diff --git a/java/google/registry/request/auth/AuthenticatedRegistrarAccessor.java b/java/google/registry/request/auth/AuthenticatedRegistrarAccessor.java
index 1d9412d1a..4fd31b7b3 100644
--- a/java/google/registry/request/auth/AuthenticatedRegistrarAccessor.java
+++ b/java/google/registry/request/auth/AuthenticatedRegistrarAccessor.java
@@ -220,16 +220,13 @@ public class AuthenticatedRegistrarAccessor {
    * @param clientId ID of the registrar we request
    */
   public Registrar getRegistrar(String clientId) throws RegistrarAccessDeniedException {
-    // Verify access before checking if the registrar exists, in order to not leak information
-    // about objects in the system the user doesn't have permissions on.
-    verifyAccess(clientId);
-
     Registrar registrar =
         Registrar.loadByClientId(clientId)
             .orElseThrow(
                 () ->
                     new RegistrarAccessDeniedException(
-                        String.format("Registrar %s not found", clientId)));
+                        String.format("Registrar %s does not exist", clientId)));
+    verifyAccess(clientId);
 
     if (!clientId.equals(registrar.getClientId())) {
       logger.atSevere().log(
diff --git a/javatests/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java b/javatests/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java
index c3e4f64f3..293e004a9 100644
--- a/javatests/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java
+++ b/javatests/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java
@@ -349,7 +349,7 @@ public class AuthenticatedRegistrarAccessorTest {
     expectGetRegistrarFailure(
         "BadClientId",
         GAE_ADMIN,
-        "admin admin@gmail.com doesn't have access to registrar BadClientId");
+        "Registrar BadClientId does not exist");
     verifyZeroInteractions(lazyGroupsConnection);
   }
 
diff --git a/javatests/google/registry/ui/server/registrar/OteStatusActionTest.java b/javatests/google/registry/ui/server/registrar/OteStatusActionTest.java
index 4fbc935f4..a9948f6bc 100644
--- a/javatests/google/registry/ui/server/registrar/OteStatusActionTest.java
+++ b/javatests/google/registry/ui/server/registrar/OteStatusActionTest.java
@@ -113,14 +113,15 @@ public final class OteStatusActionTest {
   }
 
   @Test
-  public void testFailure_noRegistrar() {
+  public void testFailure_registrarDoesntExist() {
     assertThat(action.handleJsonRequest(ImmutableMap.of("clientId", "nonexistent-3")))
         .containsExactlyEntriesIn(
-            errorResultWithMessage("TestUserId doesn't have access to registrar nonexistent-3"));
+            errorResultWithMessage("Registrar nonexistent-3 does not exist"));
   }
 
   @Test
   public void testFailure_notAuthorized() {
+    persistNewRegistrar(CLIENT_ID, "blobio-1", Type.REAL, 1L);
     action.registrarAccessor =
         AuthenticatedRegistrarAccessor.createForTesting(ImmutableSetMultimap.of());
     assertThat(action.handleJsonRequest(ImmutableMap.of("clientId", CLIENT_ID)))