a corporate chain can be proved, whether a block is subject to transfer restrictions, whether the recipient can justify need and whether the transaction crosses a regional boundary. A registry that publishes only final outcomes leaves private intermediaries to monetise interpretive uncertainty. Brokers and specialist counsel then become translators of opacity. Expertise has value, and complex transactions will always need it. But if too much certainty is available only through private relationships or accumulated experience, the public function of the registry is weakened. A public ledger should reduce, not increase, the premium paid for knowing how the gate works.
Post-exhaustion incentives require institutional humility
Post-exhaustion institutions differ from growth-era institutions. In the growth era, a registry's main task was to distribute from a pool while preserving uniqueness, aggregation and efficient use. In the post-exhaustion era, the registry is also an arbiter of reuse. Its authority can release dormant resources, validate market transfers, discipline applicants, constrain out-of-region arbitrage and influence the cost of operational expansion. Scarcity gives the registry more leverage even if its formal mission has not changed. That leverage must be matched by humility in disclosure.
The incentive problem is subtle. A registry may sincerely see itself as a neutral steward. Yet post-exhaustion work can reward institutional expansion. More review, more documentation, more agreement coverage, more security services, more formalism and more policy interpretation can all be justified as stewardship. They can also increase dependence on the registry. None of these activities is necessarily wrong. The question is whether the public can tell when an intervention solves a real coordination problem and when it merely extends administrative reach. Auditability is the discipline that lets the registry make a strong case for intervention without asking holders to accept intention as proof.
ARIN's resource-review policy illustrates the point. It says ARIN may review current usage of resources when new resources are requested, when there is reason to believe resources were obtained fraudulently or contrary to policy, when there is reason to believe reassignment or reallocation policies are not being followed, or at other times unless a full review has been completed in the preceding 24 months. It says organisations must cooperate with reasonable documentation requests, that ARIN will communicate conclusions, and that materially out-of-compliance organisations may be requested or required to return resources, with revocation possible in specified circumstances. These are substantial powers.
The policy includes safeguards. It requires balance, recognises route de-aggregation concerns, gives time for returns in non-fraud cases and limits additional authority over legacy address space. But the public audit trail around how often these powers are used, against what kinds of holders, with what outcomes and under what triggers matters as much as the text. If resource review is rare and targeted, the data should show that. If it is routine and corrective, the data should show that too. If many reviews arise during transfers, that fact matters for market expectations. If reviews disproportionately affect small holders because they lack documentation staff, that is a governance concern.
Institutional humility means accepting that discretion must be explainable even when it is lawful. A registry may be entitled to make a judgment and still owe the community a public account of the judgment category. It may be unable to publish an applicant's documents and still be able to publish whether a case was approved, denied, withdrawn, abandoned, incomplete, disputed, superseded or moved into another track. It may not disclose staff deliberation but can disclose which policy section controlled the outcome and whether the case raised a repeated ambiguity. The point is not to turn registry operations into theatre. It is to make patterns visible before frustration hardens into mistrust.
Policy records are economic records
ARIN's policy records are often treated as governance artifacts. They are also economic records. A change to wait-list eligibility, transfer limits, utilisation requirements, out-of-region use, reserved pools or documentation standards can alter the value of holdings and the expected cost of expansion. A proposal that is abandoned can still reveal market pressure. A proposal rejected as out of scope can reveal a demand that the registry's current institutional form cannot absorb. The public list of proposals is therefore not mere historical housekeeping. It is a record of the economic arguments that participants tried to institutionalise.
Recent public proposal lists show this dynamic. Drafts and proposals in 2025 and 2026 touched IPv6 text, reserve space, out-of-region use, agreement language, section 6.4.1 retirement, section 6.5 revision work and a proposal to reserve 4.10 space for in-region use. The record also includes abandoned or rejected efforts concerning micro-allocation, registration timing, wait-list qualification and even auction-style ideas for specified transfers. These records show that resource governance is not static. They also show that policy debate is one of the few public places where market pressure becomes visible before it is translated into operational rules.
