TRANSFER AGENCY AND SERVICE AGREEMENT

Exhibit 10.6

TRANSFER AGENCY AND SERVICE AGREEMENT

THIS AGREEMENT is made as of the 15th day of November, 2024, by and between WisdomTree Bitcoin Fund , a Delaware Statutory Trust (the “Trust”), having its principal office and place of business at 000 Xxxx 00^xx Xxxxxx, 0^xx Xxxxx, Xxx Xxxx, Xxx Xxxx 00000, and THE BANK OF NEW YORK MELLON, a New York corporation authorized to do a banking business having its principal office and place of business at 000 Xxxxxxxxx Xxxxxx, Xxx Xxxx, Xxx Xxxx 00000 (the “Bank”). This Agreement shall be effective on November 25, 2024 or such other date as the Trust and the Bank may agree in writing (the “Effective Date”). The term “Agreement” shall mean this Transfer Agency and Service Agreement as constituted on the Effective Date, and thereafter as it may be amended from time to time as provided for herein.

WHEREAS, the Trust will ordinarily issue for purchase and redeem shares of the Trust (the “Shares) only in aggregations of Shares known as “Creation Units” (each a “Creation Unit”);

WHEREAS, only those entities (“Authorized Participants”) that have entered into an Authorized Participant Agreement with the Trust and WisdomTree Digital Commodity Services, LLC, the Trust’s sponsor (the “Sponsor”), are eligible to place orders for Creation Units;

WHEREAS, The Depository Trust Company, a limited purpose trust company organized under the laws of the State of New York (“DTC”), or its nominee (Cede & Co.), will be the record or registered owner (the “Shareholder”) of all outstanding Shares; and

WHEREAS, the Trust desires to appoint the Bank as its transfer agent, dividend disbursing agent, and agent in connection with certain other activities, and the Bank desires to accept such appointment;

NOW, THEREFORE, in consideration of the mutual covenants herein contained, the parties hereto agree as follows:

1.       Terms of Appointment; Duties of the Bank

1.1       Subject to the terms and conditions set forth in this Agreement, the Trust hereby employs and appoints the Bank to act as, and the Bank agrees to act as, its transfer agent for the authorized and issued Shares, and as the Trust’s dividend disbursing agent.

1.2       Pursuant to such appointment, the Bank agrees that it will perform the following services:

(a)       In accordance with the terms and conditions of this Agreement and Participant Agreements prepared by the Sponsor, a form of which is attached hereto as Exhibit A, and any other procedures established from time to time by agreement between the Trust and the Bank, the Bank shall:

(i)       Perform and facilitate the performance of purchases and redemptions of Creation Units;

(ii)       Prepare and transmit by means of DTC’s book-entry system payments for dividends and distributions on or with respect to the Shares declared by the Trust;

(iii)       Maintain the record of the name and address of the Shareholder and the number of Shares issued by the Trust and held by the Shareholder;

1

(iv)       Record the issuance of Shares of the Trust and maintain a record of the total number of Shares of the Trust which are outstanding, and authorized, based upon data provided to it by the Trust, the total number of authorized Shares, and provide the Trust on a regular basis with such information. The Bank shall have no obligation, when recording the issuance of Shares, to monitor the issuance of such Shares or to take cognizance of any laws relating to the issue or sale of such Shares, which functions shall be the sole responsibility of the Trust;

(v)       Prepare and transmit to the Trust and the Trust’s administrator and to any applicable securities exchange (as specified to the Bank by the Trust or its administrator) information with respect to purchases and redemptions of Shares;

(vi)       On days that the Trust may accept orders for purchases or redemptions, calculate and transmit to the Sponsor and the Trust’s administrator the number of outstanding Shares;

(vii)       On days that the Trust may accept orders for purchases or redemptions (pursuant to the Participant Agreement), transmit to the Bank, the Trust and DTC the amount of Shares purchased on such day;

(viii)       Confirm to DTC the number of Shares issued to the Shareholder, as DTC may reasonably request;

(ix)       Prepare and deliver other reports, information and documents to DTC as DTC may reasonably request;

(x)       Extend the voting rights to the Shareholder for extension by DTC to DTC participants and the beneficial owners of Shares in accordance with policies and procedures of DTC for book-entry only securities;

(xi)       Distribute or maintain, as directed by the Trust, amounts related to purchases and redemptions of Creation Units, dividends and distributions, variation margin on derivative securities and collateral;

(xii)       Maintain those books and records of the Trust specified by the Trust in Schedule A attached hereto and as required by paragraph (f) below;

(xiii)       Prepare a monthly report of all purchases and redemptions of Shares during such month on a gross transaction basis, and identify on a daily basis the net number of Shares either redeemed or purchased on such Business Day and with respect to each Authorized Participant purchasing or redeeming Shares, the amount of Shares purchased or redeemed;

(xiv)       Receive from the Sponsor (as defined in the Participant Agreement) or from its agent purchase orders from Authorized Participants (as defined in the Participant Agreement) for Creation Unit Aggregations of Shares received in good form and accepted by or on behalf of the Trust by the Sponsor, transmit appropriate trade instructions to the National Securities Clearance Corporation, if applicable, and pursuant to such orders issue the appropriate number of Shares of the Trust and hold such Shares in the account of the Shareholder of the Trust;

(xv)       Receive from the Authorized Participants redemption requests, deliver the appropriate documentation thereof to the Sponsor with respect to redemptions for cash and for any redemptions in-kind, generate and transmit or cause to be generated and transmitted confirmation of receipt of such redemption requests to the Authorized Participants submitting the same; transmit appropriate trade instructions to the National Securities Clearance Corporation, if applicable, and redeem the appropriate number of Creation Unit Aggregations of Shares held in the account of the Shareholder;

2

(xvi)       Confirm the name, U.S. taxpayer identification number and principal place of business of each Authorized Participant;

(xvii)       Provide information or reports to the Trust or the Trust’s Chief Compliance Officer as may be reasonably requested; and

(xviii)       Process any request from an Authorized Participant to change its profile and static data.

The Bank may execute transactions directly with Authorized Participants to the extent necessary or appropriate to enable the Bank to carry out any of the duties set forth in items (i) through (xviii) above. The Trust, which may be through the Sponsor, will be responsible for confirming the receipt of assets in connection with creation activity and the withdrawal of assets in connection with redemption activity prior to the creation or redemption of Creation Units by the Bank. The Bank has no responsibility to independently verify the accuracy of such information provided to it by the Trust. Except as otherwise instructed by the Trust, the Bank shall process all transactions for the Trust in accordance with the policies and procedures mutually agreed upon between the Trust and the Bank with respect to the proper net asset value to be applied to purchases received in good order by the Bank or from an Authorized Participant before any cut-offs established by the Trust, and such other matters set forth in items (i) through (xviii) above as these policies and procedures are intended to address. The Bank shall report to the Trust any known exceptions to the foregoing.

