Bakkt, Inc. (BKKT) Business

Item 1. Business

Overview

Unless otherwise noted, in this section or elsewhere in this Form 10-K, (1) the term “Bakkt" refers to Bakkt, Inc., a Delaware corporation and its subsidiaries, and (2) the terms     Company,” “we,” “us,” and “our,” refer to the ongoing business operations of Bakkt, Inc. and its subsidiaries, whether conducted through Bakkt or a subsidiary of Bakkt.

In this section and elsewhere in this Form 10-K, we use the following terms, which are defined as follows:

•“Client” means businesses with whom we contract to provide services to customers on our platform, and includes financial institutions, hedge funds, merchants, retailers, third party partners, and other businesses (except in the accompanying notes to the consolidated financial statements, where we refer to revenue earned from customers, instead of clients). The term customers is in accordance with the Financial Accounting Standards Board (“FASB”) Accounting Standards Codification (“ASC”) 606, Revenue from Contracts with Customers.

•“Digital asset” means an asset that is built using blockchain technology, including virtual currencies (as used in the State of New York), coins, cryptocurrencies, stablecoins, and other tokens. Our platform enables transactions in certain supported digital assets. For purposes of this Form 10-K, we use digital assets, virtual currency, coins, and tokens interchangeably.

•“Customer” means an individual user of our platform. Customers include as customers of our clients who transact in digital assets through, and have accounts on, our platform (except as defined for ASC 606 purposes above).

Founded in 2018, Bakkt, Inc. (the “Company”) builds digital financial infrastructure designed to support institutional participation in the digital asset economy. During fiscal year 2025, the Company undertook a strategic transformation, focusing on divesting non-core assets, simplifying our corporate and capital structure, and investing in infrastructure to support our core platform. These initiatives are intended to improve our operating efficiency, align our business with our long-term strategy, and position us to scale our technology and services.

Our long-term strategy is to build and scale an integrated financial infrastructure platform through our three solutions: Bakkt Markets, Bakkt Agent, and Bakkt Global. We intend to expand our trading and payment infrastructure, develop software that enables institutions and customers to integrate and operate artificial intelligence-driven financial services through our platform, and invest in regulated entities in key jurisdictions. This strategy is designed to support institutional adoption of digital asset trading, stablecoin payments, and related financial services.

Our platform is built to accommodate various digital assets and offers our clients the flexibility to build a product that aligns with their vision and customers’ needs. Our institutional-grade platform, born out of our former parent company, Intercontinental Exchange, Inc. (“ICE”), supports various execution capabilities for simple and advanced trading, secure custody, payments, and a number of different tools that allow our customers to maximize their offerings. Our markets capabilities are built upon a foundation of strong regulatory and compliance governance, enabling clients to adhere to financial regulations by providing “know your customer” (“KYC”) and anti-money laundering (“AML”) processes and other anti-fraud solutions.

-6-

Bakkt Solutions

Bakkt Markets

Bakkt Markets enables institutions to launch secure, compliant, and advanced digital asset brokerage, trading and payment capabilities through a plug-and-play platform. It provides access to digital asset trading, stablecoin on- and off- ramps, custody integration, liquidity, and payment infrastructure through a unified technology stack designed to reduce the time, cost, and complexity of building these capabilities internally.

BFS operates in the United States as a licensed money transmitter and maintains 46 active state Money Transmitter Licenses. BFS also holds a virtual currency business license issued by the New York State Department of Financial Services (the “NYDFS”) under 23 NYCRR Part 200 (commonly referred to as a “BitLicense”) and a Virtual Currency Business License issued by the Louisiana Office of Financial Institutions. Based on current regulatory frameworks and interpretations, BFS is able to conduct its digital asset business activities across all 50 states in the United States (“U.S.”), as well as the District of Columbia and Puerto Rico.

State money transmission and virtual currency laws require licensed entities to comply with, among other things, bonding and minimum net worth requirements, restrictions on the permissible investment and safeguarding of customer funds and virtual currency, reporting and recordkeeping obligations, cybersecurity and compliance program requirements, examination and inspection by applicable regulatory authorities, and regulatory approval of certain changes in control, directors, and senior management. BFS is subject to these requirements in each jurisdiction in which it is licensed, including supervision and examination by the NYDFS with respect to its virtual currency activities conducted under its BitLicense.

In certain jurisdictions, licensure is not presently required for the digital asset activities conducted by BFS. Montana does not have a money transmitter statute. As of July 1, 2024, Hawaii no longer requires a state money transmitter license for purely digital asset activities following the conclusion of its Digital Currency Innovation Lab. California and Massachusetts have historically permitted cryptocurrency businesses to operate without a state-specific digital asset license; however, both states have adopted or are expected to implement licensing regimes applicable to digital asset activities. Upon the effectiveness of such regimes, BFS intends to apply for and obtain the required licenses, as applicable.

Accordingly, BFS maintains nationwide regulatory coverage either through active licensure or operation under applicable statutory frameworks in jurisdictions where licensure is not currently mandated. There can be no assurance that existing regulatory interpretations will not change, that additional licensure or approvals will not be required in one or more jurisdictions, or that BFS will be able to obtain, maintain, or renew required licenses on commercially reasonable terms or at all. The loss, suspension, or failure to obtain required licenses, or the imposition of additional regulatory conditions, could result in administrative enforcement actions, civil or criminal penalties, limitations on existing or planned activities, increased compliance costs, or the inability to operate in one or more jurisdictions.

Bakkt Agent

Bakkt Agent provides institutions, with plans to provide direct to consumer, with programmable access to Bakkt’s financial infrastructure through an intelligent software layer that coordinates onboarding, account creation, funding, and global money movement. Bakkt Agent utilizes automation and software-based agents to facilitate functions such as customer onboarding and identity verification, virtual account issuance, stablecoin and fiat payment rails, and domestic and cross-border payouts through application programming interfaces (“APIs”) and configurable workflows.

Bakkt Agent is designed to simplify the integration and operation of financial services by abstracting operational and technical complexity and enabling customers to programmatically initiate, manage, and monitor financial transactions, settlement, account activity, and compliance processes. Bakkt Agent’s modular architecture allows institutions to embed financial capabilities into their own applications and systems, supporting faster product deployment, operational efficiency, and the ability to scale financial services across multiple jurisdictions and payment networks.

-7-

Bakkt Global

Bakkt Global enables Bakkt to expand its technology and infrastructure into international markets through strategic investments in jurisdiction-specific entities operating in regulated financial markets. These investments are intended to establish a local presence in jurisdictions with established regulatory frameworks, providing Bakkt with access to licenses, regulatory permissions, and operating capabilities required to offer digital asset trading, payment, and settlement services.

Through Bakkt Global, Bakkt seeks to extend its trading infrastructure, stablecoin and fiat payment rails, and settlement services into new geographic markets through strategic investments in locally regulated entities. This approach enables Bakkt to access additional liquidity, customers, and financial networks while operating within local regulatory frameworks and supporting geographic diversification.

Our Corporate Structure

We operate primarily through Bakkt Financial Solutions I, LLC (formally Bakkt Crypto Solutions, LLC) (“BFS”). BFS, through business partnerships with clients, offers customers of those clients the ability to purchase, sell, store and, in approved jurisdictions, deposit and withdraw approved digital assets, all from within the applications of our clients with whom customers already have a relationship. Using BFS’s platform, customers can purchase approved digital assets, store digital assets in custodial wallets, liquidate their holdings, and transfer supported digital assets between a custodial wallet maintained by BFS and external wallets in certain jurisdictions, if enabled by the client. BFS’s proprietary trading platform and relationships with liquidity providers provide access to a wide range of digital assets and competitive pricing for our customers.

