Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk management and strategy Cybersecurity and Corporate Security at YPF are defined as the protection of YPF’s assets, processes and operations from various types of cybersecurity threats. Cybersecurity risk management is responsibility of our Compliance and Cyber-Risk Management team, overseen by our Chief Information Security Officer (“CISO”). The management of Cybersecurity and Corporate Security is aligned with the Company’s Corporate Risk Management Policy, which is continuously applied throughout the organization, integrating different teams to build a culture and to develop best practices on risk management. This culture is in accordance with our corporate ethical values, including the following: “ We prioritize security: We protect people and their environment, safeguard information, assets, and reputation of the Company ”, as set forth in the CDEyC and complementary policies of the Company. Our Corporate Risk Management Policy is based on ISO 31000 “International Organization for Standardization Risk Management” and the guidelines issued by the Committee of Sponsoring Organizations of the Treadway Commission, Enterprise Risk Management (“COSO ERM”). In addition, a Cyber-Risk Standard for cybersecurity has been implemented based on best practices and international standards. Each cybersecurity risk is evaluated by considering exposure, probability of occurrence and consequences, allowing YPF to prioritize risk management efforts and assess the criticality levels of both inherent and residual risks. The Company has a Corporate Risk Management Model, which is supported by a comprehensive software deployed across the entire Company, enabling the identification, assessment and monitoring of risks. This software generates reports and indicators, activates alarms and establishes interactions for users that are adapted to multiple scenarios. As cyber-attacks become more sophisticated, YPF remains committed to making efforts for enhancing its detection, prevention and monitoring capabilities. The Company consistently assesses and, if necessary, improves its cybersecurity measures to reduce the risk of cyber-attacks. This includes adopting software and tools designed for the timely detection of potential intrusions, promoting the preparedness for responding to intrusions and maximizing the Company’s resilience in the event of destructive cybersecurity incidents. Regarding the Company’s response plan for cybersecurity incidents, YPF has implemented an ongoing review mechanism that includes processes to triage, assess severity of, escalate, contain, investigate and remediate cybersecurity incidents, which could contribute to mitigate operational, brand and reputational damage for YPF. Throughout 2024, we continued carrying out various awareness-raising and training activities, focusing on more in-depth training in the Company’s technology, covering areas such as information technology (“IT”), operation technology (“OT”) and cybersecurity. The goal was to raise internal awareness about common cybersecurity issues such as phishing, ransomware and data leaks, among others. YPF monitors developments in IT and cybersecurity, analyzes cybersecurity threats and cybersecurity incidents and conducts mandatory trainings and awareness campaigns for its employees, all aimed at protecting YPF against evolving cybersecurity threats. In addition, to further ensure its cybersecurity, YPF engages external providers to conduct penetration tests on its systems and perform ongoing monitoring activities for potential cyber-risks. Nowadays, the Company continues to enhance the security operations technology monitoring center (“SOC OT”), broadening the scope of monitoring and detecting cybersecurity incidents in industrial networks at an early stage. Our business and results of operations have not been materially affected by cybersecurity threats or incidents; however, no assurance can be given that we will not be subject to any future material cybersecurity incidents. See “Item 3. Risk factors—Risks relating to our business—We may suffer information technology system failures, network disruptions and breaches in data security”. We are adopting Artificial Intelligence (“AI”) technology available via open source or commercial license agreements, and as such, third-parties can use this technology for use in their own products and services. We may not have insight into, or control over, the practices of third parties who may utilize such AI technologies. As such, we cannot guarantee that third parties will not use such AI technologies for improper purposes, including through the dissemination of inaccurate, defamatory or harmful content, intellectual property infringement or misappropriation, furthering bias or discrimination, cybersecurity attacks, data privacy violations, or to develop competing technologies. As such, it is not possible to predict all the risks related to the use of AI and changes in laws, rules, directives, and regulations governing the use of AI may adversely affect our ability to develop and use AI or subject us to legal liability. Nevertheless, the Company has established the basis for best practices in IA together with the Compliance, Legal Services, IT and Cybersecurity teams.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	The management of Cybersecurity and Corporate Security is aligned with the Company’s Corporate Risk Management Policy, which is continuously applied throughout the organization, integrating different teams to build a culture and to develop best practices on risk management. This culture is in accordance with our corporate ethical values, including the following: “ We prioritize security: We protect people and their environment, safeguard information, assets, and reputation of the Company ”, as set forth in the CDEyC and complementary policies of the Company.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	Our business and results of operations have not been materially affected by cybersecurity threats or incidents; however, no assurance can be given that we will not be subject to any future material cybersecurity incidents. See “Item 3. Risk factors—Risks relating to our business—We may suffer information technology system failures, network disruptions and breaches in data security”.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board of Directors of YPF S.A. oversees the evolution, risks and action plans of cybersecurity in YPF, according to the cybersecurity model adopted by YPF, through the Risk and Sustainability Committee which monitors the main risks that are specific to YPF, including cybersecurity risks, and the implementation of the corresponding mitigation actions, among other functions. See “Item 6. Directors, Senior Management and Employees—Management of the Company—Board of Directors’ Committees—Risk and Sustainability Committee”.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	according to the cybersecurity model adopted by YPF, through the Risk and Sustainability Committee which monitors the main risks that are specific to YPF, including cybersecurity risks, and the implementation of the corresponding mitigation actions, among other functions.
Cybersecurity Risk Role of Management [Text Block]	Cybersecurity governance The Board of Directors of YPF S.A. oversees the evolution, risks and action plans of cybersecurity in YPF, according to the cybersecurity model adopted by YPF, through the Risk and Sustainability Committee which monitors the main risks that are specific to YPF, including cybersecurity risks, and the implementation of the corresponding mitigation actions, among other functions. See “Item 6. Directors, Senior Management and Employees—Management of the Company—Board of Directors’ Committees—Risk and Sustainability Committee”. The CISO recommends to the Risk and Sustainability Committee on policies and practices according to best practices on management of cybersecurity risks, among others.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The CISO recommends to the Risk and Sustainability Committee on policies and practices according to best practices on management of cybersecurity risks, among others.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CISO is a position created in 2021, reporting to the Technology Vice Presidency and held by Leonardo Oscar Iglesias since January 2023. For more than 22 years, our CISO has held various positions in different technological areas within the Company, working in the areas of control and telemetry systems for the industrial world, building automation, communications, application/database/SAP Basis maintenance, electronic security systems (CCTV and access control), IT, OT, Cybersecurity and data architecture; and has served as a speaker and moderator on numerous national cybersecurity panels. In YPF, he worked in the following areas: telemetry and control (2003-2009), communications (2009-2011), Head of Special Projects and Technologies (2011-2016), Head of Application Infrastructure (2016-2018), Head of Digital Workplace Services (2019), Cybersecurity Architecture Manager (2019-2020), Enterprise Architecture Manager (2020-2022), and currently holds the position of President of the Cybersecurity Commission at the IAPG and coordinator of the non-financial CISOs group. Regarding his education, he is an engineer from Universidad de Palermo, holds a master’s degree in business administration from Universidad Torcuato Di Tella, holds a diploma in cybersecurity from Universidad de Palermo, and is certified in different technologies.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk management and strategy

