Item 1C. Cybersecurity.

2 Months Ended

Dec. 31, 2025

Cybersecurity Risk Management, Strategy, and Governance [Abstract]

Overview

The Sponsor has adopted an organizational wide cybersecurity program. The program is administered by the Head of IT of the Sponsor (the “Head of IT”). The Sponsor’s objective, in the development and implementation of this comprehensive cybersecurity program, is to create effective administrative, technical, and physical safeguards for the protection of personal information of the organization and its clients.

Program Details

The Sponsor has designated the Head of IT to implement and maintain the cybersecurity program. The Head of IT may delegate any of the Head of IT’s responsibilities to appropriate designees as long as the Head of IT remains primarily responsible for compliance oversight and administration. The Head of IT is responsible for:

Initial implementation of the cybersecurity program;

Ongoing employee education;

Regular testing of the cybersecurity program’s safeguards;

Evaluating the ability of each of our third party service providers to implement and maintain appropriate security measures for the personal information to which we have permitted them access, and requiring such third party service providers by contract to implement and maintain appropriate security measures.

Reviewing the scope of the security measures in the cybersecurity program at least annually, or whenever there is a material change in our business practices that may implicate the security or integrity of records containing personal information.

Identification of Risks and Cybersecurity Governance

To combat internal risks to the security, confidentiality, and/or integrity of any electronic records containing personal information, and evaluating and improving, where necessary, the effectiveness of the current safeguards for limiting such risks, the Sponsor has identified the following risks that are present to its business as well as procedures to help mitigate those risks:

Internal Threats

There must be communication to employees on the detailed provisions of the cybersecurity program at onboarding and annually.

Access to records containing client’s personal information shall be limited to those persons who are reasonably required to know such information.

All security measures shall be reviewed at least annually, or whenever there is a material change in our business practices that may reasonably implicate the security or integrity of records containing personal information.

Terminated employees must return all records containing personal information, in any form, that may at the time of such termination be in the former employee’s possession.

A terminated employee’s physical and electronic access to personal information must be immediately blocked. Such terminated employee shall be required to surrender all keys, IDs or access codes or badges, business cards, and the like, that permit access to the firm’s premises or information. Moreover, such terminated employee’s remote electronic access to personal information must be disabled; his/her voicemail access, e-mail access, internet access, and passwords must be invalidated.

Current employees’ user IDs and passwords must be managed in accordance with the Sponsor’s password policy.

Employees are encouraged to report any suspicious or unauthorized use of customer information.

Employees are prohibited from keeping open files containing personal information on their computer screen when they are not at their desks. Employees are responsible for locking computer screen when away from workspace.

Employees must not share login information with co-workers.

External Threats

The Sponsor will maintain reasonably up-to-date firewall protection (if applicable) and operating system security patches, reasonably designed to maintain the integrity of the personal information, installed on systems processing personal information.

The Sponsor will maintain reasonably up-to-date versions of system security agent software which must include malware protection and reasonably up-to-date patches and virus definitions, installed on systems processing personal information.

To the extent technically feasible, personal information stored on portable devices, such as laptops or tablets, must be password protected, as must all records and files transmitted across public networks or wirelessly, to the extent technically feasible.

All computer systems must be monitored for unauthorized use of or access to personal information.

Risks Associated with Remote Client Access and Funds Transfer Requests

Currently, the Sponsor does not provide its clients with online account access nor does process funds transfer requests. If the firm’s business changes to allow for remote client access and funds transfer requests, the Sponsor will update the cybersecurity program accordingly by identifying the potential risks involved and implementing the appropriate safeguards to protect the client’s personal information.

Risks Associated with Vendors and Other Third Parties

The Sponsor periodically conducts risk assessments with vendors and other third parties that have access to the Firm’s networks, customer data, and other sensitive information.

Detection of Unauthorized Activity

Employees who believe their terminal or computer systems have been subjected to unauthorized activity, or has otherwise been improperly accessed or used, are required to report the situation to the Head of IT immediately to determine the course of action.

The Sponsor takes the issue of security seriously. Firm employees who use the technology and information resources of the firm must be aware that they can be disciplined if they violate this policy. Upon violation of this policy, an employee may be subject to discipline up to and including discharge. The specific discipline imposed will be determined by a case-by-case basis, taking into consideration the nature and severity of the violation of the cybersecurity program, prior violations of the policy committed by the individual, state and federal laws and all other relevant information.

In a case where the accused person is not a firm employee, the matter shall be submitted to the Head of IT. The Head of IT may refer the information to law enforcement agencies and/or prosecutors for consideration as to whether criminal charges should be filed against the alleged violator(s).

Updates to the Cybersecurity Program

The Head of IT reviews the cybersecurity program on a periodic basis and updates the program based on changes in the firm’s business, effectiveness of the safeguards, and any additional risk factors that become present. The Head of IT will inform management of the results of the reviews and any recommendations for improved security arising out of the reviews.

Furthermore, if an incident occurs that is determined to be in violation of the cybersecurity program, there shall be an immediate mandatory post-incident review of events and actions taken, if any, with a view to determining whether any changes in our security practices are required to improve the security of personal information for which the Firm is responsible.