A good policy record lets participants see not only what passed, but why alternatives failed. This is especially important where the official scope of policy narrows what can be decided. If a proposal is rejected because it asks ARIN to run an auction or create a market mechanism beyond number-resource policy, that outcome tells market participants something about institutional boundaries. If out-of-region criteria are debated, holders can see that geographic connection remains a live economic boundary. If agreement language is clarified, recipients and legacy holders can see that contract status remains central to transfer and service access. Each policy step can move the line between ledger and gatekeeper.
The audit trail around policy also affects Board accountability. The policy development page says the Board reviews the history of each recommended policy proposal before adoption to ensure that the policy and its development comply with process requirements. That review is more than formal acceptance. It is the bridge between community deliberation and corporate responsibility. If the Board is to be trusted, observers need to see how it treats staff and legal concerns, whether it identifies risks that active participants underweight, and how it explains adoption, rejection or remand. A Board that hides behind community support when convenient and fiduciary duty when challenged will eventually erode both concepts.
Policy records also help distinguish genuine consensus from participation noise. Mailing-list activity can be dominated by a small number of informed and persistent voices. Meeting polling can show room sentiment but not always the distribution of affected interests. A published record that ties arguments, staff assessment, legal review, Advisory Council votes, community presentations, last call and Board action allows later readers to judge the quality of consent. The question is not whether every participant agreed. Serious policy rarely produces unanimity. The question is whether the record shows enough opposing arguments, evidence and institutional response to justify the claim that the decision was made in the open.
Board accountability must include decision substance
ARIN's Board is central because it holds corporate authority and strategic responsibility. The bylaws state that the power, authority, property and affairs of ARIN are exercised, controlled and conducted by or under the authority of the Board, subject to governing documents and law. They also state that the Board has oversight over nomination, appointment, election and removal processes, can form committees, and can adopt subsidiary policies and procedures. In 2025, according to the annual report, the Board consisted of 10 members, nine elected by General Members and the President and CEO as the tenth member, and held four in-person meetings plus three teleconference meetings.
Formal structure does not automatically produce public accountability. A Board can publish minutes and still leave the substance thin. It can record votes without explaining contested assumptions. It can report strategic priorities without showing how those priorities change budget, staffing, risk tolerance or service levels. For a registry, the most important accountability question is not whether minutes exist. It is whether minutes and related records let a resource holder understand how Board oversight constrains staff discretion, how member concerns are escalated, how repeated operational failures are examined, and how conflicts between transparency and confidentiality are resolved.
ARIN's strategic priorities in the 2025 annual report included providing industry-leading registry services, advancing routing security, protecting the multistakeholder approach and the number-registry system, strengthening organisational practices, and increasing outreach and support to members in the Caribbean. These priorities are sensible as public language. Strategy becomes meaningful only when tied to measurable commitments. If registry services are to be industry-leading, what service-level evidence is published and how are exceptions explained? If routing security is a priority, how are adoption barriers for legacy holders and small networks measured? If the multistakeholder model is to be protected, how is low or concentrated participation treated as a governance risk? If Caribbean outreach is a priority, what evidence shows that policy and services are becoming more accessible to smaller and regionally distinct operators?
Board accountability should also address fees and services. A registry's budget is funded by the organisations it serves. Fee design affects small operators, large holders, legacy participants and organisations that need routing-security services. A fee increase may be operationally necessary, but it can alter incentives to maintain records, sign agreements or keep resources inside a formal service relationship. The Board is the body that must connect financial sustainability with institutional trust. Audit reports and compensation practices are useful, but they do not substitute for a public explanation of how fee policy, service access and registry certainty interact.
The Board should also be the visible owner of transparency limits. Staff can administer confidentiality. The Board must define legitimacy. When transfer parties submit sensitive legal documents, when personal contact data is protected, when security incidents require caution, or when legal advice cannot be published, the Board should still make clear what categories of information the registry will disclose. Without this boundary, confidentiality becomes an elastic reason to withhold pattern evidence. The public does not need private contracts. It needs confidence that private contracts are not becoming private law.
