Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Management and Strategy The Company identifies, assesses, and manages cybersecurity risks as part of its risk management program. Our cybersecurity strategy aligns the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF”), applicable regulatory guidelines and other industry practices to secure critical information systems and sensitive data. Key components of the Company’s cybersecurity program include: •Risk Assessment & Management: Regular identification and evaluation of cybersecurity threats, vulnerabilities, and exposures informed by threat intelligence, industry trends, and regulatory developments. •Governance & Oversight: Defined cybersecurity policies and procedures overseen by senior management and the Board of Directors. The Director of Technology is responsible for monitoring cybersecurity risks and reporting any material threats or incidents to the IT Committee or Board for oversight, strategic response planning, and mitigation efforts. •Access Controls & Identity Management: Implementation of multi-factor authentication, role-based access controls, and monitoring of user permissions. •Incident Detection & Response: Security monitoring supported by an incident response plan designed for timely identification, containment, and remediation of cybersecurity incidents. •Data Protection & Encryption: Encryption, standards, data loss prevention protocols, and secure data storage measures for sensitive client and corporate information. •Third-Party Risk Management: Security assessments, monitoring, and contractual requirements to manage cybersecurity risks from third-party vendors. •Training & Awareness: Mandatory cybersecurity training for employees to enhance awareness of cybersecurity threats and compliance requirements. •Regulatory Compliance & Audit: Regular internal and external cybersecurity audits to assess compliance with applicable regulations, standards, and Company policies. •Continuous Improvement & Testing: Periodic penetration tests and vulnerability assessments to evaluate cybersecurity risks and enhanced security measures. Program updates are implemented as needed to address emerging threats and align with evolving industry best practices. The Company uses third-party assessors, auditors, and consultants to independently evaluate security practices through penetration testing, vulnerability assessments, and vendor evaluations. Despite these measures, the Company acknowledges that cybersecurity incidents cannot be fully prevented. Third-Party Risk Management Cybersecurity risks posed by third-party vendors and service providers are integrated into the Company’s risk management framework. Vendor security practices, compliance with contractual cybersecurity obligations, and exposure to cybersecurity threats related to external providers are assessed regularly. While these efforts aim to assess and mitigate cybersecurity risks, no security assessment can eliminate all potential risks associated with third-party vendors.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity risks posed by third-party vendors and service providers are integrated into the Company’s risk management framework. Vendor security practices, compliance with contractual cybersecurity obligations, and exposure to cybersecurity threats related to external providers are assessed regularly. While these efforts aim to assess and mitigate cybersecurity risks, no security assessment can eliminate all potential risks associated with third-party vendors.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Board oversees cybersecurity through the Bank’s Information Technology Committee (“IT Committee”), the Company’s Audit Committee, and the Company’s Risk Committee, aligning cybersecurity practices with the Company’s risk management framework and regulatory requirements. Updates on cybersecurity strategy, risk assessments, and regulatory developments are provided to the relevant committees. The Risk Committee monitors the quality and effectiveness of the Company’s information technology security, and at least annually reviews, appraises, and discuss with management the quality and effectiveness of the Company’s information technology security, data privacy, disaster recovery capabilities and cybersecurity and related risks. Additionally, the IT Committee reviews quarterly reports regarding the information security program and technology program, key enterprise cybersecurity initiatives, and other matters relating to cybersecurity processes. Cybersecurity and IT risks are reported to the Board through multiple channels. The IT Committee Chair periodically reports to the Board summarizing key issues, risk assessments, and compliance matters. Additionally, the Director of Technology submits semi-annual reports to the Board, providing insights into ongoing and emerging risks, technology developments, and IT security initiatives. In cases where significant IT or cybersecurity risks arise, such matters are escalated to the Company’s Board through the Chair of the Risk Committee or the Chief Risk Officer, for timely awareness and response. The IT Committee is chaired by Dr. Yonesy F. Núñez, CISSP, who