(b)       The Bank may maintain and manage, as agent of the Trust, such other accounts as the Bank shall deem necessary for the performance of its duties under this Agreement, including, but not limited to, the processing of Creation Unit purchases and redemptions; and the payment of dividends and distributions. The Bank may maintain such accounts at financial institutions deemed appropriate by the Bank in accordance with applicable law.

(c)       In addition to the services set forth in the above sub-sections 1.2(a) and 1.2(b), the Bank shall: perform the customary services of a transfer agent and dividend disbursing agent including, but not limited to, maintaining the account of the Shareholder, maintaining the items set forth on Schedule A attached hereto, and performing such services identified in each Participant Agreement.

(d)       The Bank shall deliver to DTC participants as identified by DTC as Shareholders for book-entry only securities:

(i)       Annual and semi-annual reports of the Trust;

(ii)       Trust proxies, proxy statements and other proxy soliciting materials;

(iii)       Trust prospectus and amendments and supplements thereto, including stickers; and

(iv)       Other communications as the Trust may from time to time identify as required by law or as the Trust may reasonably request.

(e)       The Bank shall provide additional services, if any, as may be mutually agreed upon, in writing, by the parties from time to time, for which the Trust will pay such fees as may be mutually agreed upon, including the Bank’s reasonable out-of-pocket expenses. The provision of such services shall be subject to the terms and conditions of this Agreement.

3

(f)       The Bank shall keep records relating to the services to be performed hereunder, in the form and manner required by applicable laws, rules, and regulations (the “Rules”), all such books and records shall be the property of the Trust, will be preserved, maintained and made available in accordance with such Section and Rules, and will be surrendered promptly to the Trust on and in accordance with its request. In addition, upon notification by the Trust that it is in receipt of or otherwise subject to a court order, regulatory request or order, subpoena, or other similar action or context necessitating the preservation of certain records maintained by the Bank for the Trust, The Bank shall promptly implement reasonable measures to preserve such records in accordance with the duration or other direction specified by the Trust in accordance with the Bank’s policies and procedures and cooperate in the provision to the Trust of such records; provided, however, that if the Bank is not able to accommodate any such request, it will reasonably assist the Trust in its efforts to preserve such records, including by transmitting such records to the Trust.

(g)       It is understood and agreed by the parties hereto that under no circumstances will the services performed by the Bank pursuant to this Agreement include any service, function or activity that would constitute a “virtual currency business activity” for purposes of the regulations issued by the Superintendent of the New York Department of Financial Services (23 N.Y.C.R.R. Part 200).

(h) All such books and records shall be maintained in a form reasonably acceptable to the Trust, and shall be reasonably arranged and indexed by the Bank in a manner that permits reasonably prompt location, access and retrieval of any particular record. The Bank shall not destroy any files, records or documents created or maintained by the Bank pursuant to this Agreement except in accordance with its record retention policy or if such destruction is authorized by the Trust by means of instructions.

(i)       In addition to the foregoing, during the term of the Agreement authorized representatives of the Trust may conduct periodic site visits of the Bank’s facilities and inspect the Bank’s records and procedures solely as they pertain to the Bank’s services for the Trust under or pursuant to the Agreement. Such inspections shall occur during the Bank’s regular business hours and shall be subject to availability of personnel to facilitate such site visits and to the Bank’s confidentiality and security requirements.

(j)       Certain service level agreements are set forth in the Service Level Agreement executed as of the Effective Date.

2.       Fees and Expenses

2.1       The Bank shall receive from the Trust such compensation for the Bank’s services provided pursuant to this Agreement as may be agreed to from time to time in a written fee schedule approved by the parties. Such fees and any out-of-pocket expenses and advances identified under Section 2.2 below may be changed from time to time, subject to mutual written agreement between the Trust and the Bank. The fees are accrued daily and billed monthly and shall be due and payable within thirty (30) calendar days of receipt of the invoice. Upon the termination of this Agreement before the end of any month, the fee for the part of the month before such termination shall be prorated according to the proportion which such part bears to the full monthly period and shall be payable upon the date of termination of this Agreement.

2.2       In addition to the fee paid under Section 2.1 above, the Trust agrees to reimburse the Bank for reasonable out-of-pocket expenses, including but not limited to confirmation production, postage, forms, telephone, microfilm, microfiche, tabulating proxies, records storage, or advances incurred by the Bank for the items set out in the fee schedule or relating to dividend distributions and reports (whereas all expenses related to creations and redemptions of Trust securities shall be borne by the relevant Authorized Participant in such creations and redemptions). In addition, any other expenses incurred by the Bank at the request or with the consent of the Trust, will be reimbursed by the Trust.

4

2.3       The Trust agrees to pay all reasonable fees and reimbursable expenses within thirty (30) calendar days following the receipt of the respective billing notice accompanied by supporting documentation, as appropriate. Postage for mailing of dividends, proxies, Trust reports and other mailings to all shareholder accounts shall be advanced to the Bank by the Trust at least seven (7) days prior to the mailing date of such materials.

2.4       The Trust hereby represents and warrants to the Bank that (i) the terms of this Agreement, (ii) the fees and expenses associated with this Agreement, and (iii) any benefits accruing to the Bank or to the adviser to, or sponsor of, the Trust in connection with this Agreement, including, but not limited to, any fee waivers, reimbursements, or payments made, or to be made, by the Bank to such adviser or sponsor or to any affiliate of the Trust relating to this Agreement have been fully disclosed to the Trust or the Sponsor and that, if required by applicable law, the Trust or the Sponsor has approved or will approve the terms of this Agreement, and any such fees, expenses, and benefits.

3.       Representations and Warranties of the Bank

The Bank represents and warrants to the Trust that:

(a) It is a banking company duly organized and existing and in good standing under the laws of the State of New York.

(b) It is duly registered as a transfer agent under Section 17A(c)(2) of the Securities Exchange Act of 1934, as amended (the “1934 Act”), it will remain so registered for the duration of this Agreement, and it will promptly notify the Trust in the event of any material change in its status as a registered transfer agent.

(c) It is duly qualified to carry on its business in the State of New York.

(d) It is empowered under applicable laws and by its Charter and By-Laws to act as transfer agent and dividend disbursing agent and to enter into, and perform its obligations under, this Agreement.