Cybersecurity and Corporate Security at YPF are defined as the protection of YPF’s assets, processes and operations from various types of cybersecurity threats. Cybersecurity risk management is responsibility of our Compliance and Cyber-Risk Management team, overseen by our Chief Information Security Officer (“CISO”).

The management of Cybersecurity and Corporate Security is aligned with the Company’s Corporate Risk Management Policy, which is continuously applied throughout the organization, integrating different teams to build a culture and to develop best practices on risk management. This culture is in accordance with our corporate ethical values, including the following: “

We prioritize security: We protect people and their environment, safeguard information, assets, and reputation of the Company

”, as set forth in the CDEyC and complementary policies of the Company.

Our Corporate Risk Management Policy is based on ISO 31000 “International Organization for Standardization Risk Management” and the guidelines issued by the Committee of Sponsoring Organizations of the Treadway Commission, Enterprise Risk Management (“COSO ERM”). In addition, a Cyber-Risk Standard for cybersecurity has been implemented based on best practices and international standards.

Each cybersecurity risk is evaluated by considering exposure, probability of occurrence and consequences, allowing YPF to prioritize risk management efforts and assess the criticality levels of both inherent and residual risks. The Company has a Corporate Risk Management Model, which is supported by a comprehensive software deployed across the entire Company, enabling the identification, assessment and monitoring of risks. This software generates reports and indicators, activates alarms and establishes interactions for users that are adapted to multiple scenarios.