holds a Doctor of Professional Studies in Computing Information Assurance and Security from Pace University. Dr. Núñez has experience in cybersecurity governance and risk management and currently serves as Chief Information Security Officer (“CISO”) of a Systematically Important Financial Market Utility. His prior roles include CISO at Jack Henry & Associates and senior cybersecurity positions at major financial institutions. The Risk Committee, chaired by a former senior executive from KPMG LLP, who established and led KPMG’s Financial Risk Management practice in the U.S., annually evaluates the effectiveness of the Company’s cybersecurity controls. The Audit Committee selects third-party auditors to conducts cybersecurity audits, penetration tests, and risk assessments. The Committee Chair has expertise in auditing and regulatory compliance within the financial services industry.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board oversees cybersecurity through the Bank’s Information Technology Committee (“IT Committee”), the Company’s Audit Committee, and the Company’s Risk Committee, aligning cybersecurity practices with the Company’s risk management framework and regulatory requirements. Updates on cybersecurity strategy, risk assessments, and regulatory developments are provided to the relevant committees.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Cybersecurity and IT risks are reported to the Board through multiple channels. The IT Committee Chair periodically reports to the Board summarizing key issues, risk assessments, and compliance matters. Additionally, the Director of Technology submits semi-annual reports to the Board, providing insights into ongoing and emerging risks, technology developments, and IT security initiatives. In cases where significant IT or cybersecurity risks arise, such matters are escalated to the Company’s Board through the Chair of the Risk Committee or the Chief Risk Officer, for timely awareness and response.
Cybersecurity Risk Role of Management [Text Block]	Management Oversight The Company’s cybersecurity operations are overseen by the Director of Technology, who possesses twelve years of experience in cybersecurity management, information technology infrastructure, and risk mitigation. The Director of Technology participates in industry committees, reports to executive management, and updates Board committees and the Board of Directors. Reporting to the Chief Executive Officer, and working with executive leadership, this role supports cybersecurity risk management and helps aligns them with the Company’s broader risk framework. Issues are elevated to the Board by either the Director of Technology or by the Chairs of the IT Committee and Risk Committee, the Chief Risk Officer, or the CEO. As of the date of this Annual Report on Form 10-K, the Company has contracted with a third-party firm to provide CISO services, who reports to the Chief Risk Officer and the IT Committee Chair. This engagement allows the Company to access specialized knowledge, industry best practices, and regulatory insights while maintaining flexibility in managing its information security strategy. The external CISO provides guidance and oversight on cybersecurity risk assessments, incident response, and compliance.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The IT Committee is chaired by Dr. Yonesy F. Núñez, CISSP, who holds a Doctor of Professional Studies in Computing Information Assurance and Security from Pace University. Dr. Núñez has experience in cybersecurity governance and risk management and currently serves as Chief Information Security Officer (“CISO”) of a Systematically Important Financial Market Utility. His prior roles include CISO at Jack Henry & Associates and senior cybersecurity positions at major financial institutions
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The Company’s cybersecurity operations are overseen by the Director of Technology, who possesses twelve years of experience in cybersecurity management, information technology infrastructure, and risk mitigation.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Director of Technology participates in industry committees, reports to executive management, and updates Board committees and the Board of Directors. Reporting to the Chief Executive Officer, and working with executive leadership, this role supports cybersecurity risk management and helps aligns them with the Company’s broader risk framework. Issues are elevated to the Board by either the Director of Technology or by the Chairs of the IT Committee and Risk Committee, the Chief Risk Officer, or the CEO. As of the date of this Annual Report on Form 10-K, the Company has contracted with a third-party firm to provide CISO services, who reports to the Chief Risk Officer and the IT Committee Chair. This engagement allows the Company to access specialized knowledge, industry best practices, and regulatory insights while maintaining flexibility in managing its information security strategy. The external CISO provides guidance and oversight on cybersecurity risk assessments, incident response, and compliance.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