(e) All requisite corporate proceedings have been taken to authorize it to enter into and perform this Agreement.

(f) It has and will continue to have access to the necessary facilities, equipment and personnel with suitable training, education, experience, and skill to perform its duties and obligations under this Agreement.

(g) It is in compliance, in all material respects, with laws and regulations applicable to the Bank in its capacity as a service provider hereunder.

(h) No legal or administrative proceedings have been instituted or threatened which would materially impair the Bank’s ability to perform its duties and obligations under this Agreement and the Bank will notify the Trust, except as may be prohibited by applicable law, rule or agreements between the Bank and any governmental authority, of any publicly filed legal, regulatory or administrative proceedings that have been instituted, which would materially impair the Bank’s ability to perform its duties and obligations under this Agreement; and

5

(i) Its entrance into this Agreement shall not cause a material breach or be in material conflict with any other agreement or obligation of the Bank or any law or regulation applicable to it.

4.       Representations and Warranties of the Trust

The Trust represents and warrants to the Bank that:

(a) It is duly organized and existing and in good standing under the laws of the State of Delaware.

(b) It is empowered under applicable laws and by the Second Amended and Restated Trust Agreement of the Trust (the “Trust Agreement”) to enter into and perform this Agreement.

(c) A registration statement under the Securities Act of 1933 (the “1933 Act”), as amended, on behalf of the Trust has become effective, will remain effective, and appropriate state securities law filings have been made and will continue to be made, with respect to all Shares of the Trust being offered for sale.

5.       Indemnification and Insurance

5.1       The Bank shall not be responsible for, and the Trust shall indemnify and hold the Bank and its directors, officers, employees and agents harmless from and against, any and all losses, damages, costs, charges, reasonable counsel fees, including those incurred by the Bank in a successful defense of any claims by the Trust, payments, expenses and liability (“Losses”) which may be sustained or incurred by or which may be asserted against the Bank in connection with or relating to this Agreement or the Bank’s actions or omissions with respect to this Agreement, or as a result of acting upon any instructions reasonably believed by the Bank to have been duly authorized by the Trust or upon reasonable reliance of information or records given or made by the Trust; except for any Losses for which the Bank has accepted liability pursuant to Article 6 of this Agreement.

5.2       Subject to the limitations on liability set forth in Section 6, the Bank shall indemnify and hold the Trust harmless from and against direct Losses incurred by the Trust as the direct result of the Bank’s failure to meet the Standard of Care.

5.3       The indemnification provisions under this Section 5 shall apply to the Bank’s actions or omissions with respect to this Agreement or the Bank’s actions or omissions in its capacity as transfer agent under a Participant Agreement.

5.4       In order that the indemnification provisions contained in this Article 5 shall apply, upon the assertion of a claim for which either party may be required to indemnify the other, the party seeking indemnification shall promptly notify the other party of such assertion, and shall keep the other party advised with respect to all material developments concerning such claim. The party who may be required to indemnify shall have the right to control the defense of the claim, and the party seeking indemnification shall have the option to participate in the defense of such claim, at its own cost and expense. The party seeking indemnification will cooperate reasonably, at the indemnifying party’s expense, with the indemnifying party in the defense of such claim; provided, however, that the party seeking indemnification shall not be required to take any action that would impair any claim it may have against the indemnifying party. The party seeking indemnification shall in no case confess any claim or make any compromise in any case in which the other party may be required to indemnify it except with the other party’s prior written consent. The indemnifying party shall not settle or compromise any claim or consent to the entry of any judgment with respect to which indemnification is being sought hereunder without the prior written consent of the party seeking indemnification, which consent shall not be unreasonably withheld, delayed or conditioned.

6

5.5       The Bank will maintain, at its own cost, at all times during the term of this Agreement, errors and omissions insurance, fidelity bonds and such other insurance as the Bank may deem appropriate, in each case in a commercially reasonable amount deemed by the Bank to be sufficient to cover its potential liabilities under this Agreement, including without limitation cyber-liability insurance coverage deemed by the Bank to be appropriate. Upon request, the Bank agrees to provide the Trust with certificates of insurance or similar documentation regarding insurance coverage.

6.       Standard of Care and Limitation of Liability

In performing its duties under this Agreement, the Bank will exercise the standard of care and diligence that a leading professional transfer agent responsible for providing transfer agency services to registered 1933 Act Bitcoin Exchange Traded Products would observe in these affairs and shall act without bad faith, negligence, willful misconduct, willful misfeasance, fraud, or reckless disregard of its duties and obligations under this Agreement (“Standard of Care”).

The Bank shall have no responsibility and shall not be liable for any Losses, except that the Bank shall be liable to the Trust for direct money damages caused by the Bank’s failure to meet the Standard of Care. The parties agree that any encoding or payment processing errors shall be governed by the Standard of Care, and not Section 4-209 of the Uniform Commercial Code, which is superseded by this Article. In no event shall the Bank be liable for special, indirect or consequential damages, regardless of the form of action and even if the same were foreseeable. Except as may otherwise be provided in an agreement between the parties, the Bank’s cumulative maximum liability to the Trust and all persons claiming through the Trust for any losses whatsoever (including but not limited to those arising out of or related to this Agreement in any respect) and regardless of the form of action or legal theory shall not exceed the cumulative fees received by the Bank for services provided by the Bank hereunder during the twelve (12) months immediately prior to the date of the first reported loss. For purposes of this Agreement, none of the following shall be deemed a breach of the Bank’s Standard of Care:

(a)       The conclusive reliance on or use by the Bank or its agents or subcontractors of information, records, documents or services which (i) are received by the Bank or its agents or subcontractors, and (ii) have been prepared, maintained or performed by the Trust or any other person or firm on behalf of the Trust, including but not limited to any previous transfer agent or registrar.

(b)        The conclusive reliance on, or the carrying out by the Bank or its agents or subcontractors of, any instructions or requests of the Trust or instructions or requests on behalf of the Trust.

(c)       The offer or sale of Shares by or for the Trust in violation of any requirement under the federal securities laws or regulations, or the securities laws or regulations of any state that such Shares be registered in such state, or any violation of any stop order or other determination or ruling by any federal agency, or by any state with respect to the offer or sale of Shares in such state.

7

7.        Concerning the Bank

7.1       Use of Agents; Key Provider Personnel

(a)       Subject to any agreement between the parties, the Bank may employ agents or attorneys-in-fact which are not affiliates of the Bank without the prior written consent of the Trust in its sole discretion, provided that the Bank acts in good faith and with reasonable care in the selection and retention of such agents or attorneys-in-fact, and provided that the appointment of any such agent or attorneys-in-fact shall not relieve the Bank of any of its liabilities hereunder.