Our agreements with clients provide for licensing of their front-end trading platforms by BFS and cooperation between the parties in facilitating customers’ transactions in digital assets. The agreements are generally for a term of either one or two years and can be terminated by either party for breach or in case of a change of control. Generally, the agreements also contain provisions giving BFS discretion in the choice of digital assets offered to each client through its platform and, in some cases, exclusivity covenants pursuant to which clients have agreed not to refer their customers to other digital asset trading platforms.

BFS regularly explores additional ways to innovate and provide additional products and services to its clients. For example, subject to applicable regulatory approvals, BFS intends to expand the to enable staking, lending, and advanced trading services for institutional clients

BFS holds a New York State virtual currency license (commonly referred to as a “BitLicense”) and money transmitter licenses from all states throughout the U.S. where such licenses are required for the operation of its business, and is registered as a money services business with the Financial Crimes Enforcement Network of the U.S. Department of the Treasury (“FinCEN”). BFS is also able to provide fiat funding services where a client does not have that capability.

Recent Developments

Registered Direct Offering

On February 27, 2026, we entered into a securities purchase agreement (the “Purchase Agreement”) with a single investor (the “Investor”). The offering closed on March 2, 2026, at which time pursuant to the Purchase Agreement we issued and sold to the Investor an aggregate of 3,024,799 shares (the “Shares”) of the Company’s Class A common stock, par value $0.0001 per share (the “Common Stock”), at a purchase price of $8.75 per Share and pre-funded warrants (the

-8-

“Pre-Funded Warrants”) to purchase an aggregate of 2,475,201 shares of Common Stock at a purchase price of $8.7499 per Pre-Funded Warrant.

The aggregate gross proceeds to the Company from the offering were approximately $48.125 million, before deducting placement agent fees and estimated offering expenses payable by the Company. The Company intends to use the net proceeds from the Offering for working capital, general corporate purposes and strategic initiatives.

Change of Name.

Effective January 22, 2026, the Company changed its name to Bakkt, Inc.

DTR Distributed Technologies Research Global Ltd. Acquisition

On January 11, 2026, Bakkt Opco Holdings, LLC (“Opco”), a Delaware limited liability company and wholly owned subsidiary of the Company, entered into a Share Purchase Agreement (the “Purchase Agreement”) by and among Opco, the Company, Distributed Technologies Research Global Ltd., a private limited company incorporated in Cyprus (“DTR”), and Akshay Naheta, Chief Executive Officer of Bakkt, Inc. Pursuant to the terms and subject to the conditions set forth in the Purchase Agreement (including a requirement that the acquisition be approved by the Company’s shareholders), the Company will acquire DTR, a global stablecoin payment infrastructure provider, by issuing to Mr. Naheta and other beneficial owners of DTR shares an aggregate number of shares of its Common Stock equal to 31.5% of the aggregate number of shares of the Common Stock that are issued and outstanding immediately prior to the closing, plus the aggregate number of shares of the Company’s capital stock issuable upon full exercise or conversion of any options, warrants or other convertible derivative securities that are outstanding immediately prior to the closing, on an as-converted basis, but excluding any warrants to purchase shares of the Common Stock to the Mr. Naheta and other beneficial owners of DTR shares.

Commercial Agreement With DTR

On July 31, 2025, we entered into a Commercial Agreement (the “Commercial Agreement”) with Distributed Technologies Research Global, Ltd. (“DTR”), which sets forth the terms and conditions governing the integration of Bakkt’s various solutions related to financial transaction processing and digital asset trading with DTR’s technology related to the execution of global payments powered by stablecoins.

Since the inception of the Commercial Agreement, we have successfully integrated the Bakkt and DTR platforms to support a unified Know Your Customer (“KYC”) workflow across multiple product lines. This integration facilitates streamlined onboarding and compliance monitoring for our shared ecosystems. Furthermore, the combined platform architecture now supports U.S.-based fiat on- and off-ramp capabilities, allowing for seamless transitions between traditional currency and digital assets.

Under the Commercial Agreement, DTR granted Bakkt and its affiliates a non-exclusive, non-transferable, sublicensable license for the duration of the term of the Commercial Agreement to access, display, reproduce, modify, create derivative works of, and otherwise use the DTR’s technology in certain territories; and DTR and its affiliates a non-exclusive, non-transferable, sublicensable, worldwide, right and license to display, reproduce, modify, create derivative works of, and otherwise use Bakkt solutions as needed. For each payment that is processed under the Commercial Agreement, Bakkt will be entitled to a customary fee for similar types of transactions.

The initial term of the Commercial Agreement is three years from the date of execution, unless terminated earlier. At any time, either party will be able to terminate the Commercial Agreement in the event of insolvency of the other party or a material breach of the other party that has not been cured. Pursuant to the terms and conditions of the Commercial Agreement, DTR will be subject to certain restrictions on its ability to provide services or technology that are competitive with the project in certain territories.

-9-

Up-C Collapse

On November 3, 2025, the Company completed an internal reorganization to streamline its corporate structure by eliminating the Company’s umbrella partnership-C-corporation (“Up-C”) structure (the “Reorganization”).

As part of the Reorganization, Bakkt formed the Company, which replaced Bakkt Holdings, LLC (“Old Bakkt”) as a listed parent company. In connection with the Reorganization, (i) holders of shares of Class A common stock, par value $0.0001 per share, of Old Bakkt (“Old Bakkt Class A Common Stock”) ceased to hold such shares and received an equivalent number of shares of Class A common stock, par value $0.0001 per share, of the Company (“Class A Common Stock”) that have the same voting and economic rights as Old Bakkt Class A Common Stock, (ii) holders of shares of Class V common stock, par value $0.0001 per share, of Old Bakkt (“Old Bakkt Class V Common Stock”) ceased to hold such shares and received an equivalent number of shares of Class V common stock, par value $0.0001 per share, of the Company (“Class V Common Stock”) that have the same voting and economic rights as the Old Bakkt Class V Common Stock, (iii) holders of common units in Opco each coupled with one share of Old Bakkt Class V Common Stock (together, the “Paired Interests”), ceased to hold such Paired Interests and received an equivalent number of shares of Class A Common Stock, resulting in the elimination of shares of Class V Common Stock and the Company having only one class of outstanding common stock, (iv) holders of membership units of the Management Vehicle ceased to hold membership units of the Bakkt Management, LLC (“Management Vehicle”) and received in exchange corresponding Opco Incentive Units granted under the Second Amended and Restated Bakkt Equity Incentive Plan, (“the Opco Plan”), as amended, held by the Management Vehicle, together with the share of Class V Common Stock paired therewith, and (v) holders of Opco Incentive Units, together with the share of Class V Common Stock paired therewith, ceased to hold such Opco Incentive Units and the shares of Class V Common Stock paired therewith, and received in exchange the right to receive a corresponding number of validly issued, fully paid and nonassessable share of Class A Common Stock.

Sale of Loyalty Business

On October 1, 2025, Bakkt completed the sale of the Loyalty business to Project Labrador Holdco, LLC, a wholly owned subsidiary of Roman DBDR Technology Advisors, Inc. (the “Purchaser”). At the Closing, the Company delivered the equity of the Acquired Entities, together with an amount of cash equal to $18,876,950, which consisted of an agreed amount of $9,974,000 plus (i) the amount of the most negative working capital of the business that existed in the twelve months prior to the closing date, (ii) the amount of estimated indebtedness, and (iii) agreed expenses, and minus (iv) certain deductions for amounts owed by the Purchaser to Opco, subject to post-closing adjustments. After the twelve-month anniversary of the closing, the parties will determine whether the value of working capital delivered to the Purchaser at the closing was greater than the greatest absolute value of working capital that existed in the twelve months following the date of the closing. If the value of working capital delivered to the Purchaser at the closing was greater than such greatest absolute value, the Purchaser will pay to Opco the difference between the value of working capital delivered to the Purchaser at the closing and such greatest absolute value. In addition, at the closing, Opco loaned approximately $5,000,000 in restricted cash to the Purchaser pursuant to the Loyalty Business purchase agreement and unsecured subordinated promissory notes to support obligations under certain agreements with the corporate entities comprising the Loyalty business. Such notes are expected to be repaid by the Purchaser when such cash is no longer restricted pursuant to the terms of the purchase agreement.