As cyber-attacks become more sophisticated, YPF remains committed to making efforts for enhancing its detection, prevention and monitoring capabilities. The Company consistently assesses and, if necessary, improves its cybersecurity measures to reduce the risk of cyber-attacks. This includes adopting software and tools designed for the timely detection of potential intrusions, promoting the preparedness for responding to intrusions and maximizing the Company’s resilience in the event of destructive cybersecurity incidents. Regarding the Company’s response plan for cybersecurity incidents, YPF has implemented an ongoing review mechanism that includes processes to triage, assess severity of, escalate, contain, investigate and remediate cybersecurity incidents, which could contribute to mitigate operational, brand and reputational damage for YPF.

Throughout 2024, we continued carrying out various awareness-raising and training activities, focusing on more

in-depth

training in the Company’s technology, covering areas such as information technology (“IT”), operation technology (“OT”) and cybersecurity. The goal was to raise internal awareness about common cybersecurity issues such as phishing, ransomware and data leaks, among others. YPF monitors developments in IT and cybersecurity, analyzes cybersecurity threats and cybersecurity incidents and conducts mandatory trainings and awareness campaigns for its employees, all aimed at protecting YPF against evolving cybersecurity threats. In addition, to further ensure its cybersecurity, YPF engages external providers to conduct penetration tests on its systems and perform ongoing monitoring activities for potential cyber-risks.

Nowadays, the Company continues to enhance the security operations technology monitoring center (“SOC OT”), broadening the scope of monitoring and detecting cybersecurity incidents in industrial networks at an early stage.

Our business and results of operations have not been materially affected by cybersecurity threats or incidents; however, no assurance can be given that we will not be subject to any future material cybersecurity incidents. See “Item 3. Risk factors—Risks relating to our business—We may suffer information technology system failures, network disruptions and breaches in data security”.

We are

adopting

Artificial Intelligence (“AI”) technology available via open source or commercial license agreements, and as such, third-parties can use this technology for use in their own products and services. We may not have insight into, or control over, the practices of third parties who may utilize such AI technologies. As such, we cannot guarantee that third parties will not use such AI technologies for improper purposes, including through the dissemination of inaccurate, defamatory or harmful content, intellectual property infringement or misappropriation, furthering bias or discrimination, cybersecurity attacks, data privacy violations, or to develop competing technologies. As such, it is not possible to predict all the risks related to the use of AI and changes in laws, rules, directives, and regulations governing the use of AI may adversely affect our ability to develop and use AI or subject us to legal liability. Nevertheless, the Company has established the basis for best practices in IA together with the Compliance, Legal Services, IT and Cybersecurity teams.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

We prioritize security: We protect people and their environment, safeguard information, assets, and reputation of the Company

”, as set forth in the CDEyC and complementary policies of the Company.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board of Directors of YPF S.A. oversees the evolution, risks and action plans of cybersecurity in YPF, according to the cybersecurity model adopted by YPF, through the Risk and Sustainability Committee which monitors the main risks that are specific to YPF, including cybersecurity risks, and the implementation of the corresponding mitigation actions, among other functions. See “Item 6. Directors, Senior Management and Employees—Management of the Company—Board of Directors’ Committees—Risk and Sustainability Committee”.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

according to the cybersecurity model adopted by YPF, through the Risk and Sustainability Committee which monitors the main risks that are specific to YPF, including cybersecurity risks, and the implementation of the corresponding mitigation actions, among other functions.

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity governance

The CISO recommends to the Risk and Sustainability Committee on policies and practices according to best practices on management of cybersecurity risks, among others.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

The CISO recommends to the Risk and Sustainability Committee on policies and practices according to best practices on management of cybersecurity risks, among others.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The CISO is a position created in 2021, reporting to the Technology Vice Presidency and held by Leonardo Oscar Iglesias since January 2023. For more than 22 years, our CISO has held various positions in different technological areas within the Company, working in the areas of control and telemetry systems for the industrial world, building automation, communications, application/database/SAP Basis maintenance, electronic security systems (CCTV and access control), IT, OT, Cybersecurity and data architecture; and has served as a speaker and moderator on numerous national cybersecurity panels. In YPF, he worked in the following areas: telemetry and control (2003-2009), communications (2009-2011), Head of Special Projects and Technologies (2011-2016), Head of Application Infrastructure (2016-2018), Head of Digital Workplace Services (2019), Cybersecurity Architecture Manager (2019-2020), Enterprise Architecture Manager (2020-2022), and currently holds the position of President of the Cybersecurity Commission at the IAPG and coordinator of the

non-financial

CISOs group. Regarding his education, he is an engineer from Universidad de Palermo, holds a master’s degree in business administration from Universidad Torcuato Di Tella, holds a diploma in cybersecurity from Universidad de Palermo, and is certified in different technologies.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true