(b)       Subject to any agreement between the parties, the Bank may enter into subcontracts, agreements and understandings, whenever and on such terms and conditions as it deems necessary or appropriate to perform its services hereunder. No such subcontract, agreement or understanding shall discharge the Bank from its obligations hereunder.

(c)       The Bank will make commercially reasonable efforts to not remove or replace with any other person the designated primary relationship individual and service individual assigned to the Trust as of the Effective Date, the Bank personnel identified by the Bank as the primary points of contact for each Bank function, and such other personnel as assigned from time to time in accordance with this Agreement (“Key Personnel”) without providing notice to the Trust unless such Key Personnel is being terminated or suspended or notification is not practicable under the circumstances.

(d)       The Trust may reasonably request the replacement of Key Personnel during the term of this Agreement, and the Bank shall comply with such requests except as prohibited by applicable law and on a commercially reasonable basis within a reasonable amount of time. The Parties may agree upon other conditions relating to Key Personnel from time to time.

(e)       The Bank will establish a governance structure for the provision of services to the Trust and will consult with the Trust with respect to the appointment of persons to the positions for internal face-off on day-to-day matters.

7.2       The Bank shall be entitled to conclusively rely upon any written or oral instruction actually received by the Bank and reasonably believed by the Bank to be duly authorized and delivered by the Trust. The Trust agrees to forward to the Bank written instructions confirming oral instructions by the close of business of the same day that such oral instructions are given to the Bank. The Trust agrees that the fact that such confirming written instructions are not received or that contrary written instructions are received by the Bank shall in no way affect the validity or enforceability of transactions authorized by such oral instructions and effected by the Bank.

8

7.3        The Bank shall establish and maintain a disaster recovery plan and back-up system satisfying the requirements of its regulators (the “Disaster Recovery Plan and Back-Up System”). The Bank shall not be responsible or liable for any failure or delay in the performance of its obligations under this Agreement arising out of or caused, directly or indirectly, by circumstances beyond its control which are not a result of its negligence, including without limitation, acts of God; earthquakes; fires; floods; wars; civil or military disturbances; sabotage; epidemics; riots; interruption, loss or malfunctions of transportation, computer (hardware or software) or communication services; labor disputes; acts of civil or military authority; governmental actions; or inability to obtain labor, material, equipment or transportation,, provided that the Bank has established and is maintaining the Disaster Recovery Plan and Back-Up System, or if not, that such delay or failure would have occurred even if the Bank had established and was maintaining the Disaster Recovery Plan and Back-Up System. Upon the occurrence of any such delay or failure the Bank shall promptly notify the Trust and use commercially reasonable best efforts to resume performance as soon as practicable under the circumstances. In the event that the Trust reasonably believes that the occurrence of any such event will substantially prevent, hinder or delay performance of the services contemplated by this Agreement for more than three (3) consecutive business days, the Trust may take commercially reasonable actions to mitigate the impact of such services not being provided, including, but not limited to, at the Trust’s expense, contracting with another service provider to provide such services during such period; provided, that the Trust shall consult with the Bank in good faith in connection with any such mitigation and the Bank shall provide the Trust reasonable assistance in good faith in connection therewith; provided, further, that the Bank shall resume providing, and the Trust shall pay for, such services when the Bank resumes providing them, unless the Trust has terminated this Agreement pursuant to the terms of Article 9.1. Notwithstanding anything set forth in this Article 7.3, (a) in no event shall the Trust be obligated to pay any fees under this Agreement to the Bank with respect to any services not actually provided during any event described in this Article 7.3, and (b) the Trust shall have no responsibility to pay the Bank for services temporarily performed by a third party service provider.

7.4       The Bank shall have no duties or responsibilities whatsoever except such duties and responsibilities as are specifically set forth in this Agreement and the Participation Agreement, and no covenant or obligation shall be implied against the Bank in connection with this Agreement, except as set forth in this Agreement and the Participation Agreement.

7.5       At any time the Bank may apply to an officer of the Trust, but is not obligated to do so, for written instructions with respect to any matter arising in connection with the Bank’s duties and obligations under this Agreement, and the Bank, its agents, and subcontractors shall not be liable for any action taken or omitted to be taken in good faith in accordance with such instructions. Such application by the Bank for instructions from an officer of the Trust may, at the option of the Bank, set forth in writing any action proposed to be taken or omitted to be taken by the Bank with respect to its duties or obligations under the Agreement and the date on and/or after which such action shall be taken, and the Bank shall not be liable for any action taken or omitted to be taken in accordance with a proposal included in any such application on or after the date specified therein unless, prior to taking or omitting to take any such action, the Bank has received written or oral instructions in response to such application specifying the action to be taken or omitted. In connection with the foregoing, the Bank may consult with legal counsel of its own choosing, but is not obligated to do so, and advise the Trust if any instructions provided by the Trust at the request of the Bank pursuant to this Article or otherwise would, to the Bank’s knowledge, cause the Bank to take any action or omit to take any action contrary to any law, rule, regulation or commercially reasonable practice for similarly situated service providers. The Bank may consult with counsel to the Trust or its own counsel. To the extent the Bank notifies the Trust of such advice, and the Trust, acting reasonably and in good faith, concur that reliance on such advice is reasonable as it relates to the Trust, the Bank shall be fully protected with respect to anything done or omitted by it in in good faith in accordance with the advice or opinion of such counsel.

7.6       The Bank, its agents and subcontractors may act upon any paper or document, reasonably believed to be genuine and to have been signed by the proper person or persons, or upon any instruction, information, data, records or documents provided to the Bank or its agents or subcontractors by or on behalf of the Trust by machine readable input, telex, CRT data entry or other similar means authorized by the Trust, and shall not be held to have notice of any change of authority of any person, until receipt of written notice thereof from the Trust.

7.7       The Bank shall retain title to and ownership of any and all data bases, computer programs, screen formats, report formats, interactive design techniques, derivative works, inventions, discoveries, patentable or copyrightable matters, concepts, expertise, patents, copyrights, trade secrets, and other related legal rights utilized by the Bank in connection with the services provided by the Bank hereunder. Notwithstanding the foregoing, the parties hereto acknowledge that the Trust shall retain all ownership rights in Trust data residing on the Bank’s electronic system.