Transparency has limits, but limits need architecture
No serious account of registry transparency can demand total publication. ARIN handles corporate documents, contact data, security information, disputes, legal claims, support tickets and operational details that should not be fully public. Transfer participants may provide asset purchase agreements, bills of sale, merger documents, court orders, secretary-of-state filings, officer acknowledgements and redacted materials. The transfer guidance says parties may redact financial or otherwise sensitive information and that ARIN has a standard non-disclosure agreement when necessary. Public disclosure cannot destroy the trust required to submit evidence.
Limits are not a reason to avoid architecture. A strong transparency architecture separates confidential evidence from public decision metadata. It says which facts cannot be published, which categories can be published in aggregate, which reasons can be assigned to outcomes, which timelines can be reported, and which policy ambiguities should be escalated into public discussion. The registry can protect parties while still recording that a transfer was delayed because source authority was unresolved, recipient need was incomplete, documentation was insufficient, regional connection required further proof, a dispute existed, fees or agreement execution were pending, or a policy interpretation required review.
The distinction between facts and reason categories is crucial. A company may not want its acquisition agreement public. The market can still be told that a class of 8.2 cases failed because the asset chain could not be authenticated. A recipient may not want its network plan published. The public can still know that a class of 8.3 cases was denied because utilisation documentation did not meet the rule. A holder may not want details of a compliance review disclosed. Members can still know how many reviews led to no action, corrective update, voluntary return, pending return or revocation. This is not a privacy violation. It is institutional accounting.
Transparency limits also need time structure. Some information may be sensitive during a pending ticket but less sensitive after closure. Some disputes may require delayed publication. Some aggregate statistics are safe only when sample sizes are large enough to avoid re-identification. A registry should be able to say when delayed disclosure is normal, when it is impossible and when it is subject to Board review. Without time structure, temporary confidentiality becomes permanent opacity by default.
Security creates another limit. Routing-security systems, authentication changes, POC validation and account access controls can involve abuse risks. ARIN's 2025 annual report noted security-oriented changes such as retiring FTP access, changing POC linking to enhance security, adding ROA change logs in ARIN Online and improving RPKI-related services. Security transparency should avoid helping attackers. But security is also a common refuge for vague explanation. The appropriate architecture distinguishes exploit-enabling detail from governance-relevant evidence. It may be unsafe to publish control-level security detail, but it is usually safe to publish adoption rates, incident categories, service availability, change notices and post-incident lessons once risk has passed.
Opacity is paid for by smaller actors first
Opacity is not evenly distributed. Large holders and repeat market participants can buy expertise. They can retain counsel, brokers, consultants and former insiders. They can wait through documentation cycles. They can run parallel address strategies. They can use acquisitions or leasing arrangements to manage scarcity. Small operators cannot. A small ISP trying to expand service, a Caribbean network facing high operating costs, or an enterprise trying to regularise old records faces a different cost curve. For such actors, unclear transfer expectations, vague review risk or hard-to-use policy records can be a real barrier to participation.
This is why auditability is not an anti-registry demand. It is pro-access. A clear audit trail reduces the need for private translators. It lets a small organisation prepare documents before paying fees. It lets a recipient understand whether pre-approval is meaningful. It lets a legacy holder decide whether signing an agreement is worth the service access and fee consequences. It lets a new entrant compare wait-list, transfer and upstream-provider options. It also prevents a small holder from interpreting every delay as bias. In markets with scarce assets, uncertainty is a regressive tax.
ARIN's own materials show several places where smaller actors face complexity. The transfer process includes linked tickets, officer letters, agreement execution, fees, source restrictions, recipient requirements, wait-list consequences and privacy limits. The wait list has eligibility ceilings and transfer restrictions. Out-of-region use requires proof of a real and substantial connection that cannot be satisfied merely by incorporation. POC validation can restrict account functions if contacts are invalid. Legacy status can affect access to RPKI and IRR. None of these rules is inherently unreasonable. Together they create a high-documentation environment.
