Bitwise 10 Crypto Index ETF 10-K Cybersecurity GRC - 2026-03-02

Page last updated on March 2, 2026

Bitwise 10 Crypto Index ETF reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2026-03-02 16:14:05 EST.

Filings

10-K filed on 2026-03-02

Bitwise 10 Crypto Index ETF filed a 10-K at 2026-03-02 16:14:05 EST
Accession Number: 0001193125-26-085428

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. C YBERSECURITY Cybersecurity Risk Management and Strategy The Trust's cybersecurity risk management is established and governed by the Sponsor. The Sponsor determines and implements appropriate risk management processes and strategies as it relates to cybersecurity for the Trust and the Trust relies on the Sponsor for assessing, identifying and managing material risks to the Trust's business from cybersecurity threats. 77 The Sponsor's cybersecurity policies and practices are set out in the Sponsor's compliance manual and are reviewed on an annual basis. In addition, all officers of the Sponsor and all employees of Bitwise receive annual compliance training and annual cybersecurity training. Attendance at the annual cybersecurity training and the annual compliance training is tracked and recorded. The Sponsor engages a selection of third-party security experts ( " Experts ") to assist its internal legal, compliance and engineering personnel in developing, implementing and testing its cybersecurity policies and procedures.The Experts assist in performing assessments, penetration tests and reviewed areas of potential vulnerability. In addition, the Experts work with the Sponsor to conduct cybersecurity training, exercises and quarterly internal phishing tests. The Sponsor uses the findings of such exercises and campaigns to improve its practices, procedures, and technologies. The Sponsor also engages the Experts to support its cybersecurity threat and incident response management and maintains information security risk insurance coverage. The Sponsor conducts due diligence on the Experts and all third-party service providers both at the beginning of any contractual relationship and on an ongoing, periodic basis. The Sponsor reviews a selection of all of its service providers on an annual basis, with specific emphasis on any service providers deemed to be high risk and utilizes external compliance partners to assist with this review. As part of this review, the Sponsor tracks any identified deficiencies and requires that its third-party service providers have in place appropriate technical and organizational security measures and security-control principles based on recognized cybersecurity standards. The Sponsor also obtains contractual assurances from third-party service providers relating to their security responsibilities, controls, reporting, and roles and responsibilities as it pertains to cybersecurity incident response policies and notification requirements. While neither the Sponsor nor the Trust has experienced a material cybersecurity incident during the year ended December 31, 2025, cybersecurity threat risks may materially affect either the Sponsor or the Trust, including the Trust's business strategy, results of operations or financial condition. For further discussion of the risks the Trust faces from cybersecurity threats, see " Item 1A. Risk Factors-Risks Related to Trust Investment-Investing in the Trust may result in the total loss of investment due to passive management strategies, cybersecurity vulnerabilities, and inadequate recovery options for lost assets. " Governance The Trust does not have any directors, officers or employees. Under the Trust Agreement, all management functions of the Trust have been delegated to and are conducted by the Sponsor, its agents and its affiliates. The Sponsor utilizes the cybersecurity program of Bitwise, the parent of the Sponsor. Bitwise's cybersecurity program is managed through a combination of internal leadership and specialized third-party support. Bitwise employs experienced internal cybersecurity personnel, including a Head of Security and a Senior IT & Security Engineer, who are responsible for cybersecurity strategy, risk management, incident response preparedness, and day-to-day security operations. This internal function is complemented by external cybersecurity firms that provide security advisory services, continuous endpoint detection and response monitoring, and threat intelligence. Senior management maintains oversight of cybersecurity risk through regular reporting, alerts generated by security tools deployed in Bitwise's information technology environment, and input from third-party security partners. This approach is designed to help Bitwise prevent, detect, mitigate, and remediate cybersecurity risks in a manner appropriate to its size and risk profile. In addition, Bitwise has a board of directors that is ultimately responsible for managing and directing the affairs of the Sponsor, including maintaining oversight of risks from cybersecurity threats. Mr. Kim, the Chief Technology Officer of Bitwise , serves on the Bitwise board of directors.

Company Information