9

7.8       Notwithstanding any provisions of this Agreement to the contrary, the Bank shall be under no duty or obligation to inquire into, and shall not be liable for:

(a)       The legality of the issue, sale or transfer of any Shares, the sufficiency of the amount to be received in connection therewith, or the authority of the Trust to request such issuance, sale or transfer;

(b)       The legality of the purchase of any Shares, the sufficiency of the amount to be paid in connection therewith, or the authority of the Trust to request such purchase;

(c)       The legality of the declaration of any dividend by the Trust, or the legality of the issue of any Shares in payment of any stock dividend; or

(d)       The legality of any recapitalization or readjustment of the Shares.

7.9       The Bank shall provide the Trust, as it may reasonably request, with a SOC 1 report (or any comparable successor report thereto) by independent public accountants on the Bank’s system, relating to the services provided by the Bank under this Agreement.

8.       Providing of Documents by the Trust; Confidentiality and Data Security

8.1       The Trust shall promptly furnish to the Bank with a copy of its Trust Agreement and all amendments thereto.

8.2       In the event that DTC ceases to be the Shareholder, the Bank shall re-register the Shares in the name of the successor to DTC as Shareholder upon receipt by the Bank of such documentation and assurances as it may reasonably require.

8.3       The Bank shall have no responsibility whatsoever with respect to of any beneficial interest in any of the Shares owned by the Shareholder.

8.4       Prior to the issuance of any additional Shares pursuant to stock dividends, stock splits or otherwise, and prior to any reduction in the number of Shares outstanding pursuant to a reverse stock split, the Trust shall deliver to the Bank:

(a)       A certified copy of any required order or consent of each governmental or regulatory authority required by law as a prerequisite to the issuance or reduction of such Shares, as the case may be, and an opinion of counsel for the Trust that no other order or consent is required; and

(b)       With respect to any such issuance of Shares, an opinion of counsel for the Trust, in a form satisfactory to the Bank, with respect to (i) the validity of the Shares, the obtaining of all necessary governmental consents, whether such Shares are fully paid and non-assessable and the status of such Shares under the 1933 Act, as amended, and any other applicable federal law or regulations (i.e., if subject to registration, that they have been registered and that the Registration Statement has become effective or, if exempt, the specific grounds therefore), and (ii) the due and proper listing of the Shares on all applicable securities exchanges.

10

8.5       The Bank and the Trust agree that all books, records, confidential, non-public, or proprietary information and data pertaining to the business of the other party which are exchanged or received pursuant to the negotiation or the carrying out of this Agreement shall remain confidential, and shall not be voluntarily disclosed to any person other than its auditors, accountants, regulators, employees, agents, attorneys-in-fact or counsel, except as may be, or may become required by law, by administrative or judicial order or by rule. The foregoing confidentiality obligation shall not apply to any information to the extent: (i) it is already known to the receiving party at the time it is obtained; (ii) it is or becomes publicly known or available through no wrongful act of the receiving party: (iii) it is rightfully received from a third party who, to the receiving party’s knowledge, is not under a duty of confidentiality; (iv) it is released by the protected party to a third party without restriction; or (v) it has been or is independently developed or obtained by the receiving party without reference to the information provided by the protected party.

8.6       The Bank will employ reasonable safeguards designed to protect the Trust’s confidential information, which may include but are not limited to the use of encryption technologies, passwords and any other safeguards the Bank may choose to employ. To the extent that the Bank’s affiliates or other permitted agents or subcontractors have access to confidential information, the Bank shall remain responsible for such entities’ compliance with the terms of this Article 8.7. The Bank agrees to notify promptly the Trust of any breach of this Article 8.7 by the Bank or a party to which it has provided the Trust’s confidential information, and to provide the Trust with details as to the nature and extent of the breach, including, but not limited to, the type of confidential or personal information disclosed and the identity of the recipients of such information.

8.7       The Bank has implemented and shall maintain in effect at all times during the terms of this Agreement, business continuity and disaster recovery plans designed to minimize interruptions of service and ensure recovery of systems and applications used to provide the services under this Agreement. Such plans will cover the facilities, systems, applications and employees that are critical to the provision of services hereunder, and will be tested at least annually to validate whether the recovery strategies, requirements, and protocols are viable and sustainable. Such plans will, at a minimum, make reasonable provision for (i) periodic back-up of the computer files and data with respect to the Trust, and (ii) emergency use of electronic data processing equipment to provide service under this Agreement. Upon reasonable request, the Bank shall provide a high-level presentation summarizing such plan.

8.8       The Bank will establish, implement, maintain and periodically test systems, plans and procedures relating to data and cyber security, data privacy, disaster recovery and business continuity with respect to the services provided pursuant to this Agreement. The Bank will implement an information security program consistent with the Information Security Program set forth in Exhibit B for the protection of information received from the Trust in connection with this Agreement.

8.9        In case of any requests or demands for the inspection of the Shareholder records of the Trust, the Bank will promptly employ reasonable commercial efforts to notify the Trust and secure instructions from an authorized officer of the Trust as to such inspection. The Bank reserves the right, however, to exhibit the Shareholder records to any person whenever it is advised by its counsel that it may be held liable for the failure to exhibit the Shareholder records to such person.

9.       Termination of Agreement

9.1       The term of this Agreement shall be three years commencing upon the date hereof (the “Initial Term”) and shall automatically renew for additional one-year terms (each a “Renewal Term”) unless either party provides written notice of termination at least ninety (90) days prior to the end of the Initial Term or the then-current Renewal Term (a “Non-Renewal Notice”). In the event a Party provides a Non-Renewal Notice, this Agreement shall terminate with respect to the Trust at 11:59 PM (Eastern time) on the last day of the Initial Term or Renewal Term, as applicable. In addition, this Agreement may be terminated end of the Initial Term or Renewal Term as provided below:

11

(a)       Notwithstanding any other provision of this Agreement, if either party materially breaches this Agreement (a “Defaulting Party”) the other party (the “Non-Defaulting Party”) may give written notice thereof to the Defaulting Party (“Breach Notice”), and if such material breach shall not have been remedied within thirty (30) days after the Breach Notice is given, then the Non-Defaulting Party may terminate this Agreement by giving at least thirty (30) days’ written notice of termination to Defaulting Party (a “Breach Termination Notice”), in which case this Agreement shall terminate as of 11:59 PM (Eastern time) on the last day of the applicable notice period following the date the Breach Termination Notice is given by the Non-Defaulting Party, or such later date as may be specified in the Breach Termination Notice (but not later than the last day of the Initial Term or then-current Renewal Term, as appropriate). In all cases, termination by the Non-Defaulting Party shall not constitute a waiver by the Non-Defaulting Party of any other rights it might have under this Agreement or otherwise against the Defaulting Party.