High-documentation environments tend to privilege those who understand documentation as a strategic asset. A registry cannot eliminate this advantage. It can narrow it by publishing examples, reason categories, time distributions, outcome statistics and common failure points. The transfer page already provides examples of documentation categories and practical steps. The next step is not more general advice. It is better public evidence about how rules are applied. If most delays arise from source authority, say so. If recipient need is usually the constraint, say so. If older mergers are workable when public filings exist, say so with categories. If some issues are rare, publish enough to stop rumour from filling the gap.
The same point applies to member democracy. General Members have voting rights, but the resource ecosystem is broader. ARIN's legitimacy cannot rest only on the claim that voting members can replace trustees. Many affected parties are not voting members, not active participants, or not able to monitor policy debates. A public audit trail gives non-voting and low-participation actors a way to evaluate performance. It is a substitute for neither elections nor meetings. It is the evidence base that makes elections and meetings meaningful.
The registry record is a public good
The public registry is more than a customer-service system. It is a public good for network coordination. Operators use registration data to solve operational and security problems. Researchers use it to study allocation and routing. Abuse desks and lawful authorities use contacts. Transfer participants use records to verify source authority. Routing-security systems depend on accurate resource relationships. If the registry record is trusted, private actors coordinate at lower cost. If it is distrusted, every transaction requires more bilateral proof.
ARIN's NRPM states that registration is necessary to ensure uniqueness, provide operational and security contacts, provide transparency required for efficient utilisation and assist in IP allocation studies. This is a strong foundation. It acknowledges that registration is not merely a back-office function. The registry record itself creates transparency needed for efficient use. But the principle must extend to decisions that change the record. A public record of allocation, reassignment and transfer is less useful if the decision path into the record is opaque.
The NRO transfer log format is an example of treating registry data as shared infrastructure. Common files and dated snapshots allow transfers to be observed in a standard way. ARIN's historical delegation reports have a similar function. Standardised public data makes independent analysis possible. It lets outside researchers detect trends, compare regions, identify concentration and test claims. This kind of transparency reduces mythology because it gives outsiders material to analyse rather than slogans to repeat.
Yet data without institutional context can mislead. A transfer log can show volumes but not policy friction. Delegation files can show allocation history but not contested authority. Membership counts can show scale but not participation distribution. Board minutes can show actions but not always operational consequences. Auditability requires linking data types. If transfer volumes rise while service-level times deteriorate, that matters. If wait-list activity falls because the transfer market absorbs demand, that matters. If legacy agreement coverage rises after a fee change, that matters. If RPKI adoption remains lower among certain categories of holder, that matters. The registry should help the public connect these facts, not merely publish isolated artifacts.
The public-good character of the record also constrains private monetisation of knowledge. Brokers, lawyers and consultants can improve transactions, but they should not be the primary way participants learn what the registry will accept. If the public record is weak, private interpretation becomes a market. If the public record is strong, private expertise shifts toward genuinely complex cases. That is healthier for the registry and for the market.
Out-of-region use tests the boundary of community
ARIN's out-of-region policy is another place where economic incentives and institutional discretion meet. The NRPM permits ARIN-registered resources to be used outside the ARIN service region, but such use can justify additional resources only if the applicant proves a real and substantial connection with the ARIN region and uses the same type of resources in-region at specified minimums. The policy says merely being incorporated in the region is not sufficient. It lists evidence such as physical presence, staff, assets, services to residents, meetings, investment capital, incorporation and other fact-based criteria, while saying ARIN determines the weight accorded to the factors.
This is a textbook auditability problem. The rule is trying to prevent jurisdictional arbitrage while allowing legitimate multinational operations to use resources where their networks require them. The phrase "real and substantial connection" is necessarily fact-intensive. The policy cannot list every valid business arrangement. But because the rule affects access to scarce resources, the application of discretion matters. If two applicants with similar regional footprints receive different results, the market will notice. If corporate form is discounted in one case and relied on in another, participants need to understand why. If assets, staff or customer relationships are weighted differently across sectors, the pattern should be visible in anonymised categories.
Out-of-region use is also a North American market issue because the region contains capital, cloud infrastructure and corporate vehicles that can be used in global address strategies. A firm may have a US entity, Canadian staff, Caribbean infrastructure, customers elsewhere and routing across multiple regions. A registry that is too permissive may invite address arbitrage. A registry that is too restrictive may punish legitimate multinational network design. Neither problem can be solved by a slogan about regional stewardship. It requires evidence of how the test is applied.
