Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Cybersecurity Risk Management and Strategy Cybersecurity risks are continually evolving, becoming increasingly complex and pervasive across all industries. To mitigate these cybersecurity risks and protect nonpublic, personally identifiable customer data, financial transactions and our classified information systems, the Bank has implemented a comprehensive information security program, which is a component of its overarching enterprise risk management program. Key components of the information security program include: • A risk assessment process that identifies and prioritizes material cybersecurity risks; defines and evaluates the effectiveness of controls to mitigate the risks; and reports results to executive management and the Board of Directors. • Annual security assessments that proactively identify potential vulnerabilities that are both externally facing and internal within the bank’s infrastructure; reports the results for all assessments to executive management and the Board of Directors with tracking and resolution to potential areas of risk. • Vulnerability management program that patches known vulnerabilities across operating systems and software platforms. • Strong controls around user access including creation, changes and termination of access, ongoing user access reviews, multifactor authentication and password policies. • A technology team covering all critical cyber defense functions such as engineering, data protection, identity and access management, insider risk management, security operations, threat emulation and threat intelligence. • A training program that educates employees about cybersecurity risks and how to protect themselves from cyberattacks. • An awareness program that keeps employees informed about cybersecurity threats and how to stay safe online. • An incident response plan that outlines the steps the Bank will take to respond to a cybersecurity incident, which is tested on a periodic basis. • Adoption and implementation of a layered defense / defense in depth model n which security systems are linked or stacked so that the strengths of one security system compensate the weaknesses of the other system. • Additional controls that include but not limited to data encryption; change management; end of life management; asset management; malware and antivirus detection, response and mitigation; physical security; business continuity and disaster recovery management. The Bank engages reputable third-party assessors to conduct various independent audits on a regular basis, including but not limited to maturity assessments and various testing. Following a defense-in-depth strategy, the Bank leverages both in-house resources and third-party service providers to implement and maintain processes and controls to manage the identified risks. The Bank’s Third-Party / Vendor Risk Management program is designed to ensure that our vendors meet our cybersecurity requirements. This includes conducting periodic risk assessments of vendors, requiring vendors to implement appropriate cybersecurity controls and monitoring vendor compliance with our cybersecurity requirements. The Bank’s information security program and strategy are designed to ensure the Bank's information and information systems are resilient and appropriately protected from a variety of threats, both natural and man-made. Periodic audits and risk assessments are performed to validate control requirements and ensure that the Bank’s information is protected at a level commensurate with its sensitivity, value, and criticality. Preventative and detective security controls and policies are employed on all media where information is stored, the systems that process it, and infrastructure components that facilitate its transmission to ensure the confidentiality, integrity, and availability of Bank information. These controls and policies include, but are not limited to access control, data encryption, data loss prevention, incident response, security monitoring, third party risk management, and vulnerability management. The Bank's information security program and strategy are regularly reviewed and updated to ensure that they are aligned with the Bank's business objectives and are designed to address evolving cybersecurity threats and satisfy regulatory requirements and industry standards.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We recognize the critical importance of developing, implementing, assessing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. Senior Management, in collaboration with the Information Technology and Risk Departments, is responsible for the implementation and oversight of the Bank's Cybersecurity Risk Management Program.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	While cybersecurity risks have the potential to materially affect the Bank's business, financial condition, and results of operations, the Bank does not believe that risks from cybersecurity threats or attacks, including as a result of any previous cybersecurity incidents, have materially affected the Bank, including its business strategy, results of operations or financial condition. Accordingly, no matter how well designed or implemented the Bank’s controls are, there is a risk that it may not be able to anticipate all zero-day cyber security exploits and vulnerabilities, and it may not be able to implement effective preventive measures against such exploits / vulnerabilities and potentially associated security breaches in a timely manner.
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Bank’s Board of Directors is charged with overseeing the establishment and execution of the Bank’s security management framework and monitoring adherence to related policies required by applicable statutes, regulations and principles of safety and soundness. Consistent with this responsibility the Board has delegated primary oversight responsibility over the Bank’s security management framework, including oversight of cybersecurity risk and cybersecurity risk management, to the Information Technology /Information Security Committee of the Board of Directors.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Information Technology /Information Security Committee receives regular updates on cybersecurity risks and incidents and the cybersecurity program through direct interaction with the Chief Information Technology Officer and provides periodic updates regarding cybersecurity risks and the cybersecurity program to the full Board of Directors. Additionally, awareness and training on cybersecurity topics is provided to the Board on an annual basis.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	. The Information Technology /Information Security Committee receives regular updates on cybersecurity risks and incidents and the cybersecurity program through direct interaction with the Chief Information Technology Officer and provides periodic updates regarding cybersecurity risks and the cybersecurity program to the full Board of Directors. Additionally, awareness and training on cybersecurity topics is provided to the Board on an annual basis.
Cybersecurity Risk Role of Management [Text Block]	We recognize the critical importance of developing, implementing, assessing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. Senior Management, in collaboration with the Information Technology and Risk Departments, is responsible for the implementation and oversight of the Bank's Cybersecurity Risk Management Program. Information security risk is systematically reported to our Board of Directors by the Information Technology and Risk Departments through quarterly management reports, ensuring a structured and effective flow of cybersecurity risk information to the Board of Directors. Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors. These committees play a pivotal role in establishing and overseeing policies, programs, and guidance that define clear expectations for managing cybersecurity risk. Due to the evolving nature of cybersecurity threats, we actively engage with external experts to enhance our security expertise. These subject matter experts provide independent evaluations and testing of our cybersecurity risk management framework. Our collaboration with these entities includes regular audits, threat assessments, and consultations on security enhancements to reinforce our security posture.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors. These committees play a pivotal role in establishing and overseeing policies, programs, and guidance that define clear expectations for managing cybersecurity risk.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Information security risk is systematically reported to our Board of Directors by the Information Technology and Risk Departments through quarterly management reports, ensuring a structured and effective flow of cybersecurity risk information to the Board of Directors. Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors. These committees play a pivotal role in establishing and overseeing policies, programs, and guidance that define clear expectations for managing cybersecurity risk. Due to the evolving nature of cybersecurity threats, we actively engage with external experts to enhance our security expertise. These subject matter experts provide independent evaluations and testing of our cybersecurity risk management framework. Our collaboration with these entities includes regular audits, threat assessments, and consultations on security enhancements to reinforce our security posture.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