(b)       To the extent BNYM receives a Red, Amber, Green (“RAG”) rating of “red” for a given Key Performance Indicator (“KPI”) as specified in the Service Level Agreement for two consecutive months (or other measurement period for such Service Level, if applicable), this shall constitute a “Service Level Deep Default.” BNYM shall have a period of two (2) months (or two (2) consecutive measurement periods, if applicable) in which to cure the Service Level Deep Default (the “Cure Period”). If, during the Cure Period, BNYM receives two or more red RAG ratings for the KPI that triggered a Service Level Deep Default, the Trust may terminate the Agreement upon thirty (30) days’ written notice to BNYM.

(c)       Notwithstanding any other provision of this Agreement, either party hereto may terminate this Agreement immediately by sending notice thereof to the other party upon the happening of any of the following: (i) the other party commences as debtor any case or proceeding under any bankruptcy, insolvency or similar law, or there is commenced against such other party any such case or proceeding; (ii) the other party commences as debtor any case or proceeding seeking the appointment of a receiver, conservator, trustee, custodian or similar official for such party or any substantial part of its property or there is commenced against such other party any such case or proceeding; (iii) the other party makes a general assignment for the benefit of creditors; or (iv) the other party admits in any medium, written, electronic or otherwise, any public communication or in any other public manner, its inability to pay debts as they come due. Either party hereto may exercise its termination right under this Article 9.1(b) at any time after the occurrence of any of the foregoing events notwithstanding that such event may cease to be continuing prior to such exercise, and any delay in exercising this right shall not be construed as a waiver or other extinguishment of that right. Any exercise by either party of its termination right under this Article 9.1(b) shall be without any prejudice to any other remedies or rights available to such party and shall not be subject to any fee or penalty, whether monetary or equitable. Notwithstanding the provisions of Article 16 below, notice of termination under this Article 9.1(b) shall be considered given and effective when given, not when received.

(d) The Trust may terminate this Agreement at any time upon ninety (90) days’ prior written notice in the event that the Trust’s sponsor determines to liquidate the Trust. The Bank may terminate this Agreement at any time upon ninety (90) days’ written notice for any reason. Should the Trust exercise its right to terminate, all out-of-pocket expenses associated with the movement of records and material will be borne by the Trust.

(e) Notwithstanding any provision of this Section 9 to the contrary, in the event that this Agreement is terminated in its entirety the Parties agree to continue operating under the terms of this Agreement as if this Agreement remained in full force and effect for up to one (1) year (up to 180 days in the event of termination under Sections 9.1(a)-(d)) or for such shorter period of time as the Parties mutually agree is necessary for BNY Mellon to transfer the books and records pertaining to the Fund or Funds which are in BNY Mellon’s possession or control to a successor service provider (the “Transition Period”); provided, that during any such Transition Period, BNY Mellon will be entitled to compensation for BNY Mellon’s Transition Period services pursuant to Section 8 and the provisions of this Agreement relating to the duties and obligations of BNY Mellon will remain in full force and effect.

12

9.2       The terms of Article 2 (with respect to fees and expenses incurred prior to termination), Articles 5.1, 5.2, 5.3 and 5.4 (Indemnification), Article 6 (Standard of Care and Limitation of Liability), Article 9 (Termination), and Article 14 (New York Law to Apply) shall survive any termination of this Agreement.

10.       Assignment

10.1       This Agreement shall extend to and shall be binding upon the parties hereto, and their respective successors and assigns; provided, however, that this Agreement shall not be assignable or delegable by the Trust without the written consent of the Bank, or by the Bank without the written consent of the Trust. For the avoidance of doubt, (i) this Article 11.1 shall not apply to the merger, reorganization or consolidation of the Trust with another entity to which the Bank provides administrative, compliance, valuation or computation services or similar services, the sale by the Trust of all, or substantially all of, its assets to another entity to which the Bank provides administrative, compliance, valuation or computation services or similar services, or the liquidation or dissolution of the Trust and the distribution of the Trust’s assets, and (ii) without limiting the provisions of the first sentence of this Article 11.1, the Bank shall have no right to prevent the merger, reorganization or consolidation of the Trust with another entity. The Bank shall notify the Trust promptly following the execution of any agreement that would result in, or would be expected to result in, a change of control of the Bank; provided that such information is publicly available information and that the Bank makes such information available to its clients generally.

10.2       Notwithstanding the foregoing: (i) the Bank may assign or transfer this Agreement to any affiliate of the Bank or transfer this Agreement in connection with a sale or transfer of a majority or more of its assets, equity interests or voting control, provided that (A) the Bank gives the Trust at least ninety (90) days' prior written notice (or such shorter notice as may be commercially practicable under the circumstances, as determined by the Bank in good faith) of such assignment or transfer, (B) such assignment or transfer, in any such case, does not impair the provision of services under this Agreement in any material respect, and (C) the assignee or transferee agrees to be bound by all terms of this Agreement in place of the Bank, provided further, that if the Bank assigns or transfers this Agreement pursuant to this Article 11.2 to a non-Bank affiliate without the written consent of the Trust, the Trust shall have the option, exercisable for ninety (90) days after receiving written notice of such assignment or transfer (or for such longer period as may be mutually agreed by the parties), to terminate this Agreement with respect to the Trust.

11.       Severability and Beneficiaries

11.1       In case any provision in or obligation under this Agreement shall be invalid, illegal or unenforceable in any jurisdiction, the validity, the legality and enforceability of the remaining provisions shall not in any way be affected thereby provided obligation of the Trust to pay is conditioned upon provision of services.

11.2       This Agreement is solely for the benefit of the Bank and the Trust, and none of any Participant (as defined in the Participation Agreement), any Shareholder or beneficial owner of any Shares shall be or be deemed a third party beneficiary of this Agreement.

13

12.       Amendment

This Agreement may not be amended, changed or modified in any manner except by a written agreement duly executed by the Bank and the Trust to be bound thereby.

13.       New York Law to Apply

This Agreement shall be construed in accordance with the substantive laws of the State of New York, without regard to conflicts of laws principles thereof. The Trust and the Bank hereby consent to the jurisdiction of a state or federal court situated in New York City, New York in connection with any dispute arising hereunder. The Trust hereby irrevocably waives, to the fullest extent permitted by applicable law, any objection which it may now or hereafter have to the laying of venue of any such proceeding brought in such a court and any claim that such proceeding brought in such a court has been brought in an inconvenient forum. The Trust and the Bank each hereby irrevocably waives any and all rights to trial by jury in any legal proceeding arising out of or relating to this Agreement.

