XML 58 R38.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity risk management is an important and continuously evolving focus for the Company. Resources are devoted to protecting and enhancing the security of computer systems, software, networks, storage devices, and other technology assets. The Company’s security efforts are designed and tested to protect against, among other things, cybersecurity attacks by unauthorized parties attempting to obtain access to confidential information, destroy data, disrupt, or degrade service, sabotage systems or cause other damage. The Company has implemented precautionary measures and controls reasonably designed to address this increased risk, such as enhanced threat monitoring. The Company continues to make investments and partner with qualified third parties to enhance its cyber defense capabilities to monitor the evolving spectrum of cybersecurity risks in the operating environment, enhance defenses and improve resiliency against cybersecurity threats. The Company actively participates in discussions and simulations of cybersecurity risks and has engaged in efforts to educate all employees on the topic of cybersecurity risks.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] The information security program and overall cybersecurity risk management processes are aligned and integrated into the Company’s overall risk profile and appetite through the Company’s Enterprise Risk Management Committee.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Audit Committee, is responsible for the oversight of cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] the board of directors and Audit Committee receive periodic updates on the Company’s Information Security Program, cybersecurity policies and practices, ongoing efforts to improve security, as well as the Company’s efforts to prevent, detect, mitigate, and remediate significant cybersecurity incidents.
Cybersecurity Risk Role of Management [Text Block] Management utilizes its Enterprise Risk Management Committee and IT Steering Committee, comprised of senior leaders including the Company’s CRO, CTO, Chief Financial Officer, and other leaders with cybersecurity expertise, to disseminate information and monitor information security efforts throughout the Company. Each committee’s charter, in addition to the Information Security Policy, establishes roles and responsibilities related the Company’s cybersecurity governance and program.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Company’s risk and technology teams, led by the Company’s Chief Risk Officer (“CRO”) and Chief Technology Officer (“CTO”), respectively, are responsible for leading the incident response team, identifying technology and cybersecurity risks, utilizing management’s expertise in assessing the materiality of cybersecurity events, and are responsible for the controls to manage threats.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] senior leaders including the Company’s CRO, CTO, Chief Financial Officer, and other leaders with cybersecurity expertise, to disseminate information and monitor information security efforts throughout the Company.