Sale of Bakkt Trust

On March 17, 2025, we entered into an agreement with ICE, a significant stockholder of ours, whereby ICE agreed to purchase all of the outstanding equity interests of Bakkt Trust in exchange for $1.5 million plus the assumption of Bakkt Trust’s regulatory capital requirement, which was approximately $3.0 million as of signing, and certain operating

-10-

costs of Bakkt Trust during the period between the signing of the purchase agreement and the closing of the transaction (subject to such closing). The sale closed on May 15, 2025.

Investment Policy

On June 10, 2025, we announced the adoption of our updated corporate investment policy, enabling the Company to allocate capital into digital assets, as part of our broader treasury and corporate strategy, subject to market conditions and the anticipated liquidity needs of the business (“Investment Policy”). Subject to the Investment Policy, we may acquire Bitcoin or other digital assets, using excess cash, proceeds from future equity or debt financings, or other capital sources. We may also explore further opportunistic financing alternatives, including the issuance of convertible notes, bonds, or other debt instruments, for the purpose of acquiring Bitcoin or other digital assets or otherwise in accordance with the Company’s investment policy. To date, the Company has not purchased any Bitcoin or other digital assets under the investment policy.

Digital Asset Market Developments

The digital asset landscape underwent a fundamental shift in 2025, transitioning from a speculative retail market into the foundational architecture of global finance. This shift was defined by legislative clarity and formation of global standards for compliance, institutional integration, and the utilitarian expansion of stablecoins.

The passage of the Guiding and Establishing National Innovation for U.S. Stablecoins Act (“GENIUS Act”) in July 2025 created a federal regulatory framework for payment stablecoins. Under the GENIUS Act, compliant payment stablecoins are exempted from being treated as securities or commodities for purposes of the regulatory framework established by the GENIUS Act. It also requires issuers of payment stablecoins to maintain 1:1 backing with high-quality liquid assets, such as the U.S. dollars or short-term Treasuries, and to publish monthly reserve attestations. Establishing a federal framework provides regulated banks with a clear pathway to integrating stablecoins into existing payment infrastructure.

In 2025, the digital asset markets saw fluid trends influenced by a mix of global trade tensions. As of early 2026, the digital asset markets appear to be in a similar dynamic environment, but have gained support from several institutional holders. Growth accelerated in 2025 following rule changes by the U.S. Securities and Exchange Commission (the “SEC”), including the rescission of Staff Accounting Bulletin 121 (“SAB 121”), which significantly reduced capital and risk management constraints, paving the way for major banks to expand their custody offerings.

Further, in 2025, the U.S. House of Representatives passed the Digital Asset Market Clarity Act of 2025 (the “CLARITY Act”), a proposed federal legislative framework intended to provide greater regulatory clarity for digital assets and digital asset market participants. The CLARITY Act seeks to establish statutory definitions for various categories of digital assets, including digital commodities, digital securities and payment stablecoins, and to delineate regulatory jurisdiction between the SEC and United States Commodity Futures Trading Commission (“CFTC”). The legislation also contemplates registration and compliance frameworks for digital asset trading platforms, brokers and other intermediaries. Although the CLARITY Act has not yet been enacted into law and remains subject to further legislative consideration and potential amendment, its stated objective is to provide greater legal certainty regarding the classification, oversight and permissible activities relating to digital assets. If enacted substantially as proposed, the legislation could promote more consistent regulatory treatment, facilitate institutional participation, and support the continued development of digital asset infrastructure and related services in the United States. However, the ultimate scope, timing and impact of any such legislation remain uncertain.

Beyond regulatory progress, the industry continued investing in real-world use cases. In 2025 and early 2026, the use of Real World Assets (“RWA”), which refers to the tokenization of private credit, government bonds, and equities, continued to gain traction. For example, the New York Stock Exchange and NASDAQ, both announced strategic initiatives to provide tokenized securities platforms facilitating 24/7 trading. The industry also saw the early emergence of “agentic

-11-

payments,” where AI agents use HyperText Transfer Protocol (“HTTP”) native settlement standards to execute autonomous transactions, signaling a broader transition from digital assets as purely tradable instruments toward functioning economic infrastructure.

Digital Financial Infrastructure Solutions

Our solutions include:

Bakkt Markets. Bakkt Markets enables institutions to launch secure, compliant, and advanced digital asset brokerage and trading capabilities through a plug-and-play platform that provides global digital asset capabilities without needing to build in-house.

Bakkt Agent. Bakkt Agent provides institutions, and the Company intends to provide individual consumers, with programmable access to financial infrastructure through an AI-driven software layer that coordinates onboarding, account creation, funding, stablecoin and fiat payment rails, and global money movement.

Bakkt Global. Bakkt Global enables Bakkt to expand its technology and infrastructure into international markets through strategic investments in jurisdiction-specific entities operating in regulated financial markets. For instance, the Company has made an investment in Bitcoin Japan Corporation (Tokyo Stock Exchange: 8105), purchasing approximately 30% of its outstanding voting shares to expand institutional digital asset access in Japan.

Bakkt Markets

Bakkt Markets is the Company's core institutional digital asset infrastructure business, providing clients with a regulated, plug-and-play platform through which they can offer digital asset trading, stablecoin payment services, custody, and related capabilities to their own customers. Bakkt Markets serves as the regulatory and liquidity foundation of the Company's integrated platform.

We currently provide the following digital asset-related services for retail customers. These services are provided through our clients which have a direct relationship with such customers and utilize our trading platform and custody services.

•digital asset trading;

•fiat funding and payments via stablecoins;

•custody services for the digital assets supported for trading; and

•external transfers of digital assets in jurisdictions where transfers are allowed.

We currently facilitate transactions in, and provides services for, the digital assets listed in the table below.

-12-

-13-

Our management regularly considers whether to add or remove digital assets available on our platform, consistent with our policies and procedures and developments in light of regulatory guidance. See “Policies and Procedures Listing-Related Policies.”

Digital Asset Trading

Our client agreements entitle us to receive recurring revenues in the form of platform fees from clients for the use of our platforms by their customers.

Customers may purchase approved digital assets directly through BFS utilizing:

•the customer’s fiat wallet (see Fig. 1 below);

•the customer’s Banking as a Service (“BaaS”) provider account (see Fig. 2 below); or

•the customer’s brokerage account (see Fig. 3 below).

Customers may sell digital assets through BFS. The sale proceeds from a sale can be directed to:

•the customer’s fiat wallet (see Fig. 4 below);

•the customer’s BaaS account (see Fig. 5 below); or

•the customer’s brokerage account (see Fig. 6 below).

The funding source is specific to the client relationship through which the customer account was opened and is not specified by the individual customer account holder. For example, if a customer opens an account with a client where trades are funded via a BaaS relationship, all sale and purchase transaction-related funds will flow through the customer’s BaaS account. Customers submit all purchase and sale orders through the user interface of the client with which they have opened an account.

With respect to customer purchase and sale orders, BFS operates as a riskless principal and offsets each customer order it fills by routing a corresponding order to a liquidity provider on a one-to-one basis. BFS settles its transactions with liquidity providers on a net basis. For more information, see “Digital Assets and Services Offered by BFS Asset Trading Liquidity Providers” below.