14.       Merger of Agreement

This Agreement constitutes the entire agreement between the parties hereto and supersedes any prior agreement with respect to the subject matter hereof whether oral or written.

15.       Notices

All notices, requests, claims, demands, and other communications as required or permitted hereunder shall be in writing and shall be (a) addressed to the Bank or the Trust at the address or email address set forth below (or such other address as either party may designate in writing to the other party) and (b) delivered either (i) by hand delivery, by certified mail, or by overnight delivery service, in each case with receipt acknowledged and postage or charges prepaid or (ii) by email (as a signed attachment) with confirmation of email receipt.

If to the Bank:

The Bank of New York Mellon

000 Xxxxxxxxx Xxxxxx

New York, New York 10286

Attention: ETF Operations

with a copy to:

The Bank of New York Mellon

000 Xxxxxxxxx Xxxxxx

New York, New York 10286

Attention: Legal Dept. – Asset Servicing

14

If to the Trust:

WisdomTree Digital Commodity Services, LLC

000 Xxxx 00^xx Xxxxxx, 0^xx Xxxxx

New York, New York 10119

Email: xxxxxxxxxxx@xxxxxxxxxx.xxx

16.       Information Sharing

The Bank of New York Mellon Corporation is a global financial organization that provides services to clients through its affiliates and subsidiaries in multiple jurisdictions (the “BNY Mellon Group”). The BNY Mellon Group may centralize functions including audit, accounting, risk, legal, compliance, sales, administration, product communication, relationship management, storage, compilation and analysis of customer-related data, and other functions (the “Centralized Functions”) in one or more affiliates, subsidiaries and third-party service providers. Solely in connection with the Centralized Functions, (i) the Trust consents to the disclosure of and authorizes the Bank to disclose information regarding the Trust (“Customer-Related Data”) to the BNY Mellon Group and to its third-party service providers who are subject to confidentiality obligations with respect to such information and (ii) the Bank may store the names and business contact information of the Trust’s employees and representatives on the systems or in the records of the BNY Mellon Group or its service providers. The BNY Mellon Group may aggregate Customer-Related Data with other data collected and/or calculated by the BNY Mellon Group, and notwithstanding anything in this Agreement to the contrary the BNY Mellon Group will own all such aggregated data, provided that the BNY Mellon Group shall not distribute the aggregated data in a format that identifies Customer-Related Data with a particular customer. The Trust confirms that it is authorized to consent to the foregoing.

17.       Counterparts

This Agreement may be executed by the parties hereto in any number of counterparts, and all of said counterparts taken together shall be deemed to constitute one and the same instrument.

18.       Consent to Examination

18.1       The books and records pertaining to the Trust which are in the possession or under the control of the Bank shall be the property of the Trust. The Trust, and Authorized Persons shall have access to such books and records at all times during the Bank’s normal business hours. Upon reasonable request of the Trust, copies of any such books and records shall be provided by the Bank to the Trust, or to an Authorized Person, including in connection with any regulatory request or examination, at the Trust’s expense.

18.2       The Bank shall provide to the Trust, upon request, a written summary of the Bank’s AML Program, which can be accessed online anytime via the Bank’s website.

15

19.       Limitation of Liability

This Agreement has been entered into by the Trust and was executed and delivered by an officer of its Sponsor, on behalf of the Trust, which officer was acting solely in his capacity as an officer of the Sponsor and not in his individual capacity and which Sponsor was acting solely in its capacity as sponsor of the Trust and not in its individual capacity. It is expressly acknowledged and agreed that the obligations of the Trust hereunder shall not be binding upon any of the shareholders, trustees, officers, employees or agents of the Trust or the Sponsor, personally, but shall bind only the property of the Trust, as provided in the Trust Agreement.

[Signature page follows.]

16

IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed in their names and on their behalf by and through their duly authorized officers, as of the latest date set forth below.

	WISDOMTREE BITCOIN FUND
	By: WisdomTree Digital Commodity Services, LLC, its Sponsor
	By:	/s/Xxxxxx Xxxxxxxx
		Name: Xxxxxx Xxxxxxxx
		Title: Chief Executive Officer
		Date: November 20, 2024

	THE BANK OF NEW YORK MELLON
	By:	/s/Xxxxxx X. Xxxxx Xx
		Name: Xxxxxx X. Xxxxx Xx
		Title: Vice President
		Date: November 20, 2024

17

SCHEDULE A

Books And Records To Be Maintained By The Bank

Source Documents requesting Creations and Redemptions

Correspondence/AP Inquiries

Reconciliations, bank statements, copies of canceled checks, cash proofs

Daily/Monthly reconciliation of outstanding Shares between the Trust and DTC

Dividend Records

Year-end Statements and Tax Forms

18

EXHIBIT A

Form of Authorized Participant Agreement

19

EXHIBIT B

Information Security Program

Capitalized terms not defined herein shall have the meaning set forth in the Agreement.

I.       Information Security Program Overview.

A.       “Services” means the services provided under the Agreement.

B.       During the term of the Agreement, BNY Mellon will implement and maintain an information security program ("ISP") with written policies and procedures reasonably designed to protect the confidentiality and integrity of Customer’s Confidential Information provided to BNY Mellon in accordance with the Agreement and when in BNY Mellon’s possession or under BNY Mellon’s control (“Customer Data”). The ISP will include administrative, technical and physical safeguards, appropriate to the type of Customer Data concerned, reasonably designed to: (i) maintain the integrity, confidentiality and availability of Customer Data; (ii) protect against anticipated threats or hazards to the security or integrity of Customer Data; (iii) protect against unauthorized access to or use of Customer Data that could result in substantial harm or inconvenience to Customer or its clients, and (iv) provide for secure disposal of Customer Data.

C.       BNY Mellon’s program is dynamic and may be modified to address technological changes or changes in the threat landscape, BNY Mellon’s business activities or other factors. BNY Mellon reserves the right to modify the ISP at any time, provided that BNY Mellon shall not diminish the overall level of protection this Exhibit is intended to provide.

II.       Security Incident Response and Notice.

A.       BNY Mellon will maintain a documented incident management process designed to ensure timely detection of security events and response thereto.

B.       In the event of a declared Security Incident, BNY Mellon will (i) promptly notify Customer, (ii) provide updates to Customer regarding BNY Mellon’s response and (iii) use reasonable efforts to implement measures designed to prevent a reoccurrence of Security Incidents of a similar nature.

C.       “Security Incident” means any known loss or unauthorized access, disclosure, use, alteration or destruction of Customer Data.