The out-of-region rule intersects with inter-RIR transfer policy. Section 8.4 requires reciprocal, compatible, needs-based policies for inter-regional transfers. If regional connection tests are opaque, inter-RIR transfers become harder to evaluate. Participants cannot tell whether a transfer is being slowed by ARIN's own criteria, the counterpart registry's policy, documentation mismatch or a broader concern about double-counting need across regions. The NRPM states that services and facilities used to justify need in another registry cannot also be used as the basis for ARIN resources, and an officer must attest to that fact. This is reasonable, but it makes the audit trail more important, not less.
The correct public posture is not to publish applicant business plans. It is to publish the decision architecture: which factors are commonly accepted, which are insufficient alone, which require corroboration, which outcomes are most common and how many cases involve further review. The rule already says ARIN determines weight. Auditability should show how that weighing behaves over time.
Routing security adds a second layer of trust
Routing-security services make registry accountability more important because they turn registration trust into operational trust. RPKI, IRR and related systems depend on the registry's recognition of resource holders and authority. ARIN reported 8,140 organisations signed up for its RPKI services as of 31 December 2025, with 98% using hosted RPKI, and noted improvements such as ASPA support in the test environment and a ROA change log in ARIN Online. These are operationally significant developments. They show that registry services are no longer only about who receives numbers. They are about who can make statements that affect route validation and routing-security automation.
This deepens the importance of legacy agreement status. Legacy holders not under agreement can maintain Whois and RDAP records, reverse DNS and certain online functions, but cannot access ARIN's RPKI or IRR services without an agreement. A registry that wants secure routing needs holders to have confidence that entering the service relationship is predictable. If fee terms, review exposure or future policy obligations are unclear, some holders may delay. The resulting security gap is not merely a private problem; it can affect the wider routing system.
RPKI also changes auditability expectations because errors can have operational consequences. A mistaken resource relationship, an account compromise, an inappropriate ROA change or a delayed update can affect reachability. ARIN's reported ROA change log is useful because it gives organisations visibility into new and modified ROAs. But the institutional question is broader. What public evidence exists about service reliability, incident categories, support responsiveness and remedial action when registry authority affects routing security? Service reports and status pages are helpful, but the audit trail must connect service performance with governance oversight.
Routing security also complicates privacy. Some operational details should not be public in real time. Attackers can exploit knowledge of account controls, certificate transitions or contact weaknesses. But aggregate transparency is still possible. The registry can publish adoption by category, service availability, broad incident classes, time-to-resolution distributions and the number of cases requiring manual authority recovery without exposing exploitable details. The goal is to show that the registry understands the operational consequences of its own authority.
The economics are clear. A resource block with strong, current routing-security posture may be more valuable and less risky than one with ambiguous authority or weak services. A transfer that correctly handles ROAs, IRR objects and reverse DNS reduces operational risk for both sides. ARIN's transfer guidance tells source organisations to edit or delete transferring prefixes from source ROAs, update IRR objects and coordinate reverse DNS. That practical guidance recognises that transfers are not only legal or administrative events. They are routing-risk events. Public auditability should treat them accordingly.
What a better audit trail would disclose
A registry does not need to publish every document to be auditable. It needs a disciplined map of decision inputs, rule references, status changes and outcome categories. For ARIN, the highest-value disclosures would make transfers, wait-list administration, resource reviews, legacy transitions, policy implementation and Board oversight more legible without exposing confidential evidence. The principle is simple: disclose the institutional reason, not the private file.
For transfers, a stronger public record would separate completed transfers, withdrawn tickets, denied tickets and long-pending tickets by policy section, transfer type, source and recipient region, broad reason category for non-completion, dispute status, agreement execution, documentation sufficiency and routing-security cleanup. The market does not need to know a buyer's acquisition price. It does need to know whether transfer failures are mostly about source authority, recipient need, stale contacts, reserved-pool restrictions, regional connection or unresolved disputes.