Customers can submit an order request to purchase digital assets by specifying the dollar value or coin quantity that they wish to purchase. The client’s user interface displays the estimated price or quantity, as applicable, as well as any transaction fees.

Before sending a purchase order request, the client must verify that sufficient funds are available in the applicable customer funding source. If the customer account has sufficient funds, the client then sends the order to BFS. Upon receipt of the purchase order, BFS accepts and processes the purchase order and records any order fill transactions on BFS’s internal ledger. BFS recognizes the revenue from markup and/or trade fees at this time in the flow using explicit journal types in the transaction ledgering.

-14-

If the customer’s funding source is a fiat wallet, BFS will debit the customer’s fiat wallet on its internal ledger. During the daily net settlement period fiat funds are transmitted from the for benefit of (“FBO”) account to the BFS transaction account.

Fig. 1 Digital Assets Purchase Through A Fiat Wallet

If the customer’s funding source is a BaaS account, BFS sends a message to the client that a trade has been executed. The client then instructs the BaaS provider to transfer the funds from the customer’s BaaS account to its BaaS FBO account. The BaaS provider will debit the customer’s fiat wallet on its internal ledger. During the daily batch settlement period, fiat funds are transmitted from the BaaS FBO account to the BFS transaction account.

A BaaS account is one where a client, through its banking relationships, offers customers the ability to withdraw fiat currency from, or transfer or deposit fiat currency into, the customer’s BaaS account with that client. In those instances, those customers would utilize their BaaS account to purchase supported digital assets from BFS, as depicted in Figure 2, below, and to deposit the proceeds of sales of supported digital assets to BFS, as depicted in Figure 6, below. Our client, not the Company, maintains the relationship with the BaaS provider and the Company is not itself regulated as a bank.

Fig. 2 Digital Assets Purchase Through A Customer’s BaaS Account

If the customer’s funding source is a brokerage account, BFS sends a message to ledger the funds from the customer’s brokerage account at the brokerage’s clearing firm to BFS brokerage account at the brokerage’s clearing firm.

-15-

During the daily batch settlement period, fiat funds are transmitted from the BFS brokerage account to the BFS transaction account.

Fig. 3 Digital Assets Purchase Through A Customer’s Brokerage Account

For sales, customers submit an order request via the client with which they have a relationship to BFSto sell digital assets by specifying the dollar value or quantity that they wish to sell. For market orders, the client displays the estimated price or estimated quantity, which is inclusive of any markup. If the client is charging any trade fees, those will be displayed and included in the total trade value. Once confirmed by the customer, the order is then sent to BFS by the client. Upon receipt of the order, BFS accepts and processes the sale order and records the order fill transaction on BFS’s internal ledger by recording a debit to the customer’s digital asset account.

If the customer’s funding source is a fiat wallet, BFS will credit the customer’s fiat wallet on its internal ledger. During the daily batch settlement period, fiat funds are transmitted from the BFS transaction account to the FBO account.

Fig. 4 Digital Assets Sale with proceeds to the Customer’s Fiat Wallet Hosted by BFS

If the customer’s funding source is a BaaS account, BFS sends a message to the client that a trade has been executed. The client then instructs the BaaS provider to transfer the funds from its BaaS FBO account to the customer’s

-16-

BaaS account. The BaaS will credit the customer’s fiat wallet on its internal ledger. During the daily batch settlement period, fiat funds are transmitted from the BFS transaction account to the BaaS FBO account.

Fig. 5 Digital Assets Sale with Proceeds to the Customer’s BaaS Account

If the customer’s funding source is a brokerage account, BFS sends a message to ledger the funds from the BFS brokerage account at the brokerage’s clearing firm to the customer’s brokerage account at the brokerage’s clearing firm. During the daily batch settlement period, fiat funds are transmitted from the BFS transaction account to the BFS brokerage account.

-17-

Fig. 6 Digital Assets Sale with Proceeds to the Customer’s Brokerage Account

Liquidity Providers

BFS currently has relationships with several liquidity providers, with at least one provider servicing each supported digital asset in order to provide consistent liquidity. BFS aggregates quotes from its liquidity providers by asset, side, price and size, which BFS uses to determine what quotes to provide, as principal, to its clients for display to customers.

To fill customer orders as a riskless principal, the BFS platform compares customer orders to the aggregated best bid or offer prices quoted by BFS’s liquidity providers. If a customer order is marketable, BFS routes an offsetting order for its own account, on a one-to-one basis, to the liquidity provider quoting the best price. Customers may place market orders or limit orders on the BFS platform. Market orders are, by definition, marketable when they are placed. As such, when a customer market order is received, BFS will offset that order by routing an order for its own account to the relevant liquidity provider on an “immediate or cancel” basis. Limit orders may be marketable when they are placed or may become marketable when the aggregated market price, as determined by BFS’s proprietary internal system, aligns with the limit price selected by the customer. The BFS platform holds customer limit orders that are not marketable at the time they are placed on BFS’s internal order book and evaluates such orders for marketability on an ongoing basis as liquidity providers change their best bid or offer prices. Should a customer limit order become marketable as the aggregated best price changes, the BFS platform would, at that point, place an offsetting order for its own account with a liquidity provider.

Upon receipt of a fill confirmation from the liquidity provider servicing one of BFS’s offsetting orders, BFS will fill the corresponding customer transaction out of its own account, as riskless principal. In other words, the BFS platform is structured to execute the offsetting order for BFS’s own account prior to executing the corresponding customer order.

BFS has written agreements with all of its liquidity providers. Under these agreements, BFS is granted access to proprietary trading platforms of the liquidity providers for the purpose of placing orders for purchase or sale of digital assets. BFS acts as principal in such transactions with liquidity providers. Orders cannot be withdrawn, cancelled or amended. After the liquidity provider accepts the order, it issues a transaction confirmation. The parties then are obligated to deliver fiat currency and digital assets according to the terms of the transaction. The agreements contain customary representations and warranties and confidentiality, limitation of liability and indemnification provisions. The agreements do not have a set term and generally may be cancelled by either party for convenience on prior written notice of 30 to 60 days, with some agreements providing for no such notice obligations or a notice obligation of seven days.

Settlement is conducted on a net basis on the blockchain supporting the digital asset. BFS is not required to pre-fund any transactions with liquidity providers. Instead, BFS settles with liquidity providers on a daily basis; however, in instances where a liquidity provider’s settlement balance is less than an agreed upon notional dollar amount for a given

-18-

token, BFS will settle with those liquidity providers on the last business day of the applicable month, or when the settlement balance exceeds those levels, if sooner. At settlement, fiat currency and digital assets are exchanged to settle trading obligations from the previous period. In periods of heavy trading volumes, BFS and the liquidity providers may agree to perform more frequent settlements in order to decrease the exposure of unsettled transactions.

Custody Services for the Digital Assets Supported for Trading

BFS has third-party custodial relationships with Fireblocks Trust Company, LLC (“Fireblocks Custody”), Coinbase Custody Trust Company (“Coinbase Custody”), and BitGo Trust Company (“BitGo”), which are currently used for custody and digital asset transfers, where applicable. In addition, BFS also self-custodies select digital assets (approximately 5% of total customer digital assets were self-custodied as of December 31, 2025) to facilitate customer withdrawals utilizing the Fireblocks Vault service offered by Fireblocks Inc. (“Fireblocks”). Self-custodying customer digital assets through the use of Fireblocks third-party custody software involves risks related to our reliance on the third party for certain services. These include the implementation of Secure Multi-Party Computation (MPC) key creation software, the provision of software that facilitates a Secure Transfer Environment for the transfer of digital assets, and workflow authorization functionality ensuring that only BFS specified authorized persons are able to access the wallets for authorized purposes.