III.       Governance. BNY Mellon shall, upon request, (i) provide a copy of its most recent SSAE-18 or equivalent external audit report to Customer, which Customer may disclose solely to its internal or external auditors that are subject to written confidentiality obligations to use reasonable care to safeguard the report and not to disclose the report to any third party or use the report for any purpose other than evaluating BNY Mellon’s security controls; (ii) engage a third party provider to perform penetration testing of BNY Mellon systems used to provide the Services and, upon request, provide Customer confirmation of such testing, and (iii) participate in Customer’s reasonable information security due diligence questionnaire process.

A. BNY Mellon shall also, no more than once in any 12 month period and upon request, on a mutually agreed date during business hours and subject to BNY Mellon’s facility security policies and availability of personnel:

(i) meet with Customer subject matter experts in a BNY Mellon clean room to review information security policies, procedures and similar related information; provided that no documentation may be copied, disclosed to any third party, or transmitted or removed from BNY Mellon premises except as mutually agreed in writing; and

20

(ii) permit access to a BNY Mellon data center used to process Customer Data and provide the Services by no more than three Customer representatives, including employees of a regulatory or supervisory authority of Customer that is also a regulatory or supervisory authority of BNY Mellon, for a maximum of 3 hours in order to conduct a visual inspection of the environment and its controls.

Notwithstanding any provision in the Agreement to the contrary, Customer shall not disclose any verbal or written information obtained during the foregoing meetings described in above subsections (i)-(ii) to any third party or use it for any purpose other than evaluating BNY Mellon’s security controls, without BNY Mellon’s prior written consent. Customer shall reimburse BNY Mellon for any costs and expenses reasonably incurred in connection with Customer’s review (including that of the regulatory or supervisory authority personnel) of BNY Mellon’s security controls and data center.

IV.       Network and Communications Security.

A.       Asset Management. BNY Mellon will maintain an inventory of its system components, hardware and software used to provide the Services, and will review and update such inventory in accordance with the ISP.

B.       Change Management. BNY Mellon shall require that changes to its network or software used to provide the Services are tested and applied pursuant to a documented change management process.

C.       Security Monitoring. BNY Mellon will monitor cyber threat intelligence feeds daily. BNY Mellon will deploy Denial of Service (DoS) and Distributed DoS solutions.

D.       Network Segmentation. BNY Mellon’s infrastructure utilizes a multi-tier architecture, including a DMZ, to isolate the internal infrastructure from external networks. Traffic from external sources will traverse firewalls and pass through multiple layers of malware protection prior to processing. BNY Mellon’s production environment used to provide the Services will be segregated from pre-production regions and BNY Mellon’s internal segment.

E.       Vulnerability Management. BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the Services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.

F.       Malicious Code. BNY Mellon will deploy industry standard malicious code protection and identification tools across its systems and software used to provide the Services.

G.       Communications. BNY Mellon will protect electronic communications used in the provision of Services, including instant messaging and email services, using industry standard processes and technical controls and in accordance with the ISP.

V.       Application Security. The ISP will require that in-house application development be governed by a documented secure software development life cycle methodology, which will include deployment rules for new applications and changes to existing applications in live production environments.

VI.       Logging. The ISP will require the maintenance of network and application logs as part of BNY Mellon’s security information and event management processes. Logs are retained in accordance with law applicable to BNY Mellon’s provision of the Services as well as BNY Mellon’s applicable policies. BNY Mellon uses various tools in conjunction with such logs, which may include behavioral analytics, security monitoring case management, network traffic monitoring and analysis, IP address management and full packet capture.

21

VII.       Data Security.

A.       Identity & Access Management. BNY Mellon will implement reasonable and industry recognized user access rules for users accessing Customer Data based on the need to know and the principle of least privilege, and including user ID and password requirements, session timeout and re-authentication requirements, unsuccessful login attempt limits, privileged access limits and multifactor authentication or equivalent safeguard where risk factors indicate that single factor authentication is inadequate.

B.       Data Segregation. The ISP will require that (i) Customer Data is stored in either physically or logically segregated databases from other BNY Mellon data and (ii) different databases are maintained for development, testing, staging and production environments used in the provision of Services.

C.       Encryption. BNY Mellon will (i) encrypt Customer Data in transit to an external network using transport layer security or other encryption method and (ii) protect Customer Data at rest, in each case as BNY Mellon determines to be appropriate in accordance with the ISP and law applicable to BNY Mellon’s provision of the Services.

D.       Remote Access. The ISP will restrict remote access to BNY Mellon systems to authorized users using multifactor authentication or equivalent safeguard, and will require such access to be logged.

E.       Devices. BNY Mellon will restrict the transfer of Customer Data from its network to mass storage devices. BNY Mellon will use a mobile device management system or equivalent tool when mobile computing is used to provide the Services. Applications on such authenticated devices will be housed within an encrypted container and BNY Mellon will maintain the ability to remote wipe the contents of the container.

F.       Data Leakage Prevention (DLP). BNY Mellon will deploy DLP tools reasonably designed to help detect and prevent unauthorized transfers of Customer Data outside BNY Mellon’s network.

G.       Disposal. BNY Mellon will maintain chain of custody procedures and require that any Customer Data requiring disposal be rendered inaccessible, cleaned or scrubbed from such hardware and/or media using industry recognized methods.

VIII.       Personnel. BNY Mellon will undertake background checks during the recruitment process of personnel involved in the provision of the Services, subject to applicable laws, and require its personnel involved in the provision of Services to undertake annual training on the aspects of the ISP applicable to the personnel’s job function.

IX.       Physical Security. BNY Mellon will deploy perimeter security such as barrier access controls around its facilities processing or storing Customer Data. The ISP will include (i) procedures for validating visitor identity and authorization to enter the premises, which may include identification checks, issuance of identification badges and recording of entry purpose of visit and (ii) physical security policies for personnel, such as a “clean desk” policy. In accordance with its ISP and applicable law, BNY Mellon will install closed circuit television (“CCTV”) systems and CCTV recording systems to monitor and record access to controlled areas, such as data centers and server rooms.

X.       Subcontracting. BNY Mellon will implement a third party governance program designed to provide oversight over unaffiliated third parties used to provide the Services (“Subcontractors”).

22

XI.       BCP/DR. BNY Mellon will implement business continuity and disaster recovery plans designed to minimize interruptions of service and ensure recovery of systems and applications used to provide the Services. Such plans shall cover the facilities, systems, applications and employees that are critical to the provision of the Services, and will be tested at least annually to validate that the recovery strategies, requirements and protocols are viable and sustainable.

23