Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	AerCap relies on the secure operation of its information systems and the information systems of its third-party providers to manage, process, store and transmit information in the conduct of its operations. As a result, it faces cybersecurity threats including, but not limited to, hacking, phishing, viruses, malware and other attacks on its digital networks and systems. AerCap has adopted and maintains an active cybersecurity strategy, including preventative technology solutions, to assess, identify and manage material risks from cybersecurity threats and to respond to cybersecurity incidents. These processes include: •System selection. We use a Cloud-First strategy, which prioritizes cloud computing over legacy information systems, thereby providing operational resilience and agility with critical business processes, systems and applications available on a near continuous basis. •System assessment. Our specialist cybersecurity team, in conjunction with external technical specialists and our Security Operation Center, apply risk assessment, management and mitigation tools, technologies and processes aligned to the U.S. National Institute of Standards and Technology’s Cybersecurity Framework (“NIST-CSF”). We regularly evaluate our information technology assets, data, systems, and architectures to identify, assess and remediate areas of vulnerability. These evaluations include performing proactive penetration and vulnerability testing and regular maturity assessments against the NIST-CSF security domains. Observations noted are considered as part of our risk assessment procedures. •System protection. We deploy a variety of methods of defense such as endpoint security, email and web filtering, access management and security monitoring to provide appropriate levels of protection against cybersecurity threats. •Threat monitoring. We actively monitor our systems to prevent and detect any future cybersecurity threats and separately, we monitor cybersecurity threats or incidents committed against other companies as such events become public. This allows us to remain current with the latest trends in cybersecurity and make improvements to our strategy to ensure that our defenses consider newly identified and developing areas of cybersecurity threat. •Threat response. We have put in place response procedures for prompt cybersecurity incident identification, reporting and remediation if we are subject to an information system security breach. These include the preparation of detailed response, recovery and business continuity plans in order to minimize the impact of a potential cybersecurity incident. These plans are tested and reviewed on a regular basis to ensure that they adequately capture the potential impact of newly identified and evolving cybersecurity threats. •Employee and contractor training. We provide staff and contractors with annual training on cybersecurity risk areas and undertake regular cybersecurity awareness campaigns. The training covers areas such as personal digital footprint, privacy settings, phishing, information security at home and at work, ransomware, password hygiene and business email compromise. •Compliance with data protection frameworks. We closely monitor changes in data protection rules and guidance. This allows us to maintain compliance with applicable laws and to keep ahead of developments and regulatory shifts. •Strategy alignment. AerCap has appointed a Director of Cybersecurity who is responsible for overseeing the alignment of the cybersecurity strategy with the strategic plan of the Company. The processes outlined above have been integrated into our overall risk management strategy through the ongoing maintenance of an IT risk register (which includes cybersecurity risks), that is reviewed quarterly by our Chief Information Officer (“CIO”), who also acts as our Chief Information Security Officer (“CISO”). The CIO also reviews our cybersecurity policies, including our IT Security and Cybercrime Policy and our code of conduct on the use of our information technology infrastructure, and our Business Continuity Policy, on an annual basis.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	The processes outlined above have been integrated into our overall risk management strategy through the ongoing maintenance of an IT risk register (which includes cybersecurity risks), that is reviewed quarterly by our Chief Information Officer (“CIO”), who also acts as our Chief Information Security Officer (“CISO”). The CIO also reviews our cybersecurity policies, including our IT Security and Cybercrime Policy and our code of conduct on the use of our information technology infrastructure, and our Business Continuity Policy, on an annual basis.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Board has ultimate responsibility for the oversight of cybersecurity risks and responses to cybersecurity incidents, should they arise.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board has ultimate responsibility for the oversight of cybersecurity risks and responses to cybersecurity incidents, should they arise. The Board has mandated the Board Audit Committee to manage this responsibility in the first instance, on behalf of the Board. Two Board members (who are also Audit Committee members) have completed the Cybersecurity Accountability and the Corporate Board course at Carnegie Mellon University.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our internal audit function, and auditors performing the Company’s audit in compliance with the Sarbanes-Oxley Act of 2002, also provide regular updates to the Audit Committee and Board on their assessment of the effectiveness of controls over IT systems. The Chief Executive Officer is briefed on an ad hoc basis about cybersecurity incidents, threats and related matters by the CIO. Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him.
Cybersecurity Risk Role of Management [Text Block]	The Board has ultimate responsibility for the oversight of cybersecurity risks and responses to cybersecurity incidents, should they arise. The Board has mandated the Board Audit Committee to manage this responsibility in the first instance, on behalf of the Board. Two Board members (who are also Audit Committee members) have completed the Cybersecurity Accountability and the Corporate Board course at Carnegie Mellon University. Our CIO presents a formal annual cybersecurity update to our Board. These discussions generally include an update on the Company’s current cybersecurity risk assessment, any changes in regulations concerning data privacy and cybersecurity, results of the annual NIST-CSF-based assessments and any incidents or breaches which took place during the period. The Audit Committee and Board also regularly receive cybersecurity updates from the CIO, joined by other members of management or external advisors as relevant. Our internal audit function, and auditors performing the Company’s audit in compliance with the Sarbanes-Oxley Act of 2002, also provide regular updates to the Audit Committee and Board on their assessment of the effectiveness of controls over IT systems. The Chief Executive Officer is briefed on an ad hoc basis about cybersecurity incidents, threats and related matters by the CIO. Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him. Our CIO is responsible for assessing and managing material risks from cybersecurity threats. Our current CIO has served in this position for over nine years and has significant experience in managing complex system implementations on a global scale, transforming IT functions and running high quality teams. His experience extends to working within large multinational companies including IBM, Volkswagen, National Grid and E.ON. Three management committees, primarily consisting of officers of the Company, support the work of the CIO with respect to cybersecurity matters: •The IT Steering Committee, chaired by the Chief Financial Officer and composed of officers of the Company, meets quarterly to evaluate, rate and manage the cybersecurity and broader information systems risks affecting the Company. •The Data Protection and Cybersecurity Committee, chaired by the Chief Compliance Officer and composed of officers of the Company, including the CIO and Head of Human Resources, meets quarterly to monitor compliance with applicable data protection requirements, and to ensure that appropriate measures are in place to actively manage cybersecurity threats. •The Disclosure Committee, composed of senior management and officers of the Company, including the CIO, assists our Chief Executive Officer and Chief Financial Officer in overseeing our financial and non-financial disclosure activities and to ensure compliance with applicable disclosure requirements arising under U.S. and Dutch law and regulatory requirements. The committee also assesses whether any cybersecurity incidents are deemed to require disclosure under SEC requirements. Incident response procedures are in place to ensure that the occurrence of a cybersecurity incident is appropriately reported to our Group Executive Committee and business continuity plans are mobilized to minimize disruption to business operations.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our CIO is responsible for assessing and managing material risks from cybersecurity threats. Our current CIO has served in this position for over nine years and has significant experience in managing complex system implementations on a global scale, transforming IT functions and running high quality teams. His experience extends to working within large multinational companies including IBM, Volkswagen, National Grid and E.ON. Three management committees, primarily consisting of officers of the Company, support the work of the CIO with respect to cybersecurity matters: •The IT Steering Committee, chaired by the Chief Financial Officer and composed of officers of the Company, meets quarterly to evaluate, rate and manage the cybersecurity and broader information systems risks affecting the Company. •The Data Protection and Cybersecurity Committee, chaired by the Chief Compliance Officer and composed of officers of the Company, including the CIO and Head of Human Resources, meets quarterly to monitor compliance with applicable data protection requirements, and to ensure that appropriate measures are in place to actively manage cybersecurity threats. •The Disclosure Committee, composed of senior management and officers of the Company, including the CIO, assists our Chief Executive Officer and Chief Financial Officer in overseeing our financial and non-financial disclosure activities and to ensure compliance with applicable disclosure requirements arising under U.S. and Dutch law and regulatory requirements. The committee also assesses whether any cybersecurity incidents are deemed to require disclosure under SEC requirements.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our current CIO has served in this position for over nine years and has significant experience in managing complex system implementations on a global scale, transforming IT functions and running high quality teams. His experience extends to working within large multinational companies including IBM, Volkswagen, National Grid and E.ON.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