Under the Fireblocks Custody Agreement, Fireblocks Custody provides BFS with one or more segregated custody accounts to store supported digital assets on BFS’s behalf. Digital assets in the custodial account are segregated from Fireblocks Custody's own property and the assets of its other customers, are not treated as general assets of Fireblocks Custody, and Fireblocks Custody acts as a fiduciary and custodian on BFS’s behalf. Pursuant to the Fireblocks Custody Agreement, Fireblocks Custody manages digital asset wallet private keys using offline devices (hardware devices that are not connected to the internet). Fireblocks Custody has also implemented and agreed to maintain an information security program, as required by the NYDFS, with policies and procedures reasonably designed to safeguard its electronic systems and BFS’s information from unauthorized access. Fireblocks Custody is required to provide electronic account statements on at least a monthly basis detailing the amount of assets and all account activity. BFS does not have inspection rights under the Fireblocks Custody Agreement. The Fireblocks Custody Agreement remains effective until terminated by either party by providing at least 30 days’ prior written notice to the other party.

Under the BitGo Custody Agreement, BitGo, at BFS’s direction, establishes and maintains wallets for the storage of digital assets, including cold wallets where BitGo holds all of the keys, and all of those keys are held in an offline storage platform (a “Vault”). BitGo serves as custodian of digital assets stored in these wallets. BitGo is required to use reasonable best efforts to keep all custodial coins received by BitGo in safe custody on behalf of BFS and to keep all keys to the custodial wallet held by BitGo secure and to maintain at least one backup key. BitGo is also required to exercise all reasonable best efforts to prevent unauthorized access to or use of the keys held by BitGo to the custodial wallet. BFS does not have inspection rights under the BitGo Custody Agreement. The BitGo Custody Agreement had an initial one-year term and is renewing automatically for successive one-year periods unless either party provides notice to the other party of its intent not to renew at least 60 days prior to the expiration of the then-current term.

Under the Coinbase Custody Agreement, Coinbase Custody provides Bakkt with a segregated custody account controlled and secured by Coinbase Custody to store certain digital assets supported by Coinbase Custody on BFS’s behalf. Digital assets in the custodial account are not treated as general assets of Coinbase Custody, and Coinbase Custody is a fiduciary and custodian on BFS’s behalf. Pursuant to the Coinbase Custody Agreement, Coinbase Custody securely stores digital asset private keys in offline storage and has implemented and agreed to maintain a reasonable information security program with policies and procedures reasonably designed to safeguard its electronic systems and BFS’s confidential information. Coinbase Custody is required to keep timely and accurate records as to the deposit, disbursement, investment and reinvestment of digital assets and maintain accurate books and records of the custody services in accordance with applicable law and its own internal document retention policies. BFS does not have inspection rights under the Coinbase Custody Agreement. The Coinbase Custody Agreement remains effective until terminated by either party by providing at least 30 days’ prior written notice to the other party.

-19-

Pursuant to the License Agreement between Fireblocks and BFS, Fireblocks has granted BFS a non-exclusive, non-sub-licensable, non-transferable license to generate wallets through the Fireblocks Vault service. The service allows BFS to access and use digital asset wallets that store private and public keys, interact with various blockchains and monitor its balances of digital assets.

BFS holds all digital assets, including customer digital assets and the immaterial inventory of digital assets that BFS maintains for purposes such as facilitating blockchain fee payments and accommodating the impacts of rounding, in omnibus wallets. With respect to mode of storage, a small percentage of all digital assets (generally not more than 2%) are held in warm or hot storage in order to facilitate daily settlement and customer withdrawals, while the vast majority of digital assets are held in cold storage and accessed, as needed, to replenish the warm or hot wallets. The amounts of digital assets held in warm/hot storage and cold storage are monitored daily by our custody operations team and reviewed by management on a monthly basis.

Assets stored by Coinbase Custody and BitGo are held 100% in segregated cold storage. “Segregated” means that BFS customer assets are held in unique addresses on the respective blockchains and do not include assets of other BitGo or Coinbase clients, or of BitGo or Coinbase themselves. Both entities are SOC 1 certified. At this time, BFS does not utilize third parties other than Fireblocks Trust, Coinbase Custody, and BitGo to hold customer digital assets as custodian.

Private keys are held in controlled locations dispersed through the United States according to SOC 1 audit procedures to ensure appropriate security. There are dedicated team members responsible for daily reconciliation of wallet holdings. New members of our custody operations team are required to complete training and test simulations and are provided with a runbook on our custody procedures. New members of the custody operations team, like all our employees, also are subject to background checks and drug testing. The daily reconciliations prepared by the custody team are reviewed and analyzed by management monthly. Designated individuals within the custody operations team are responsible for the initiation and approval of outbound wallet transactions, as per our policies and procedures. Access rights are managed according to the principle of least privilege. These rights are maintained according to our IT security policy and subject to quarterly review by our IT security team.

No insurance provider has inspection rights in respect of the digital assets held in storage.

External Transfers of Digital Assets

We make available to customers the ability to transfer digital assets to and from external wallets. Because we have structured our platforms to be client-configurable in several aspects, each client has the discretion to enable this transfer feature for its customers.

Other Potential Services

As a B2B2C-oriented, client-led business, we continually refine our service offerings in light of client demand and our strategy in a manner that is compliant with applicable governance and regulatory requirements.We are prioritizing the scaling of Bakkt’s AI-powered financial agentic platform designed to simplify global money movement and stablecoin-based payments and will continually evaluate new product offerings that we believe are logical expansions of our platform that will address client and customer needs and expectations. Because of the rapidly changing regulatory environment, we continue to evaluate our potential service offerings to ensure alignment with evolving compliance standards and our long-term digital asset strategy; and we may decide to undertake, or in some cases stop undertaking, potential service offerings in light of regulatory or compliance concerns.

Policies and Procedures

We and our subsidiaries have a comprehensive set of policies and procedures relating to digital assets and digital asset-related services.

-20-

General

Self-dealing and other potential conflicts of interest are addressed by our Insider Trading Policy, Code of Business Conduct and Ethics, Related Person Transactions Policy and Cryptocurrency Listing Policy. Employees are trained in these areas and attest to review these documents and policies upon hire and annually. Operationally, we implement segregation of duties and information tied to trading, listing and money movements, including protections for whistleblowers, compliance reviews, and blackout periods. Orders are entered into our systems where transactions are executed at best available prices with market makers and liquidity sources, designed to further insulate customer activities and prevent front-running and other illegal activities.

Custody-Related Policies

BFS makes use of third-party providers of custodial services, including Fireblocks Trust Company, LLC, Coinbase Custody Trust Company, LLC and BitGo, to hold customer digital assets as custodian in cold storage as well as in hot or warm wallets as necessary. BFS also self-custodies customer digital assets using the Fireblocks Vault service. All wallets hosted by BFS are omnibus wallets, which may contain both digital assets held for the benefit of customers and the limited quantity of digital assets held by BFS in its own account as inventory. BFS does not, and historically did not, operate a proprietary trading business.

Listing-Related Policies

We maintain digital asset listing and delisting policies (the “Listing Policies”), which provide a framework for the review and approval of new digital assets, and the continued offering of digital assets for customer transactions. The Listing Policies were revised to accommodate new guidance issued by the NYDFS in November 2023, and were subsequently approved by the NYDFS. Material revisions to the Listing Policies require prior written approval from the NYDFS.

The Listing Policies require the covered entity to undertake and document a risk assessment for each new digital asset, which considers a number of risks, including legal and regulatory risk, and entails a review of the regulatory status of the digital asset. Other risks covered by the risk assessment include integrity and legitimacy risk (i.e., risks associated with the creation, governance, issuance, and design of the digital asset); reputational risk; liquidity, pricing, and manipulation risk; operational risk; cyber security risk; and illicit finance risk. The Listing Policies also provide for an evaluation of actual or potential conflicts of interest with respect to the potential listing of a digital asset, and updates to policies and procedures to ensure that monitoring and control measures are in place to manage money laundering and financial crime risk associated with the digital asset.