For wait-list administration and resource review, aggregate disclosure should show qualified requests, waiting time, block sizes requested and fulfilled, removals caused by transfers or ineligibility, review triggers, outcomes, closure times, return or revocation categories, and the aggregate treatment of legacy resources. Private compliance files can remain private. Public authority to review resources should still produce public evidence of proportionality, especially if reviews are concentrated around transfers, fraud concerns, reassignment-policy issues or small holders with limited documentation capacity.
For policy implementation and Board oversight, the record should connect adoption dates, effective dates, implementation notes, operational impacts, staff and legal review, post-implementation corrections, service levels, transparency exceptions, election participation, fee impacts, security incidents and transfer-market data. Minutes need not become transcripts. They should make clear that the Board is governing substance, not merely receiving updates, and that policy is followed into practice rather than left as static text.
Official transparency as self-description is not enough
Official documents often say processes are open and transparent. Such statements matter, but they are self-descriptions. The economic test is whether a skeptical resource holder can reproduce the institutional path from public evidence. If the answer is yes, transparency is functioning. If the answer is "trust the registry because the registry says its process is open", transparency has become a belief system.
ARIN's policy development text contains strong commitments: public participation, documented records and open discussion. The quality of transparency, however, depends on completeness, usability and connection. A mailing-list archive that is technically public but hard to analyse is less useful than one with clear issue summaries. Minutes that record actions but not contested arguments are less useful than minutes that identify trade-offs. A proposal archive is more valuable when linked to staff assessment, legal concerns and implementation impact.
The same caution applies to annual reports and global reform documents. ARIN's annual report is valuable because it gives membership counts, request counts, transfer counts, service highlights and Board composition, but it is still an organisational publication with a natural tendency toward self-presentation. The NRO's ICP-2 update shows that the global registry system recognises a need to modernise accountability standards, but global consultation language cannot substitute for region-level auditability. ARIN's legitimacy will be judged by what its own records allow participants to verify, especially those who encounter the registry only during a transfer, a legacy update or a service dispute.
Repeatability is better than mythology
The registry system rests on technical necessity, community legitimacy and institutional habit. That mixture can create mythology: that the system works because it has always worked, that community stewardship is self-correcting, that policy consensus legitimises every decision, or that technical coordination is outside ordinary economic analysis. These claims contain fragments of truth. They become dangerous when used to avoid evidence.
Repeatability is a better standard. If an applicant meets the same criteria as a prior applicant, it should expect the same outcome unless policy has changed or a relevant fact differs. If a transfer is denied for incomplete documentation, another participant should know what category of documentation was missing. If a policy is rejected as out of scope, later authors should know what institutional boundary was crossed. If a resource review requires return, similar holders should know what compliance pattern produced that result. Repeatability does not require mechanical decision-making. It requires discretion to be bounded, explained and visible in pattern.
The transfer market makes repeatability commercially valuable, and it also protects ARIN. When parties plan a transaction, they need to estimate ARIN risk; if that risk is hidden, the market relies on rumour, broker experience and conservative pricing. A strong audit trail lets the registry answer allegations of inconsistency with evidence rather than assertion. It can show that similar cases were handled similarly, that unusual cases involved unusual facts, and that policy changes explain differences over time. Without such evidence, even correct decisions can appear arbitrary.
The next 12 to 24 months
The next 12 to 24 months are likely to matter because several pressures are converging. IPv4 scarcity remains commercially important even as IPv6 deployment continues. Inter-RIR and in-region transfers remain active. Legacy fee arrangements have changed. Routing-security services are becoming more operationally consequential. The ICP-2 update and wider governance discussion have put registry accountability into a global frame. ARIN's own policy docket includes work touching IPv6 text, reserved space, out-of-region use and agreement language. None of these developments alone requires institutional alarm. Together they increase the value of a better audit trail.
Market maturity is the first pressure. As more organisations treat IPv4 transfers as normal business transactions, they will expect registry review to behave like a predictable institutional service: not automatic approval, but visible criteria, stable timelines, reason categories and clear escalation paths. A mature market can tolerate strict rules more easily than hidden rules. If ARIN wants to preserve needs-based stewardship while allowing transfers, it must show that needs assessment is applied consistently.