AerCap relies on the secure operation of its information systems and the information systems of its third-party providers to manage, process, store and transmit information in the conduct of its operations. As a result, it faces cybersecurity threats including, but not limited to, hacking, phishing, viruses, malware and other attacks on its digital networks and systems.

AerCap has adopted and maintains an active cybersecurity strategy, including preventative technology solutions, to assess, identify and manage material risks from cybersecurity threats and to respond to cybersecurity incidents. These processes include:

•System selection. We use a Cloud-First strategy, which prioritizes cloud computing over legacy information systems, thereby providing operational resilience and agility with critical business processes, systems and applications available on a near continuous basis.

•System assessment. Our specialist cybersecurity team, in conjunction with external technical specialists and our Security Operation Center, apply risk assessment, management and mitigation tools, technologies and processes aligned to the U.S. National Institute of Standards and Technology’s Cybersecurity Framework (“NIST-CSF”). We regularly evaluate our information technology assets, data, systems, and architectures to identify, assess and remediate areas of vulnerability. These evaluations include performing proactive penetration and vulnerability testing and regular maturity assessments against the NIST-CSF security domains. Observations noted are considered as part of our risk assessment procedures.

•System protection. We deploy a variety of methods of defense such as endpoint security, email and web filtering, access management and security monitoring to provide appropriate levels of protection against cybersecurity threats.

•Threat monitoring. We actively monitor our systems to prevent and detect any future cybersecurity threats and separately, we monitor cybersecurity threats or incidents committed against other companies as such events become public. This allows us to remain current with the latest trends in cybersecurity and make improvements to our strategy to ensure that our defenses consider newly identified and developing areas of cybersecurity threat.

