Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Our risk management program is designed to identify, assess, and mitigate risks across various aspects of our company, including financial, operational, regulatory, reputational, and legal. Cybersecurity is a critical component of this program, given the increasing reliance on technology and potential cyber threats. Our Information Security Officer (“ISO”) is primarily responsible for this cybersecurity component and is a key member of the risk management organization, reporting directly to the Chief Executive Officer. Our objective for managing cybersecurity risk is to avoid or minimize the impacts of external threat events or other efforts to penetrate, disrupt or misuse our systems or information. The structure of our information security program is designed around the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework, regulatory guidance, and other industry standards. In addition, we leverage certain industry and government associations, third-party benchmarking, audits, and threat intelligence feeds to facilitate and promote program effectiveness. The information security program is periodically reviewed with the goal of addressing changing threats and conditions. We employ an in-depth, layered, defensive strategy that embraces a “trust by design” philosophy when designing new products, services, and technology. We leverage people, processes, and technology as part of our efforts to manage and maintain cybersecurity controls. We also employ a variety of preventative and detective tools designed to monitor, block, and provide alerts regarding suspicious activity, as well as to report on suspected advanced persistent threats. We have established processes and systems designed to mitigate cyber risk, including regular and on-going education and training for employees, preparedness simulations and tabletop exercises, and recovery and resilience tests. We engage in regular assessments of our infrastructure, software systems, and network architecture, using internal cybersecurity experts and third-party specialists. We also maintain a third-party risk management program designed to identify, assess, and manage risks, including cybersecurity risks, associated with external service providers and our supply chain. We also actively monitor our email gateways for malicious phishing email campaigns and monitor remote connections as a significant portion of our workforce has the option to work remotely. We leverage internal and external auditors and independent external partners to periodically review our processes, systems, and controls, including with respect to our information security program, to assess their design and operating effectiveness and make recommendations to strengthen our risk management program. We maintain a Business Continuity Plan that provides a documented framework for responding to actual or potential cybersecurity incidents, including timely notification of and escalation to the appropriate Board-approved management committees. The Business Continuity Plan is coordinated through the Information Security Officer and key members of management are embedded into the Plan by its design. The Business Continuity Plan facilitates coordination across multiple parts of our organization and is evaluated at least annually. Notwithstanding our defensive measures and processes, the threat posed by cyber-attacks is severe. Our internal systems, processes, and controls are designed to mitigate loss from cyber-attacks. To date, risks from cybersecurity threats have not materially affected our company.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our risk management program is designed to identify, assess, and mitigate risks across various aspects of our company, including financial, operational, regulatory, reputational, and legal. Cybersecurity is a critical component of this program, given the increasing reliance on technology and potential cyber threats. Our Information Security Officer (“ISO”) is primarily responsible for this cybersecurity component and is a key member of the risk management organization, reporting directly to the Chief Executive Officer. Our objective for managing cybersecurity risk is to avoid or minimize the impacts of external threat events or other efforts to penetrate, disrupt or misuse our systems or information. The structure of our information security program is designed around the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework, regulatory guidance, and other industry standards.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense program. This endpoint program is monitored 24/7 and would notify IT staff of an incident. Most incidents would be mitigated by monitoring staff of the endpoint program, but IT staff would have to be involved in more severe incidents. This mitigation is resolved from an always updating database. In severe cases, the device that triggers the incident would be locked down and a plan of action would be put in place. The second line of defense is a monitored firewall. This would also notify IT staff of an incident. Last line of defense is IT Staff. The department is augmented by an information security specialist that is on a monthly retainer. Individuals within the department are generally subject to professional education requirements. Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program. This committee meets quarterly to provide oversight of the risk management strategy, standards, policies, practices, controls, and mitigation and prevention efforts employed to manage security risks. More frequent meetings may occur from time to time in accordance with the Business Continuity Plan in order to facilitate timely informing and monitoring efforts. The ISO reports summaries of key issues, including significant cybersecurity and/or privacy incidents. The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense program. This endpoint program is monitored 24/7 and would notify IT staff of an incident. Most incidents would be mitigated by monitoring staff of the endpoint program, but IT staff would have to be involved in more severe incidents. This mitigation is resolved from an always updating database. In severe cases, the device that triggers the incident would be locked down and a plan of action would be put in place. The second line of defense is a monitored firewall. This would also notify IT staff of an incident. Last line of defense is IT Staff. The department is augmented by an information security specialist that is on a monthly retainer. Individuals within the department are generally subject to professional education requirements. Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program. This committee meets quarterly to provide oversight of the risk management strategy, standards, policies, practices, controls, and mitigation and prevention efforts employed to manage security risks. More frequent meetings may occur from time to time in accordance with the Business Continuity Plan in order to facilitate timely informing and monitoring efforts. The ISO reports summaries of key issues, including significant cybersecurity and/or privacy incidents. The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.
Cybersecurity Risk Role of Management [Text Block]	Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense program. This endpoint program is monitored 24/7 and would notify IT staff of an incident. Most incidents would be mitigated by monitoring staff of the endpoint program, but IT staff would have to be involved in more severe incidents. This mitigation is resolved from an always updating database. In severe cases, the device that triggers the incident would be locked down and a plan of action would be put in place. The second line of defense is a monitored firewall. This would also notify IT staff of an incident. Last line of defense is IT Staff. The department is augmented by an information security specialist that is on a monthly retainer. Individuals within the department are generally subject to professional education requirements. Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program. This committee meets quarterly to provide oversight of the risk management strategy, standards, policies, practices, controls, and mitigation and prevention efforts employed to manage security risks. More frequent meetings may occur from time to time in accordance with the Business Continuity Plan in order to facilitate timely informing and monitoring efforts. The ISO reports summaries of key issues, including significant cybersecurity and/or privacy incidents. The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense program. This endpoint program is monitored 24/7 and would notify IT staff of an incident. Most incidents would be mitigated by monitoring staff of the endpoint program, but IT staff would have to be involved in more severe incidents. This mitigation is resolved from an always updating database. In severe cases, the device that triggers the incident would be locked down and a plan of action would be put in place. The second line of defense is a monitored firewall. This would also notify IT staff of an incident. Last line of defense is IT Staff. The department is augmented by an information security specialist that is on a monthly retainer. Individuals within the department are generally subject to professional education requirements. Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program. This committee meets quarterly to provide oversight of the risk management strategy, standards, policies, practices, controls, and mitigation and prevention efforts employed to manage security risks. More frequent meetings may occur from time to time in accordance with the Business Continuity Plan in order to facilitate timely informing and monitoring efforts. The ISO reports summaries of key issues, including significant cybersecurity and/or privacy incidents. The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Our risk management program is designed to identify, assess, and mitigate risks across various aspects of our company, including financial, operational, regulatory, reputational, and legal. Cybersecurity is a critical component of this program, given the increasing reliance on technology and potential cyber threats. Our Information Security Officer (“ISO”) is primarily responsible for this cybersecurity component and is a key member of the risk management organization, reporting directly to the Chief Executive Officer.