Cybersecurity risks are continually evolving, becoming increasingly complex and pervasive across all industries. To mitigate these cybersecurity risks and protect nonpublic, personally identifiable customer data, financial transactions and our classified information systems, the Bank has implemented a comprehensive information security program, which is a component of its overarching enterprise risk management program. Key components of the information security program include:

• A risk assessment process that identifies and prioritizes material cybersecurity risks; defines and evaluates the effectiveness of controls to mitigate the risks; and reports results to executive management and the Board of Directors.

• Annual security assessments that proactively identify potential vulnerabilities that are both externally facing and internal within the bank’s infrastructure; reports the results for all assessments to executive management and the Board of Directors with tracking and resolution to potential areas of risk.

• Vulnerability management program that patches known vulnerabilities across operating systems and software platforms.

• Strong controls around user access including creation, changes and termination of access, ongoing user access reviews, multifactor authentication and password policies.

• A technology team covering all critical cyber defense functions such as engineering, data protection, identity and access management, insider risk management, security operations, threat emulation and threat intelligence.

• A training program that educates employees about cybersecurity risks and how to protect themselves from cyberattacks.

• An awareness program that keeps employees informed about cybersecurity threats and how to stay safe online.

• An incident response plan that outlines the steps the Bank will take to respond to a cybersecurity incident, which is tested on a periodic basis.

• Adoption and implementation of a layered defense / defense in depth model n which security systems are linked or stacked so that the strengths of one security system compensate the weaknesses of the other system.

• Additional controls that include but not limited to data encryption; change management; end of life management; asset management; malware and antivirus detection, response and mitigation; physical security; business continuity and disaster recovery management.

The Bank engages reputable third-party assessors to conduct various independent audits on a regular basis, including but not limited to maturity assessments and various testing. Following a defense-in-depth strategy, the Bank leverages both in-house resources and third-party service providers to implement and maintain processes and controls to manage the identified risks.

