Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Sep. 30, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Management and Strategy We recognize the importance of assessing, identifying and managing material risks from cybersecurity threats. Our cybersecurity program focuses on (i) identification of and protection from cybersecurity risks, (ii) detection and analysis of cybersecurity events, (iii) response to and recovery from cybersecurity incidents, and (iv) education and awareness. Under our program, designated personnel are responsible for: •assessing the severity of a cybersecurity incident and associated threat; •containing the threat; •remediating the threat, including recovery of data and access to systems; •analyzing the reporting obligations associated with the incident; and •performing post-incident analysis and program improvements. Our cybersecurity team is led by our Chief Security Officer (“CSO”) or the CSO’s delegee partnering with our risk, technology, legal, compliance, privacy, human resources, and other applicable business teams. Identification and Protection. Our cybersecurity program has established processes to identify and categorize cybersecurity threats and vulnerabilities as part of our risk identification process, pursuant to which we regularly seek to obtain, monitor, assess and respond to evolving threat and vulnerability information. Information about threats and vulnerabilities generally originates from multiple sources, including, but not limited to, government, information-sharing organizations, industry threat intelligence sources, and third parties. The identification of risks is supported through various security controls and testing to help minimize exposure to reported cybersecurity threats and vulnerabilities. These security controls include, but are not limited to, penetration testing, compromise assessments, vulnerability scanning, and various additional internal and external security audits and assessments. In addition, we maintain a third-party risk management program that includes an initial and periodic cybersecurity assessment on critical vendors’ security posture and controls. Detection and Analysis. Cybersecurity incidents may be detected through a variety of means, which include, but are not limited to, automated event-detection notifications or similar technologies that are monitored by our security operations team, as well as notifications from employees or third-party providers. Once a cybersecurity incident is identified, including third-party cybersecurity events, our incident response team investigates the incident, determines the nature of the event and assesses the severity of the event, including any operational impact and sensitivity of any compromised data. Response and Recovery. In the event of a cybersecurity incident, our initial focus is to contain the cybersecurity incident as quickly as possible consistent with our incident response plan. Once a cybersecurity incident is contained, we focus on remediation and recovery activities, which depend on the nature of the cybersecurity incident. We have relationships with third-party providers to assist with cybersecurity containment and remediation efforts, including for example, forensic investigations and incident response management. If a cybersecurity incident materially impacts us, or is expected to materially impact us, we promptly notify senior management, the Franklin Board of Directors (“Board”) and/or Franklin Audit Committee, as appropriate based on the severity of the incident. Our response plan also addresses engagement with appropriate individuals and committees with respect to disclosure determinations related to cybersecurity incidents. We review and, if necessary, update our cyber security incident response plan at least annually. Education and Awareness. Our cybersecurity education and awareness program for employees and contractors covers a wide range of cyber topics including, but not limited to, policies and procedures, business/technology roles and responsibilities, threats and vulnerabilities, data privacy, confidentiality and asset protection. Our employees and contractors are required to complete mandatory initial onboarding and annual cybersecurity trainings, supplemented by other periodic cyber-related testing and training.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We recognize the importance of assessing, identifying and managing material risks from cybersecurity threats. Our cybersecurity program focuses on (i) identification of and protection from cybersecurity risks, (ii) detection and analysis of cybersecurity events, (iii) response to and recovery from cybersecurity incidents, and (iv) education and awareness. Under our program, designated personnel are responsible for: •assessing the severity of a cybersecurity incident and associated threat; •containing the threat; •remediating the threat, including recovery of data and access to systems; •analyzing the reporting obligations associated with the incident; and •performing post-incident analysis and program improvements.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	We are not aware of any cybersecurity threats or incidents that have materially impacted us during the fiscal year ended September 30, 2025, or that are reasonably likely to materially affect our business, including our business strategy, results of operations or financial condition. We routinely face risks of cybersecurity incidents, whether through attempted or actual: cyber-attacks or cyber intrusions, ransomware and other forms of malware, computer viruses, attachments to emails, individual or brand impersonation, phishing, extortion or other scams. Although we make efforts to maintain the security and integrity of our systems, these systems and the proprietary, confidential and personal information that resides on or is transmitted through them, are subject to the risk of a cybersecurity incident or disruption, and there can be no assurances regarding the effectiveness of our security efforts and measures or those of our third-party providers who have access to, transmit, or store such data. For additional information regarding our cybersecurity risks, see our risk factors under Item 1A in Part I of this Annual Report.
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance Our Board is responsible for the oversight of our cybersecurity risk management program. The Board has delegated to the Franklin Audit Committee oversight responsibility regarding cybersecurity risks. Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management. The Board and/or Audit Committee receive(s) a report on cybersecurity matters, including threats, events and program enhancements, at least annually. We update our cybersecurity policies at a minimum annually and benchmark our program to applicable cybersecurity standards and frameworks. We are not aware of any cybersecurity threats or incidents that have materially impacted us during the fiscal year ended September 30, 2025, or that are reasonably likely to materially affect our business, including our business strategy, results of operations or financial condition. We routinely face risks of cybersecurity incidents, whether through attempted or actual: cyber-attacks or cyber intrusions, ransomware and other forms of malware, computer viruses, attachments to emails, individual or brand impersonation, phishing, extortion or other scams. Although we make efforts to maintain the security and integrity of our systems, these systems and the proprietary, confidential and personal information that resides on or is transmitted through them, are subject to the risk of a cybersecurity incident or disruption, and there can be no assurances regarding the effectiveness of our security efforts and measures or those of our third-party providers who have access to, transmit, or store such data. For additional information regarding our cybersecurity risks, see our risk factors under Item 1A in Part I of this Annual Report.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board is responsible for the oversight of our cybersecurity risk management program. The Board has delegated to the Franklin Audit Committee oversight responsibility regarding cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board is responsible for the oversight of our cybersecurity risk management program. The Board has delegated to the Franklin Audit Committee oversight responsibility regarding cybersecurity risks. Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management. The Board and/or Audit Committee receive(s) a report on cybersecurity matters, including threats, events and program enhancements, at least annually.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Sep. 30, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

