Risk Management and Strategy

We recognize the critical importance of developing, implementing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data.

Managing Material Risks and Integrated Overall Risk Management

The Corporation currently has an Information Security Management System (“ISMS”) in place in order to monitor and govern all aspects for the Corporation’s information security. Additionally, we have begun to formulate and operationalize a cybersecurity incident leadership team (the “CSI management team”) as part of our broader risk management framework in order to promote a company-wide culture of cybersecurity risk management and encourage cybersecurity considerations to become an integral part of our decision-making processes at every level. Our CSI management team will work closely with our internal information security professional (the “IS Lead”) to continuously evaluate and address cybersecurity risks in alignment with our business objectives and operational needs.

Third-Party Service Providers and Risk

We utilize third-party service providers to assess our software and hardware against cybersecurity threats and vulnerabilities. We conduct internal due diligence of all third-party providers before engagement and maintain ongoing monitoring to ensure compliance with our cybersecurity standards, including strict controls of privileged access granted to service providers. This approach is designed to mitigate risks related to data breaches or other security incidents originating from third parties.

Governance and Board Oversight

The Board recognizes the critical nature of managing risks associated with cybersecurity threats. It will continue to review our cybersecurity risk management processes and may implement further changes to those processes to establish robust oversight mechanisms and, ultimately, ensure effective governance in managing risks associated with cybersecurity threats.

The Board has delegated most of its oversight to the Audit Committee, which is composed of Board members with diverse expertise, including risk management, technology, and finance, that we believe equips them to oversee cybersecurity risks effectively.

Management’s Role Managing Risk

The CSI management team is expected play a pivotal role in informing the Audit Committee about cybersecurity risks. In consultation with our senior management, the CSI management team will determine whether notification to the Audit Committee of a cybersecurity threat is necessary or advisable. Upon determining that such notification should be given, the CSI management team is expected to provide prompt notification to the Audit Committee.

The Audit Committee actively participates in strategic decisions related to cybersecurity, including by offering guidance and providing approval for major cybersecurity-related initiatives. This involvement ensures that cybersecurity considerations are integrated into our broader strategic objectives. The Audit Committee plans to periodically discuss our cybersecurity posture and the effectiveness of its risk management strategies with our President and IS Lead (as defined below), as and when appropriate. We believe that this review will aid in identifying areas for improvement and ensure the alignment of cybersecurity efforts with our overall risk management framework.

Risk Management Personnel

The IS Lead has primary responsibility for assessing, monitoring, and managing our cybersecurity risks. Our current IS Lead, Alec Amar, also serves as our President. Our President and IS Lead’s background and experience qualify him to serve as our IS Lead. Mr. Amar has achieved success in both product development and licensing, as well as blockchain solutions. After graduating from the University of Southern California with a degree in economics and digital entrepreneurship, Mr. Amar devised and headed a blockchain operation, building highly efficient and productive mining facilities.

Monitor Cybersecurity Incidents

The IS Lead is informed of any cybersecurity threats or incidents via the Corporation’s cybersecurity processes and third-party service providers. In addition, the IS Lead implements and oversees processes for the regular monitoring of our information systems. This includes the deployment of appropriate security measures and regular system audits to identify potential vulnerabilities. In the event of a cybersecurity incident, the IS Lead is equipped with a well-defined incident response plan. This plan includes immediate actions to mitigate the impact and long-term strategies for remediation and prevention of future incidents.

Reporting to the Board of Directors

The IS Lead informs the Chief Executive Officer and Chief Financial Officer of all aspects related to cybersecurity risks and incidents and is expected to continue to do so in the future in conjunction with the CSI management team. This process is designed to ensure that the highest levels of management are kept abreast of our cybersecurity posture and the potential risks we face at the applicable time or may face in the future. Furthermore, significant cybersecurity matters and strategic risk management decisions are escalated to the Audit Committee and the Board, as applicable, ensuring that they have comprehensive oversight and can provide guidance on critical cybersecurity issues.

Risks from Cybersecurity Threats

Cybersecurity risks and threats, including as a result of any previous cybersecurity incidents, have not materially impacted and are not reasonably expected to materially impact us or our operations to date. However, we recognize the ever-evolving cyber risk landscape and cannot provide any assurances that we will not be subject to a material cybersecurity incident in the future. For additional discussion of cybersecurity-related risks related to our business, see Item 1A. “Risk Factors.”