The Bank’s Third-Party / Vendor Risk Management program is designed to ensure that our vendors meet our cybersecurity requirements. This includes conducting periodic risk assessments of vendors, requiring vendors to implement appropriate cybersecurity controls and monitoring vendor compliance with our cybersecurity requirements.

The Bank’s information security program and strategy are designed to ensure the Bank's information and information systems are resilient and appropriately protected from a variety of threats, both natural and man-made. Periodic audits and risk assessments are performed to validate control requirements and ensure that the Bank’s information is protected at a level commensurate with its sensitivity, value, and criticality. Preventative and detective security controls and policies are employed on all media where information is stored, the systems that process it, and infrastructure components that facilitate its transmission to ensure the confidentiality, integrity, and availability of Bank information. These controls and policies include, but are not limited to access control, data encryption, data loss prevention, incident response, security monitoring, third party risk management, and vulnerability management.

The Bank's information security program and strategy are regularly reviewed and updated to ensure that they are aligned with the Bank's business objectives and are designed to address evolving cybersecurity threats and satisfy regulatory requirements and industry standards.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

We recognize the critical importance of developing, implementing, assessing, and maintaining robust cybersecurity measures to safeguard our information systems and protect the confidentiality, integrity, and availability of our data. Senior Management, in collaboration with the Information Technology and Risk Departments, is responsible for the implementation and oversight of the Bank's Cybersecurity Risk Management Program.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

While cybersecurity risks have the potential to materially affect the Bank's business, financial condition, and results of operations, the Bank does not believe that risks from cybersecurity threats or attacks, including as a result of any previous cybersecurity incidents, have materially affected the Bank, including its business strategy, results of operations or financial condition. Accordingly, no matter how well designed or implemented the Bank’s controls are, there is a risk that it may not be able to anticipate all zero-day cyber security exploits and vulnerabilities, and it may not be able to implement effective preventive measures against such exploits / vulnerabilities and potentially associated security breaches in a timely manner.

Cybersecurity Risk Board of Directors Oversight [Text Block]

The Bank’s Board of Directors is charged with overseeing the establishment and execution of the Bank’s security management framework and monitoring adherence to related policies required by applicable statutes, regulations and principles of safety and soundness. Consistent with this responsibility the Board has delegated primary oversight responsibility over the Bank’s security management framework, including oversight of cybersecurity risk and cybersecurity risk management, to the Information Technology /Information Security Committee of the Board of Directors.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Information Technology /Information Security Committee receives regular updates on cybersecurity risks and incidents and the cybersecurity program through direct interaction with the Chief Information Technology Officer and provides periodic updates regarding cybersecurity risks and the cybersecurity program to the full Board of Directors. Additionally, awareness and training on cybersecurity topics is provided to the Board on an annual basis.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

. The Information Technology /Information Security Committee receives regular updates on cybersecurity risks and incidents and the cybersecurity program through direct interaction with the Chief Information Technology Officer and provides periodic updates regarding cybersecurity risks and the cybersecurity program to the full Board of Directors. Additionally, awareness and training on cybersecurity topics is provided to the Board on an annual basis.

Cybersecurity Risk Role of Management [Text Block]

Information security risk is systematically reported to our Board of Directors by the Information Technology and Risk Departments through quarterly management reports, ensuring a structured and effective flow of cybersecurity risk information to the Board of Directors. Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors. These committees play a pivotal role in establishing and overseeing policies, programs, and guidance that define clear expectations for managing cybersecurity risk.

Due to the evolving nature of cybersecurity threats, we actively engage with external experts to enhance our security expertise. These subject matter experts provide independent evaluations and testing of our cybersecurity risk management framework. Our collaboration with these entities includes regular audits, threat assessments, and consultations on security enhancements to reinforce our security posture.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Various committees and working groups are dedicated to monitoring and managing information security risks, including the Cybersecurity Incident Response Team and the Information Technology/Information Security Committee of the Board of Directors. These committees play a pivotal role in establishing and overseeing policies, programs, and guidance that define clear expectations for managing cybersecurity risk.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true