ProCap Financial, Inc. 10-K Cybersecurity GRC - 2026-02-18

Page last updated on February 18, 2026

ProCap Financial, Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-02-18 17:13:53 EST.

Filings

10-K filed on 2026-02-18

ProCap Financial, Inc. filed a 10-K at 2026-02-18 17:13:53 EST
Accession Number: 0001493152-26-007352

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY Risk Management and Strategy Our management team manages our security program, which is focused on assessing, identifying, and managing cyber risk and information security threats. We evaluate cybersecurity on an ongoing basis, and it is a risk monitored through our overall enterprise risk management program, including by our executive leadership and Board, described below under "- Governance ." -67- To proactively manage cybersecurity risk in our organization, our management team has instituted a cybersecurity policy that is available to all employees. Our management, led by our Chief Executive Officer, is actively involved in oversight of our risk management efforts, and cybersecurity represents an important component thereof. Our cybersecurity processes and practices are fully integrated into the Company's risk management efforts. In general, we seek to address cybersecurity risks through a cross-functional approach that is focused on preserving the confidentiality, security and availability of the information that we collect and store by identifying, preventing and mitigating cybersecurity threats. As one of the critical elements of our overall risk management approach, our cybersecurity efforts are focused on the following key areas: ● Governance: Management oversees cybersecurity risk mitigation and reports to the Board any cybersecurity incidents. ● Collaborative Approach: We have implemented a cross-functional approach to identifying, preventing and mitigating cybersecurity threats and incidents, while also implementing controls and procedures that provide for the prompt escalation of certain cybersecurity incidents so that decisions regarding the public disclosure and reporting of such incidents can be made by management in a timely manner. ● Technical Safeguards: We deploy technical safeguards that are designed to protect our information systems from cybersecurity threats, including anti-malware functionality and access controls, which are evaluated and improved through vulnerability assessments and cybersecurity threat intelligence. Third parties also play a role in our cybersecurity. We engage third-party service providers to evaluate and monitor our security controls, as well as to conduct independent audits or consulting on best practices to address new challenges. To date, our business strategy, results of operations, and financial condition have not been materially affected by risks from cybersecurity threats, but we cannot provide assurance that they will not be materially affected in the future . For more information on our cybersecurity-related risks, see " Risk Factors " in Item 1A of Part I of this Annual Report. Governance Our Board addresses the Company's cybersecurity risk management as part of its general oversight function. Our management, led by our Chief Executive Officer, presents information on our enterprise-wide risks to the Board at each of its regularly scheduled meetings. Members of the management team have extensive experience managing risks at our Company and at similar companies in the past, including risks arising from cybersecurity threats. The Board will convene as necessary to address critical or emerging cybersecurity concerns and to ensure alignment on approach. In the event of an incident, the Company has developed an incident response plan, which sets forth the steps to be followed from incident detection and assessment to mitigation, recovery and notification and reporting, including notifying functional areas (e.g. legal), as well as senior leadership and the board, as appropriate . While we have prevented cybersecurity threats in the past in the normal course of business and expect to continue to experience such threats from time to time, to date, none have had a material adverse effect on our business, financial condition, results of operations or cash flows.

Company Information