The European Banking Authority (EBA) has called on Icann to ditch plans to allow '.bank' and '.fin' top-level domains, warning that they could be used by phishers to trick customers.
Last June the Icann board gave the go-ahead for a raft of new generic top-level domains. The programme means that options such as '.bank' and '.fin' could be established and assigned to firms or people claiming to be financial services firms.
The EBA board of supervisors has written to Icann, expressing "many supervisory concerns" about the plan, centring on the "great potential" for "misuse by unscrupulous individuals".
Icann's plans to mitigate the risks, through the creation of a separate entity for the registration and control of these domains, are not enough to allay the EBA's fears.
"The potential for consumers of financial services to over-rely on what might be perceived as 'regulatory endorsement' of the companies operating under such TLDs is immense, and the risk for new types of fraud and 'phishing' can be enormous," says the letter.
In addition, the move could prove costly for genuine financial services firms that are forced to "establish costly and complex legal or commercial initiatives in order to safeguard their trademarks from frauds and abuses".
With registration already underway for the new raft of domains, the EBA says the '.bank' and '.fin' options should "ideally be discontinued" but says that at the least it will issue a consumer alert and bring in other European authorities.