The Company identifies, assesses, and manages cybersecurity risks as part of its risk management program. Our cybersecurity strategy aligns the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF”), applicable regulatory guidelines and other industry practices to secure critical information systems and sensitive data.

Key components of the Company’s cybersecurity program include:

•Risk Assessment & Management: Regular identification and evaluation of cybersecurity threats, vulnerabilities, and exposures informed by threat intelligence, industry trends, and regulatory developments.

•Governance & Oversight: Defined cybersecurity policies and procedures overseen by senior management and the Board of Directors. The Director of Technology is responsible for monitoring cybersecurity risks and reporting any material threats or incidents to the IT Committee or Board for oversight, strategic response planning, and mitigation efforts.

•Access Controls & Identity Management: Implementation of multi-factor authentication, role-based access controls, and monitoring of user permissions.

•Incident Detection & Response: Security monitoring supported by an incident response plan designed for timely identification, containment, and remediation of cybersecurity incidents.

•Data Protection & Encryption: Encryption, standards, data loss prevention protocols, and secure data storage measures for sensitive client and corporate information.

•Third-Party Risk Management: Security assessments, monitoring, and contractual requirements to manage cybersecurity risks from third-party vendors.

•Training & Awareness: Mandatory cybersecurity training for employees to enhance awareness of cybersecurity threats and compliance requirements.

•Regulatory Compliance & Audit: Regular internal and external cybersecurity audits to assess compliance with applicable regulations, standards, and Company policies.

•Continuous Improvement & Testing: Periodic penetration tests and vulnerability assessments to evaluate cybersecurity risks and enhanced security measures. Program updates are implemented as needed to address emerging threats and align with evolving industry best practices.

The Company uses third-party assessors, auditors, and consultants to independently evaluate security practices through penetration testing, vulnerability assessments, and vendor evaluations. Despite these measures, the Company acknowledges that cybersecurity incidents cannot be fully prevented.

Third-Party Risk Management

Cybersecurity risks posed by third-party vendors and service providers are integrated into the Company’s risk management framework. Vendor security practices, compliance with contractual cybersecurity obligations, and exposure to cybersecurity threats related to external providers are assessed regularly. While these efforts aim to assess and mitigate cybersecurity risks, no security assessment can eliminate all potential risks associated with third-party vendors.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Board oversees cybersecurity through the Bank’s Information Technology Committee (“IT Committee”), the Company’s Audit Committee, and the Company’s Risk Committee, aligning cybersecurity practices with the Company’s risk management framework and regulatory requirements. Updates on cybersecurity strategy, risk assessments, and regulatory developments are provided to the relevant committees.

The Risk Committee monitors the quality and effectiveness of the Company’s information technology security, and at least annually reviews, appraises, and discuss with management the quality and effectiveness of the Company’s information technology security, data privacy, disaster recovery capabilities and cybersecurity and related risks. Additionally, the IT Committee reviews quarterly reports regarding the information security program and technology program, key enterprise cybersecurity initiatives, and other matters relating to cybersecurity processes.

Cybersecurity and IT risks are reported to the Board through multiple channels. The IT Committee Chair periodically reports to the Board summarizing key issues, risk assessments, and compliance matters. Additionally, the Director of Technology submits semi-annual reports to the Board, providing insights into ongoing and emerging risks, technology developments, and IT security initiatives. In cases where significant IT or cybersecurity risks arise, such matters are escalated to the Company’s Board through the Chair of the Risk Committee or the Chief Risk Officer, for timely awareness and response.

The IT Committee is chaired by Dr. Yonesy F. Núñez, CISSP, who holds a Doctor of Professional Studies in Computing Information Assurance and Security from Pace University. Dr. Núñez has experience in cybersecurity governance and risk management and currently serves as Chief Information Security Officer (“CISO”) of a Systematically Important Financial Market Utility. His prior roles include CISO at Jack Henry & Associates and senior cybersecurity positions at major financial institutions.

The Risk Committee, chaired by a former senior executive from KPMG LLP, who established and led KPMG’s Financial Risk Management practice in the U.S., annually evaluates the effectiveness of the Company’s cybersecurity controls.

The Audit Committee selects third-party auditors to conducts cybersecurity audits, penetration tests, and risk assessments. The Committee Chair has expertise in auditing and regulatory compliance within the financial services industry.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Role of Management [Text Block]

Management Oversight

The Company’s cybersecurity operations are overseen by the Director of Technology, who possesses twelve years of experience in cybersecurity management, information technology infrastructure, and risk mitigation. The Director of Technology participates in industry committees, reports to executive management, and updates Board committees and the Board of Directors. Reporting to the Chief Executive Officer, and working with executive leadership, this role supports cybersecurity risk management and helps aligns them with the Company’s broader risk framework. Issues are elevated to the Board by either the Director of Technology or by the Chairs of the IT Committee and Risk Committee, the Chief Risk Officer, or the CEO.

As of the date of this Annual Report on Form 10-K, the Company has contracted with a third-party firm to provide CISO services, who reports to the Chief Risk Officer and the IT Committee Chair. This engagement allows the Company to access specialized knowledge, industry best practices, and regulatory insights while maintaining flexibility in managing its information security strategy. The external CISO provides guidance and oversight on cybersecurity risk assessments, incident response, and compliance.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The Director of Technology participates in industry committees, reports to executive management, and updates Board committees and the Board of Directors. Reporting to the Chief Executive Officer, and working with executive leadership, this role supports cybersecurity risk management and helps aligns them with the Company’s broader risk framework. Issues are elevated to the Board by either the Director of Technology or by the Chairs of the IT Committee and Risk Committee, the Chief Risk Officer, or the CEO.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true