Under the Listing Policies, we utilize the risk assessment to consider various factors when making a decision to approve a new digital asset for listing, including, among others, the appropriateness of the digital asset to our business model and client base and whether the digital asset is supported by other reputable markets or trading venues. In order to assess the regulatory status of a digital asset, we consider the applicable laws, rules and case law, and other factors relevant to the determination of the security status of a digital asset, and the positions of the SEC as expressed in various crypto-related enforcement actions and lawsuits. We may also solicit the opinion of outside counsel.

We are required to monitor each of the digital assets for material changes and for changes in the risk assessment conducted during the listing evaluation, and to ensure their offering remains consistent with our mission and values, general safety and soundness, and protection of customers. Should we determine that removal of a digital asset is consistent with NYDFS guidance and regulations, and with safety and soundness, we will delist the digital asset in accordance with the Listing Policies.

The Listing Policies do not ascribe specific weighting to particular factors or inputs to be considered in connection with the potential listing or delisting of digital assets.

-21-

Sales and Marketing

We market our platform to our clients. We do not engage in any direct-to-consumer marketing for the acquisition or engagement of customers. As part of client engagement, we may assist them in developing their digital assets marketing strategy but any such strategy is ultimately executed by clients at their discretion.

Clients may choose to market our digital asset services to customers. In order to ensure we comply with applicable laws and regulations, we retain the right to review customer-facing marketing materials proposed to be used by clients. In specific instances, we require clients to disclose the services we provide and the related risks in such materials.

We market our products and services to potential clients using multiple business-to-business channels, such as (i) Company-owned domains (e.g., our website and blog and its social media platforms), (ii) direct marketing, including email marketing and targeted digital advertisements to potential clients, and (iii) indirect marketing to potential clients via partnerships with existing clients and other third parties to promote branding and product access for potential clients through existing client channels.

Since customers must agree to our terms of use in order to utilize the services offered by our platforms, as part of customer onboarding, we collect data about customers from the applicable client and/or customer in accordance with our privacy policy. This data is used to complete required processes (e.g., Customer Identification Program and KYC verification) and to service customers.

We believe our growing network of clients provides potential for increased scale and substantiates the viability of our business plan. As our partnerships go live, we will offer to retail clients marketing resources to drive consumer adoption and usage of our platform. The successful activation and implementation of these partnerships are expected to be a significant driver for our transaction growth and associated revenue, including digital asset trading revenue. We believe we will benefit from a positive network effect, where the value of our network will generally increase as we add new clients, customers and digital assets to our platform.

Insurance Matters

We maintain types and amounts of insurance coverage that we believe are appropriate and consistent with customary industry practices. Our insurance policies cover employee-related accidents and injuries, property damage, business interruption, storm damage, facilities, cyber, crime and liability deriving from our activities. Our insurance policies also cover the employee and fiduciary liability of our directors and officers. The insurance policies include exclusions aimed at delineating and clarifying the scope of coverage. Examples of key customary exclusions include exclusions for losses arising from force majeure events or theft, fraud, or dishonest acts committed by any principal shareholders, partners or directors of the insured entity. Losses stemming from the network failure of a digital asset cryptographic protocol, as well as those associated with illegal activities like money laundering, are expressly excluded.

We may also be covered for certain liabilities by insurance policies issued to third parties, including, but not limited to, our dealers and vendors.

To protect against loss to or theft of digital assets, we maintain $20 million of hot storage insurance coverage. Our hot wallet insurance coverage is in place until August 2026. All supporting insurers maintain a minimum A.M. Best rating of “A”.

Our Clients

Our clients include financial institutions, fintechs, broker-dealers, neobanks, registered investment advisers, exchanges, and other businesses. Our digital asset-related capabilities facilitate new asset acquisition opportunities for their customers, in addition to the secure safekeeping of acquired digital assets and digital assets stored on behalf of institutional clients.

-22-

Our dependence on a limited number of clients exposes us disproportionately to the risk of any of those clients choosing to no longer partner with us, to the economic performance of such clients or their respective industries or to any events, circumstances, or risks affecting such clients or their respective industries. For more information, please see our risk factors described in “Item 1A. Risk Factors - Risks Related to Our Business, Finances and Operations”.

Revenue Model

We primarily generate transaction revenue from digital asset buy/sell transactions, where we charge a fee on both legs of the transaction.

Growth Strategy

We go to market using a platform strategy, driven by our clients. We partner with leading companies and expect to grow customers on our platform through those relationships, in addition to our direct institutional clients. We have built an extensive network of clients across various industries, including financial institutions, wealth management, payments and digital asset exchanges. These clients include Swan Bitcoin, Nexo, Blockchain.com, Blockwire, Oobit and Longbridge. We believe this strategy will enable us to add transacting accounts and volume more quickly and more efficiently than a direct-to-consumer model, as the continued adoption of digital assets as we receive tailwinds from each client’s core competency and growth.

As part of this approach, we have developed our platform to be flexible and scalable to accommodate how different clients may want to implement our solutions. Depending on each client’s specific needs and objectives, that client can choose to add one, some or all of our capabilities, and can also choose the manner in which those capabilities are enabled. Clients can choose to fully or partially embed our capabilities directly through Bakkt-hosted user interfaces.

We believe our growth will come from adding clients and correspondingly, their customers, and increasing transaction activity as well as strategic acquisitions. Leveraging BFS’s proprietary trading platform and existing relationships with liquidity providers, we provide a wide range of assets and competitive pricing to our clients.

Our growth strategies include the following:

•Adding clients. We are focused on continuing to build strong client relationships. We believe acquiring customers through our clients is an efficient and scalable way to grow our business. BFS has significantly expanded our digital asset client base into a number of new and rapidly growing client verticals, such as fintechs, trading and brokerage platforms.

•Adding customers. We are focused on activating our existing clients and supporting our clients in marketing campaigns to drive new customer acquisition and engagement of existing customers.

•Expanding our offering. We aim to increase the breadth and depth of our product offerings in order to increase its appeal to clients and customers. For example, BFS accelerated our product road map by providing new capabilities to our platform including the addition of 29 coins to our platform in 2025 and deposit and withdrawal functionality across the United States. We launched entity support and refined our core capabilities. We enhanced the KYC/AML workflows and engines through our cooperation agreement with DTR utilizing their modernized and highly compliant tech stack.

Over time, we expect to continue to invest in our business to provide best-in-class products and services. Some of those longer-term planned enhancements include:

•Digital asset enhancements. We expect to expand our digital asset capabilities to products and services that we believe will appeal to both our clients and customers. By increasing the acceptance of digital asset investing in the

-23-

professional retail trading space, we believe that these additional products can further increase interest in digital assets generally among retail consumers, which will ultimately benefit our platform. For example, our proposed acquisition of DTR and the launch of a new trading platform with advanced capabilities.

•Evaluate additional strategic acquisitions. We will continue to be opportunistic and evaluate strategic acquisitions that have compelling benefits for our business.

How We Are Different

The markets in which we operate are highly competitive, rapidly changing and highly innovative. We believe that we are well-positioned given our unique ability to provide all of our capabilities under one platform, combined with our institutional-grade, secure and licensed infrastructure. We continue to improve and refine these offerings through our deployment of AI within approved risk and AI frameworks. We believe this provides a competitive differentiation that would be difficult to replicate. We compete with a wide range of parties, including digital asset exchanges and other digital asset infrastructure system providers for similar services. This market is growing and changing rapidly, so we expect that we will continue to see increased competition with new entrants into the space or existing competitors expanding their product offerings.

