{"url_path":"/sec/tc/10-k/2026/item-16k","section_key":"item-16k","section_title":"Item 16K CYBERSECURITY**","topic":"sec","document":{"doc_type":"20-F","doc_date":"2026-05-08","source_url":"https://www.sec.gov/Archives/edgar/data/1743340/0001213900-26-053942-index.html","accession_number":"0001213900-26-053942","cik":"0001743340","ticker":"TC","issuer_name":"Token Cat Ltd","edgar_url":"https://www.sec.gov/Archives/edgar/data/1743340/0001213900-26-053942-index.html","primary_entity_key":"0001743340","primary_entity_name":"Token Cat Ltd"},"word_count":549,"has_tables":true,"body_markdown":"**ITEM\n16K. CYBERSECURITY**\n\n** **\n\n**Cybersecurity\nRisk Management and Strategy**\n\n \n\nTo\nmaintain a consistently high level of service experience for our clients, preserve the confidentiality, integrity, and availability of\nour information systems, safeguard our assets, data, intellectual property, and network infrastructure, while meeting regulatory requirements,\nit is crucial to effectively manage cybersecurity risks. To achieve this, we have implemented a comprehensive cybersecurity risk management\nframework, which is integrated in our overall enterprise risk management system and processes and is internally managed.\n\n \n\nOur\ndedicated cybersecurity staff is tasked with assessing, identifying and managing risks related to cybersecurity threats and, under the\nleadership of our head of cybersecurity, is responsible for:\n\n \n\n \n●\nrisk\nassessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and\nour broader enterprise IT environment;\n\n \n \n \n\n \n●\ndevelopment\nof risk-based action plans to manage identified vulnerabilities and implementation of new protocols and infrastructure improvements;\n\n \n \n \n\n \n●\ncybersecurity\nincident investigations;\n\n \n \n \n\n \n●\nmonitoring\nthreats to sensitive data and unauthorized access to our systems;  \n\n \n \n \n\n \n●\nsecure\naccess control measures applied to critical IT systems, equipment and devices, designed to prevent unauthorized users, processes,\nand devices from accessing IT systems and data;\n\n \n \n \n\n \n●\ndeveloping\nand executing protocols to ensure that information regarding cybersecurity incidents is promptly shared with the board of directors,\nas appropriate, to allow for risk and materiality assessments and to consider disclosure and notice requirements; and\n\n \n \n \n\n \n●\ndeveloping\nand implementing training on cybersecurity, information security and threat awareness.  \n\n \n\nThere\nwere no cybersecurity incidents during the year ended December 31, 2025, that resulted in an interruption to our operations, known losses\nof any critical data or otherwise had a material impact on our strategy, financial condition or results of operations. However, the scope\nand impact of any future incident cannot be predicted. See “Item 3D-Risk Factors” for more information on how material cybersecurity\nattacks may impact our business.\n\n** **\n\n**Governance**\n\n \n\nOur\nboard of directors acknowledges the significance of robust cybersecurity management programs and actively participates in overseeing\nand reviewing our cybersecurity risk profile and exposures.\n\n \n\nThe\nboard of directors receives reports on cybersecurity risks, including recent legislative developments and evolving standards on cybersecurity,\nkey issues, priorities and challenges in our cybersecurity management, and relevant data or metrics. The board of directors also receives\nprompt and timely information regarding any significant cybersecurity incidents, as well as ongoing updates regarding any such incidents.\nFurthermore, in the event of any significant updates or adjustments to our cybersecurity related policies, the head of cybersecurity\nwill present them to the board of directors for their review and approval.\n\n \n\nOur\nhead of cybersecurity leads the overall assessment, identification and management of risks related to cybersecurity threats. He works\ncollaboratively within our Group and receives regular briefings on cybersecurity matters, such as report on cybersecurity incidents and\nresponses and remedial measures. Our head of cybersecurity has more than fifteen years of relevant experience in risk management, cybersecurity\nand information technology.\n\n \n\nOur\nhead of cybersecurity and their dedicated staff are responsible for the daily management of our cybersecurity efforts. This includes\nupdates and refinement of cybersecurity policies, execution and management of cybersecurity measures, and the preparation of regular\nreports on cybersecurity execution. Their primary focus is to consistently update our cybersecurity programs and mitigation strategies,\nensuring they align with industry best practices and procedures.\n\n \n\n102\n\n \n\n \n\n**PART\nIII**"}