We recognize the importance of assessing, identifying and managing material risks from cybersecurity threats. Our cybersecurity program focuses on (i) identification of and protection from cybersecurity risks, (ii) detection and analysis of cybersecurity events, (iii) response to and recovery from cybersecurity incidents, and (iv) education and awareness. Under our program, designated personnel are responsible for:

•assessing the severity of a cybersecurity incident and associated threat;

•containing the threat;

•remediating the threat, including recovery of data and access to systems;

•analyzing the reporting obligations associated with the incident; and

•performing post-incident analysis and program improvements.

Our cybersecurity team is led by our Chief Security Officer (“CSO”) or the CSO’s delegee partnering with our risk, technology, legal, compliance, privacy, human resources, and other applicable business teams.

Identification and Protection. Our cybersecurity program has established processes to identify and categorize cybersecurity threats and vulnerabilities as part of our risk identification process, pursuant to which we regularly seek to obtain, monitor, assess and respond to evolving threat and vulnerability information. Information about threats and vulnerabilities generally originates from multiple sources, including, but not limited to, government, information-sharing organizations, industry threat intelligence sources, and third parties. The identification of risks is supported through various security controls and testing to help minimize exposure to reported cybersecurity threats and vulnerabilities. These security controls include, but are not limited to, penetration testing, compromise assessments, vulnerability scanning, and various additional internal and external security audits and assessments. In addition, we maintain a third-party risk management program that includes an initial and periodic cybersecurity assessment on critical vendors’ security posture and controls.

Detection and Analysis. Cybersecurity incidents may be detected through a variety of means, which include, but are not limited to, automated event-detection notifications or similar technologies that are monitored by our security operations team, as well as notifications from employees or third-party providers. Once a cybersecurity incident is identified, including third-party cybersecurity events, our incident response team investigates the incident, determines the nature of the event and assesses the severity of the event, including any operational impact and sensitivity of any compromised data.

Response and Recovery. In the event of a cybersecurity incident, our initial focus is to contain the cybersecurity incident as quickly as possible consistent with our incident response plan. Once a cybersecurity incident is contained, we focus on remediation and recovery activities, which depend on the nature of the cybersecurity incident. We have relationships with third-party providers to assist with cybersecurity containment and remediation efforts, including for example, forensic investigations and incident response management. If a cybersecurity incident materially impacts us, or is expected to materially impact us, we promptly notify senior management, the Franklin Board of Directors (“Board”) and/or Franklin Audit Committee, as appropriate based on the severity of the incident. Our response plan also addresses engagement with appropriate individuals and committees with respect to disclosure determinations related to cybersecurity incidents. We review and, if necessary, update our cyber security incident response plan at least annually.

Education and Awareness. Our cybersecurity education and awareness program for employees and contractors covers a wide range of cyber topics including, but not limited to, policies and procedures, business/technology roles and responsibilities, threats and vulnerabilities, data privacy, confidentiality and asset protection. Our employees and contractors are required to complete mandatory initial onboarding and annual cybersecurity trainings, supplemented by other periodic cyber-related testing and training.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

•assessing the severity of a cybersecurity incident and associated threat;

•containing the threat;

•remediating the threat, including recovery of data and access to systems;

•analyzing the reporting obligations associated with the incident; and

•performing post-incident analysis and program improvements.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

We are not aware of any cybersecurity threats or incidents that have materially impacted us during the fiscal year ended September 30, 2025, or that are reasonably likely to materially affect our business, including our business strategy, results of operations or financial condition. We routinely face risks of cybersecurity incidents, whether through attempted or actual: cyber-attacks or cyber intrusions, ransomware and other forms of malware, computer viruses, attachments to emails, individual or brand impersonation, phishing, extortion or other scams. Although we make efforts to maintain the security and integrity of our systems, these systems and the proprietary, confidential and personal information that resides on or is transmitted through them, are subject to the risk of a cybersecurity incident or disruption, and there can be no assurances regarding the effectiveness of our security efforts and measures or those of our third-party providers who have access to, transmit, or store such data. For additional information regarding our cybersecurity risks, see our risk factors under Item 1A in Part I of this Annual Report.

Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Our Board is responsible for the oversight of our cybersecurity risk management program. The Board has delegated to the Franklin Audit Committee oversight responsibility regarding cybersecurity risks. Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management. The Board and/or Audit Committee receive(s) a report on cybersecurity matters, including threats, events and program enhancements, at least annually. We update our cybersecurity policies at a minimum annually and benchmark our program to applicable cybersecurity standards and frameworks.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our CSO reports directly to our Chief Risk and Transformation Officer, each of whom has extensive experience in information security and risk management.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true