We believe that our business model provides us with significant competitive advantages, including:

•Multi-faceted approach to security and compliance. We enable responsible and secure access to digital assets for our clients. Our compliance measures, controls and risk management practices are at the core of how we operate. Our infrastructure provides multiple layers of protection and provides heightened security over the Company’s platform and products. As a public company, we are subject to significant and comprehensive regulations. Across our entities, we possess a BitLicense from NYDFS and state money transmitter licenses in all jurisdictions that we believe are required for us to operate our business. We have policies and programs that govern crypto-related activity, such as a cyber security program, information security policy, global AML policy, and U.S. Bank Secrecy Act (“BSA”)/Office of Foreign Assets Control (“OFAC”) of the U.S. Department of the Treasury program. These measures are all designed to protect our clients and stockholders.

•Client-led strategy. We build in tandem with our clients, viewing them as long-term partners rather than just platform users. Our strategy is rooted in a deep understanding of our partners’ unique objectives, allowing us to continually refine our offerings and deploy innovative, institutional-grade solutions. This collaborative feedback loop ensures that as the digital asset landscape evolves, our platform and our clients stay ahead of the competition and at the forefront of the digital economy.

•Institutional-grade platform. Bakkt’s platform is purpose-built for the digital asset economy. We combine native support for diverse asset classes with rigorous regulatory controls and enterprise-level scalability. By providing a safe, reliable bridge for retail engagement today, we’ve created a future-proof platform ready to launch next-generation institutional products and services.

•Trusted and scalable capabilities. Our approach, built to scale with technology, privacy, security and compliance at its core, is informed by our team's decades of collective experience. Our platform moves a significant amount of volume across asset classes every day. We believe these pillars provide confidence to customers and clients that participate in our ecosystem.

Sales and Marketing

Our go-to-market strategy follows a 'B2B2C' model, acquiring customers primarily through deep-seated enterprise partnerships. By building scalable relationships we drive efficient user growth and provide our clients with the tools to

-24-

deepen customer engagement. Rather than navigating a separate Bakkt interface, digital asset users interact with our capabilities entirely within our clients’ native interface, ensuring a frictionless and brand-consistent journey.

Our marketing efforts are focused on business-to-business (“B2B”) activities to acquire new clients. We utilize multiple B2B channels, such as Bakkt-owned domains (e.g., our website and blog and its social media platforms) and direct marketing to potential clients, such as email marketing and targeted digital advertisements. To accelerate this pipeline, we maintain a high-touch presence at key industry conferences and global summits, utilizing these forums to solidify thought leadership and engage directly with decision-makers from prospective institutional partners. We leverage strategic partnerships with existing clients and third parties to broaden our reach.

Technology

Our core platforms are engineered in-house by a technical team with deep expertise in digital assets and financial technology. As a technology-first company, we are dedicated to building and maintaining our own proprietary systems to ensure maximum performance and control. We selectively integrate best-in-class providers only when doing so accelerates our roadmap or enhances specific non-core utilities, allowing our engineering resources to remain focused on our primary architectural advantages.

We leverage a modern, cloud-native stack to deliver bespoke and off-the-shelf infrastructure for institutional clients. To ensure ecosystem integrity, our platform integrates robust, in-house governed KYC, AML, and anti-fraud controls to combat financial crime.

API-First Integration & Performance

Our architecture is designed for seamless integration into existing financial workflows, anchored by two primary pillars:

•Institutional-Grade Trading & Liquidity: A high-performance execution engine built for speed and scale. We deliver equities-grade performance to ensure deep liquidity and reliable execution for the purchase and sale of digital assets.

•Stablecoin Payment Rails: We power modern payment experiences by leveraging stablecoins for near-instant settlement and cross-border value transfer. Our infrastructure allows clients to bypass legacy banking delays, offering 24/7 programmable payment solutions.

Cybersecurity

Each of our products is architected, deployed, and managed through a common controls environment designed to protect our customers' confidential information using a combination of administrative, physical, and technical controls. We maintain a comprehensive cyber security program, managed by a dedicated team of security professionals, leveraging multiple layers of defenses to protect our clients’ consumer data, as well as digital asset wallets, including digital assets that are kept in custody. Our administrative, technical, and physical controls include the use of separation of duties, physical and logical access controls, encryption, dedicated security monitoring, and other controls to protect our environment and restrict unauthorized access. Additionally, we regularly utilize independent external parties to assess and provide added assurance that our products are designed appropriately and operating effectively. We currently maintain independent SSAE-18 SOC 1 Type II and SOC 2 Type II attestation reports for our digital asset platform. We comply with NYDFS Part 500 cybersecurity requirements which impose requirements related to establishing a detailed cybersecurity plan, enacting a comprehensive cybersecurity policy, and maintaining an ongoing reporting system for cybersecurity events.

-25-

Regulation

International, federal and state laws and regulations apply to many key aspects of our business. Any actual or perceived failure to comply with these requirements may result in, among other things, the revocation, suspension, or conditioning of required licenses or registrations, the loss of approved status, regulatory or governmental investigations, administrative enforcement actions, sanctions, civil and criminal liability, private litigation, reputational harm, or constraints on our ability to continue to operate. We operate in a regulatory environment that is rapidly evolving and increasing in scope. Legislative and regulatory authorities at the federal and state level have taken, and may continue to take, actions to modify existing laws or adopt new laws or regulations related to digital assets and related activities. Current or future laws or regulations could be enacted, interpreted or applied in a manner that would materially support, prohibit, alter, or impair our existing or planned products and services, or that could require costly, time-consuming, or otherwise burdensome compliance measures, or could force us to modify our business in a manner to successfully compete with new or existing entrants in the industry. Further, additional laws and regulations may apply to our businesses as we expand outside of the United States or into new jurisdictions in the future. For more information, please see our risk factors described in “Item 1A. Risk Factors Risks Related to Crypto and Risks Related to Regulation, Taxation and Laws”.

Regulation of Our Money Transmission Business. BFS maintains money transmitter licenses in each U.S. jurisdiction in which such licenses are required for its activities and operates pursuant to applicable statutory and regulatory frameworks in jurisdictions where a money transmitter license is not presently required for the digital asset activities it conducts. BFS also is registered as a money services business” with the Financial Crimes Enforcement Network of the U.S. Department of the Treasury (“FinCEN”).

These licenses and registrations subject BFS to extensive regulatory oversight including record-keeping and reporting obligations, bonding and minimum capital requirements, limitations on the investment and safeguarding of customer funds, and periodic examinations by state and federal regulatory agencies. Applicable licensing regimes also impose requirements relating to changes of control, and the regulatory review or approval of controlling shareholders, directors, and senior management. Regulatory requirements may change over time, and BFS may be required to obtain additional licenses or approvals in the future.

Regulation of Our Virtual Currency Business. We are subject in certain jurisdictions to licensing and regulatory requirements as a result of offering clients the ability to aggregate, buy, sell, convert, and send virtual currency through our platform. Consequently, we are required to comply with applicable federal and state laws, rules, regulations, and supervisory guidance governing such activities, including requirements related to capitalization, consumer protection, anti-money laundering, disclosure, reporting and regulatory supervision and examination.

BFS holds a virtual currency license (“BitLicense”) issued by the New York Department of Financial Services (“NYDFS”), which subjects BFS to NYDFS oversight with respect to virtual currency business activities conducted in New York State and with New York residents. BFS also holds a Louisiana virtual currency business activity license, which subjects BFS to oversight by the Louisiana Office of Financial Institutions with respect to its virtual currency business activity conducted in Louisiana and with Louisiana residents.