The second pressure is legitimacy across different constituencies. The gap between Service Members and General Members is a structural fact, not a scandal, but it means ARIN needs non-electoral transparency for the broader holder base. The legacy fee transition creates questions about certainty, service access and review exposure. Routing-security expansion creates operational consequences that must be governed without exposing attacker-friendly detail. Global accountability reform may raise expectations, but ARIN's credibility will depend on linked regional evidence: transfers, wait list, reviews, policy implementation, service levels, Board oversight and member participation.
A practical disclosure bargain
The right disclosure bargain is not radical transparency. It is precise transparency. ARIN should protect private documents, personal data, sensitive security details and legal communications. In exchange, it should publish better public metadata about institutional decisions. That bargain would improve market efficiency, reduce rumour, protect small participants and strengthen ARIN's defence against claims of arbitrary gatekeeping.
The bargain starts with reason categories. Allocation, wait-list, transfer, resource review, legacy agreement, routing-security authority recovery, policy adoption and Board oversight should each have categories that are stable enough for time-series analysis and specific enough to be useful. "Incomplete documentation" is better than "closed"; "source authority unresolved" is better still; "recipient need insufficient under 8.5" is better than "denied". The purpose is not to embarrass parties. It is to make the institutional reason visible.
The second element is time and policy linkage. Public reports should distinguish registry review time from applicant response time, counterpart delay, fee or agreement execution and external dispute. Every operational reason should map to policy text or published procedure, whether the controlling issue is section 8.5, the out-of-region connection test, a wait-list restriction or a legacy-service rule. This would reduce unfair criticism of staff while showing where the system imposes real costs.
The final element is Board review and independent usability. The Board should periodically receive and publicly summarise pattern evidence on transfers, wait list, reviews, service levels, legacy transitions and transparency exceptions. Data should be downloadable, historically comparable and documented. The NRO transfer log format shows that structured publication is possible; similar discipline can apply to aggregate decision categories without exposing confidential files.
Conclusion: disclose enough to price trust
ARIN's institutional position is stronger than that of a registry in open crisis. It has public policy records, bylaws, annual reports, transfer logs, statistics, member elections, service documents, published agreements and a long operational history. The problem is not an absence of transparency. The problem is whether the transparency is good enough for a post-exhaustion market in which registry decisions have measurable economic effects. That is a higher standard than the one needed when IPv4 supply was abundant and transfer activity was marginal.
The registry's legitimacy now depends on a disciplined distinction. As a ledger, ARIN should make the public record accurate, usable and analyzable. As a gatekeeper, it should disclose the categories and policy basis of its decisions without exposing confidential evidence. The more it acts as gatekeeper, the more it must strengthen the ledger around that action. If it does not, trust migrates from public evidence to private interpretation, and the market pays a tax to brokers, specialists and rumour.
The North American setting makes this especially important. The region contains large holders, small operators, active transfers, legacy resources, sophisticated legal markets, routing-security dependence and a member structure in which voting rights belong to a subset of customers. ARIN cannot rely on official narrative alone. It must show that resource holders can test institutional decisions against public records. That is the difference between accountability and ceremony.
Legacy certainty, transfer-market clarity, Board accountability, policy-record quality and transparency limits all point to the same conclusion. A registry does not need to disclose everything. It needs to disclose enough that affected parties can understand the rule, see the path, compare the outcome and challenge the pattern. Trust in such an institution should be priced not by mythology but by auditability. ARIN is a test case because it has the resources, maturity and public record to meet that standard. The next question is whether it will treat auditability as a core registry service rather than as an optional supplement to governance language.
Public sources used as exhibits include ARIN's Number Resource Policy Manual, transfer guidance, 2025 annual report, bylaws, legacy resources guidance, policy development materials, statistics and transfer-log documentation, plus the NRO's ICP-2 update page. They are used here as evidence of rules, counts and public commitments, not as final authority on how their institutional meaning should be judged.

