Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program includes a cybersecurity incident response standard. We use the Cyber Risk Institute Profile (which is based on the National Institute of Standards and Technology Cybersecurity Framework), the Federal Financial Institutions Examination Council Information Technology Examination Handbook, and the Payment Card Industry Data Security Standards as guides to help us identify, assess, and manage cybersecurity risks relevant to our business and develop and implement our cybersecurity risk management program. This does not imply that we meet any particular technical standards, specifications, or requirements. Our cybersecurity risk management program is integrated with our overall enterprise risk management program, and shares common methodologies, reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas. Our cybersecurity risk management program includes the following key elements: •risk assessments designed to help identify material cybersecurity risks to our critical systems, information, services, and our broader enterprise information technology (“IT”) environment; •a team comprised of IT security, IT infrastructure, and IT compliance personnel principally responsible for directing (i) our cybersecurity risk assessment processes, (ii) our security processes, and (iii) our response to cybersecurity incidents; •the use of external cybersecurity service providers, where appropriate, to assess, test, or otherwise assist with aspects of our security processes; •cybersecurity awareness training of employees with access to our IT systems; •a cybersecurity incident response standard and Crisis Management Policy that guide our response to cybersecurity incidents; and •a third-party risk identification and management process for service providers. We face certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, and/or financial condition. See Item 1A. “Risk Factors – OPERATIONAL RISKS – We depend on secure information technology and a breach of those systems or those of third-party vendors could result in significant losses, unauthorized disclosure of confidential customer information, and reputational damage, which could materially adversely affect our business, financial condition, and/or results of operations and could lead to significant financial, legal, and reputational exposure” in this Form 10-K.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program includes a cybersecurity incident response standard.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board of Directors considers cybersecurity risk as critical to the enterprise and delegates the cybersecurity risk oversight function to the Operational and Compliance Risk Committee of the Board. The Operational and Compliance Risk Committee of our Board of Directors oversees management’s design, implementation, and enforcement of our cybersecurity risk management program.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function. Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”).
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board of Directors considers cybersecurity risk as critical to the enterprise and delegates the cybersecurity risk oversight function to the Operational and Compliance Risk Committee of the Board. The Operational and Compliance Risk Committee of our Board of Directors oversees management’s design, implementation, and enforcement of our cybersecurity risk management program. Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function. Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”). The Operational and Compliance Risk Committee of our Board of Directors also receives periodic reports from our CSO on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents. Our CSO supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which include: briefings from internal security personnel; threat intelligence and other information obtained from governmental, public, or private sources, including external cybersecurity service providers; and alerts and reports produced by security tools deployed in the IT environment.
Cybersecurity Risk Role of Management [Text Block]	Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”). The Operational and Compliance Risk Committee of our Board of Directors also receives periodic reports from our CSO on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CSO is responsible for assessing and managing our material risks from cybersecurity threats, has primary responsibility for leading our overall cybersecurity risk management program, and supervises both our internal cybersecurity personnel and our external cybersecurity service providers. Our CSO has significant executive experience in managing and leading IT and cybersecurity teams in both government and the private sector and has received industry recognition in the cybersecurity area.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function. Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”). The Operational and Compliance Risk Committee of our Board of Directors also receives periodic reports from our CSO on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information. Our cybersecurity risk management program includes a cybersecurity incident response standard.

We use the Cyber Risk Institute Profile (which is based on the National Institute of Standards and Technology Cybersecurity Framework), the Federal Financial Institutions Examination Council Information Technology Examination Handbook, and the Payment Card Industry Data Security Standards as guides to help us identify, assess, and manage cybersecurity risks relevant to our business and develop and implement our cybersecurity risk management program. This does not imply that we meet any particular technical standards, specifications, or requirements.

Our cybersecurity risk management program is integrated with our overall enterprise risk management program, and shares common methodologies, reporting channels, and governance processes that apply across the enterprise risk management program to other legal, compliance, strategic, operational, and financial risk areas.

Our cybersecurity risk management program includes the following key elements:

•risk assessments designed to help identify material cybersecurity risks to our critical systems, information, services, and our broader enterprise information technology (“IT”) environment;

•a team comprised of IT security, IT infrastructure, and IT compliance personnel principally responsible for directing (i) our cybersecurity risk assessment processes, (ii) our security processes, and (iii) our response to cybersecurity incidents;

•the use of external cybersecurity service providers, where appropriate, to assess, test, or otherwise assist with aspects of our security processes;

•cybersecurity awareness training of employees with access to our IT systems;

•a cybersecurity incident response standard and Crisis Management Policy that guide our response to cybersecurity incidents; and

•a third-party risk identification and management process for service providers.

We face certain ongoing risks from cybersecurity threats that, if realized, are reasonably likely to materially affect us, including our operations, business strategy, results of operations, and/or financial condition. See Item 1A. “Risk Factors – OPERATIONAL RISKS – We depend on secure information technology and a breach of those systems or those of third-party vendors could result in significant losses, unauthorized disclosure of confidential customer information, and reputational damage, which could materially adversely affect our business, financial condition, and/or results of operations and could lead to significant financial, legal, and reputational exposure” in this Form 10-K.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Our Board of Directors considers cybersecurity risk as critical to the enterprise and delegates the cybersecurity risk oversight function to the Operational and Compliance Risk Committee of the Board. The Operational and Compliance Risk Committee of our Board of Directors oversees management’s design, implementation, and enforcement of our cybersecurity risk management program.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function. Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”). The Operational and Compliance Risk Committee of our Board of Directors also receives periodic reports from our CSO on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents.

Our CSO supervises efforts to prevent, detect, mitigate, and remediate cybersecurity risks and incidents through various means, which include: briefings from internal security personnel; threat intelligence and other

information obtained from governmental, public, or private sources, including external cybersecurity service providers; and alerts and reports produced by security tools deployed in the IT environment.

Cybersecurity Risk Role of Management [Text Block]

Our CSO provides periodic updates on our cybersecurity risk management program to the management-level Operational and Compliance Risk Committee (“OCRC”) and Executive Committee (“EC”). The Operational and Compliance Risk Committee of our Board of Directors also receives periodic reports from our CSO on our cybersecurity risks, including briefings on our cyber risk management program and cybersecurity incidents.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Our Chief Security Officer (“CSO”) reports to our Chief Operational Officer and President of the Bank and leads the Company’s overall cybersecurity function.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our CSO is responsible for assessing and managing our material risks from cybersecurity threats, has primary responsibility for leading our overall cybersecurity risk management program, and supervises both our internal cybersecurity personnel and our external cybersecurity service providers. Our CSO has significant executive experience in managing and leading IT and cybersecurity teams in both government and the private sector and has received industry recognition in the cybersecurity area.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true