In October 2023, the Governor of California signed into law the Digital Financial Assets Law (“DFAL”), which establishes a licensing framework administered by the California Department of Financial Protection and Innovation (“DFPI”) for entities engaged in digital financial asset business activity in California. Based on our current understanding of the DFAL, we expect that certain of our business activities may require licensure under the DFAL and intend to seek the applicable licenses or approvals prior to the DFAL’s effective date of July 1, 2026. The DFAL provides that the DFPI may issue a conditional license to entities that maintain a BitLicense or hold charter as a New York limited purpose trust company with approval to conduct virtual currency business under New York law. We continue to monitor guidance, rulemaking, and interpretive statements issued by the DFPI regarding the scope and application of the DFAL.

-26-

The laws and regulatory framework applicable to digital assets and related services remain subject to interpretation and change. For instance, the SEC has indicated in various enforcement actions and other public statements that certain digital assets may constitute securities under U.S. federal securities laws. Although certain enforcement actions have reportedly been closed without further action,the SEC has not adopted comprehensive rules specifically addressing the regulatory classification of digital assets. Although the SEC has yet to issue guidance, it has put forth analytical frameworks and relevant factors to consider in this analysis, and has recently established a Crypto Task Force, which may reflect evolving regulatory priorities or increased regulatory focus in the area. As a result, our digital asset-related services offered through our platform may become subject to additional registration requirements, regulatory scrutiny, enforcement actions, or other regulatory developments, which could require us to modify, suspend, or discontinue certain products or services or incur additional compliance costs. .

Privacy and Information Cybersecurity Regulations. Aspects of our operations or business are subject to laws and regulation in the United States and in foreign jurisdictions relating to privacy, data protection and cybersecurity. Accordingly, we publish our privacy policies and terms of service, which describe our practices concerning the use, protection, transmission, and disclosure of information. As our business continues to expand in the United States and beyond, and as laws and regulations continue to be passed and their interpretations continue to evolve in numerous jurisdictions, additional laws and regulations may become relevant to us.

Regulatory authorities around the world are considering numerous legislative and regulatory proposals concerning privacy, data protection and cybersecurity. In addition, the interpretation and application of these laws and regulations in the United States and elsewhere are often uncertain and in a state of flux. As our business continues to develop and expand, we continue to monitor the additional rules and regulations that may become relevant. For additional information regarding these laws and regulations and related risks, please see “Risk Factors Risks Related to Regulation, Taxation, and Laws Complying with evolving privacy and other data related laws and requirements may be expensive and force us to make changes to our business, and failure to comply with such laws and requirements could result in substantial harm to our business.”

Consumer Protection Regulation. The Consumer Financial Protection Bureau and other federal and state regulatory agencies, including the Federal Trade Commission, broadly regulate financial products, enforce consumer protection laws applicable to credit, deposit, prepaid products, and payments, and other similar products, and possess supervisory and enforcement authority with respect to such activities. Such agencies have broad consumer protection mandates, and they promulgate, interpret, and enforce laws, rules and regulations, including with respect to unfair, deceptive, or abusive acts or practices (“UDAAP”) and other consumer protection standards that may impact or apply to our business.

For example, under federal and state financial privacy laws and regulations, we must provide notice to consumers of our policies on sharing non-public information with third parties, among other requirements. In addition, under the Electronic Fund Transfer Act (“EFTA”) and its implementing regulations, we are required to disclose the terms of, and any fees applicable to, our electronic fund transfer services to consumers prior to their use of the service, and comply with applicable error resolution, consumer liability and related disclosure.

Anti-Money Laundering and Counter-Terrorism Regulation. We are subject to AML laws and regulations in the United States, including the BSA, as amended, and its implemented regulations enforced by FinCEN, as well as other federal and state laws designed to prevent the use of the financial systems to facilitate terrorist activities and other illicit conduct. We have implemented a comprehensive AML compliance program designed to prevent our platform from being used to facilitate money laundering, terrorist financing, and other illicit activity. Our program is also designed to prevent our platform from being used to facilitate business in countries, or with persons or entities, included on designated sanctions lists promulgated by OFAC and comparable foreign sanction authorities.

Our AML compliance program is comprised of policies, procedures, reporting protocols, and internal controls, including including reporting requirements for suspicious transactions, the designation of a compliance officer, employee

-27-

training, and periodic independent testing and review of the program. It is designed to address applicable legal and regulatory requirements and to mitigate risk associated with money laundering, terrorist financing and sanctions violations. Failure to comply with applicable AML, sanctions, and counter-terrorist financing requirements may result in regulatory investigations, administrative enforcement actions, monetary penalties, civil or criminal liability, or other sanctions.

Indirect Regulatory Requirements. We maintain relationships with certain clients, including banks and other financial institutions in the United States, that are regulated by state, local and federal agencies. Because of these relationships, we may be subject to oversight by such institutions’ regulators, including examination to the extent such regulators exercise their authorities under applicable law. In addition, the federal banking agencies have issued supervisory guidance applicable to banks with respect to their relationships with third parties. This guidance may apply to us and our bank clients in connection with the overall relationship, including with respect to strategies and objectives, financial condition, risk management, information security and systems, operational resilience, audit rights, and performance standards. We generally seek to address these indirect regulatory requirements in our commercial agreements, as appropriate.

Escheatment and Unclaimed Property Regulations. There is regulatory uncertainty regarding how states and jurisdictions treat virtual currencies and other digital assets under unclaimed property laws and regulations. Unclaimed property laws, as may be applicable, require us to report and to remit certain government authorities the property of others held by us that has been unclaimed for a specified period of time. We have policies and procedures designed to help us comply with these laws.

Intellectual Property

The protection of our intellectual property and all corresponding rights throughout the world, including our trademarks, service marks, trade dress, logos, trade names, domain names, goodwill, patents, copyrights, works of authorship (whether or not copyrightable), software and trade secrets, know-how, and proprietary and other confidential information, together with all applications, registrations, renewals, extensions, improvements and counterparts in connection with any of the foregoing, is important to the success of our business. We seek to protect our intellectual property rights by filing applications in various patent, trademark and other government offices, and relying on applicable laws and regulations in the U.S. and internationally, as well as a variety of administrative procedures. We have sought to register our core brands as domain names and as trademarks and service marks in the U.S. and a large number of other jurisdictions. We also have in place an active program to continue to secure, police and enforce trademarks, service marks, trade dress, logos, trade names, and domain names that correspond to our brands in markets of interest. We have filed patent applications in the U.S. covering certain aspects of our proprietary technology and new innovations. We also rely on contractual restrictions to protect our proprietary rights where appropriate when offering or procuring products and services. We have routinely entered into confidentiality and invention disclosure and assignment agreements with our employees and contractors, and non-disclosure agreements with external parties with whom we conduct business to control access to, and use and disclosure of, our proprietary information.

Human Capital

We recognize that the future of digital financial infrastructure is not built solely on code, but on the specialized expertise and collaboration of our employees. We believe in cultivating an entrepreneurial culture, built on the pillars of transparency, ownership, and accountability. As of December 31, 2025, we had a total of 48 employees, all of whom were full-time employees located in the United States. We also engage contractors, consultants and professionals throughout the globe, as needed to support our operations.

Available Information

Our website is http://www.bakkt.com, and our investor relations website is located at https://investors.bakkt.com, where we make available, free of charge, our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q and Current

-28-

Reports on Form 8-K and amendments to those reports filed or furnished pursuant to Section 13(a) or 15(d) of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), as well as proxy statements, as soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC.

We use our investor relations website to post important information for investors, including news releases, analyst presentations, and supplemental financial information, and as a means of disclosing material non-public information and for complying with our disclosure obligations under Regulation FD. We use these channels as well as social media to communicate with the public about our company. It is possible that the information we post on social media could be deemed to be material information. Accordingly, investors should monitor our investor relations website as well as the social media channels listed on our investor relations website. The information on our website or any other website is not incorporated by reference into this Form 10-K.

-29-