•Threat response. We have put in place response procedures for prompt cybersecurity incident identification, reporting and remediation if we are subject to an information system security breach. These include the preparation of detailed response, recovery and business continuity plans in order to minimize the impact of a potential cybersecurity incident. These plans are tested and reviewed on a regular basis to ensure that they adequately capture the potential impact of newly identified and evolving cybersecurity threats.

•Employee and contractor training. We provide staff and contractors with annual training on cybersecurity risk areas and undertake regular cybersecurity awareness campaigns. The training covers areas such as personal digital footprint, privacy settings, phishing, information security at home and at work, ransomware, password hygiene and business email compromise.

•Compliance with data protection frameworks. We closely monitor changes in data protection rules and guidance. This allows us to maintain compliance with applicable laws and to keep ahead of developments and regulatory shifts.

•Strategy alignment. AerCap has appointed a Director of Cybersecurity who is responsible for overseeing the alignment of the cybersecurity strategy with the strategic plan of the Company.

The processes outlined above have been integrated into our overall risk management strategy through the ongoing maintenance of an IT risk register (which includes cybersecurity risks), that is reviewed quarterly by our Chief Information Officer (“CIO”), who also acts as our Chief Information Security Officer (“CISO”). The CIO also reviews our cybersecurity policies, including our IT Security and Cybercrime Policy and our code of conduct on the use of our information technology infrastructure, and our Business Continuity Policy, on an annual basis.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Board has ultimate responsibility for the oversight of cybersecurity risks and responses to cybersecurity incidents, should they arise.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board has ultimate responsibility for the oversight of cybersecurity risks and responses to cybersecurity incidents, should they arise. The Board has mandated the Board Audit Committee to manage this responsibility in the first instance, on behalf of the Board. Two Board members (who are also Audit Committee members) have completed the Cybersecurity Accountability and the Corporate Board course at Carnegie Mellon University.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our internal audit function, and auditors performing the Company’s audit in compliance with the Sarbanes-Oxley Act of 2002, also provide regular updates to the Audit Committee and Board on their assessment of the effectiveness of controls over IT systems. The Chief Executive Officer is briefed on an ad hoc basis about cybersecurity incidents, threats and related matters by the CIO. Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him.

Cybersecurity Risk Role of Management [Text Block]

Our CIO presents a formal annual cybersecurity update to our Board. These discussions generally include an update on the Company’s current cybersecurity risk assessment, any changes in regulations concerning data privacy and cybersecurity, results of the annual NIST-CSF-based assessments and any incidents or breaches which took place during the period. The Audit Committee and Board also regularly receive cybersecurity updates from the CIO, joined by other members of management or external advisors as relevant. Our internal audit function, and auditors performing the Company’s audit in compliance with the Sarbanes-Oxley Act of 2002, also provide regular updates to the Audit Committee and Board on their assessment of the effectiveness of controls over IT systems. The Chief Executive Officer is briefed on an ad hoc basis about cybersecurity incidents, threats and related matters by the CIO. Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him.

Our CIO is responsible for assessing and managing material risks from cybersecurity threats. Our current CIO has served in this position for over nine years and has significant experience in managing complex system implementations on a global scale, transforming IT functions and running high quality teams. His experience extends to working within large multinational companies including IBM, Volkswagen, National Grid and E.ON.

Three management committees, primarily consisting of officers of the Company, support the work of the CIO with respect to cybersecurity matters:

•The IT Steering Committee, chaired by the Chief Financial Officer and composed of officers of the Company, meets quarterly to evaluate, rate and manage the cybersecurity and broader information systems risks affecting the Company.

•The Data Protection and Cybersecurity Committee, chaired by the Chief Compliance Officer and composed of officers of the Company, including the CIO and Head of Human Resources, meets quarterly to monitor compliance with applicable data protection requirements, and to ensure that appropriate measures are in place to actively manage cybersecurity threats.

•The Disclosure Committee, composed of senior management and officers of the Company, including the CIO, assists our Chief Executive Officer and Chief Financial Officer in overseeing our financial and non-financial disclosure activities and to ensure compliance with applicable disclosure requirements arising under U.S. and Dutch law and regulatory requirements. The committee also assesses whether any cybersecurity incidents are deemed to require disclosure under SEC requirements.

Incident response procedures are in place to ensure that the occurrence of a cybersecurity incident is appropriately reported to our Group Executive Committee and business continuity plans are mobilized to minimize disruption to business operations.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Three management committees, primarily consisting of officers of the Company, support the work of the CIO with respect to cybersecurity matters:

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our current CIO has served in this position for over nine years and has significant experience in managing complex system implementations on a global scale, transforming IT functions and running high quality teams. His experience extends to working within large multinational companies including IBM, Volkswagen, National Grid and E.ON.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Our CIO is regularly briefed by the Director of Cybersecurity who reports directly to him.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true