Our objective for managing cybersecurity risk is to avoid or minimize the impacts of external threat events or other efforts to penetrate, disrupt or misuse our systems or information. The structure of our information security program is designed around the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework, regulatory guidance, and other industry standards. In addition, we leverage certain industry and government associations, third-party benchmarking, audits, and threat intelligence feeds to facilitate and promote program effectiveness. The information security program is periodically reviewed with the goal of addressing changing threats and conditions.

We employ an in-depth, layered, defensive strategy that embraces a “trust by design” philosophy when designing new products, services, and technology. We leverage people, processes, and technology as part of our efforts to manage and maintain cybersecurity controls. We also employ a variety of preventative and detective tools designed to monitor, block, and provide alerts regarding suspicious activity, as well as to report on suspected advanced persistent threats. We have established processes and systems designed to mitigate cyber risk, including regular and on-going education and training for employees, preparedness simulations and tabletop exercises, and recovery and resilience tests. We engage in regular assessments of our infrastructure, software systems, and network architecture, using internal cybersecurity experts and third-party specialists. We also maintain a third-party risk management program designed to identify, assess, and manage risks, including cybersecurity risks, associated with external service providers and our supply chain. We also actively monitor our email gateways for malicious phishing email campaigns and monitor remote connections as a significant portion of our workforce has the option to work remotely. We leverage internal and external auditors and independent external partners to periodically review our processes, systems, and controls, including with respect to our information security program, to assess their design and operating effectiveness and make recommendations to strengthen our risk management program.

We maintain a Business Continuity Plan that provides a documented framework for responding to actual or potential cybersecurity incidents, including timely notification of and escalation to the appropriate Board-approved management committees. The Business Continuity Plan is coordinated through the Information Security Officer and key members of management are embedded into the Plan by its design. The Business Continuity Plan facilitates coordination across multiple parts of our organization and is evaluated at least annually.

Notwithstanding our defensive measures and processes, the threat posed by cyber-attacks is severe. Our internal systems, processes, and controls are designed to mitigate loss from cyber-attacks. To date, risks from cybersecurity threats have not materially affected our company.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our ISO is accountable for managing our enterprise information security department and delivering our information security program. The responsibilities of this department include cybersecurity risk assessment, defense operations, incident response, vulnerability assessment, threat intelligence, identity access governance, third-party risk management, and business resilience. The foregoing responsibilities are covered on a day-to-day basis by a first line of defense program. This endpoint program is monitored 24/7 and would notify IT staff of an incident. Most incidents would be mitigated by monitoring staff of the endpoint program, but IT staff would have to be involved in more severe incidents. This mitigation is resolved from an always updating database. In severe cases, the device that triggers the incident would be locked down and a plan of action would be put in place. The second line of defense is

a monitored firewall. This would also notify IT staff of an incident. Last line of defense is IT Staff. The department is augmented by an information security specialist that is on a monthly retainer. Individuals within the department are generally subject to professional education requirements.

Our board of directors has approved a committee comprised of directors and management called the Information Technology Committee. This committee provides oversight and governance of the technology program and the information security program. This committee meets quarterly to provide oversight of the risk management strategy, standards, policies, practices, controls, and mitigation and prevention efforts employed to manage security risks. More frequent meetings may occur from time to time in accordance with the Business Continuity Plan in order to facilitate timely informing and monitoring efforts. The ISO reports summaries of key issues, including significant cybersecurity and/or privacy incidents.

The ISO has served in various roles in information technology and information security for over 21 years and holds a Bachelor of Science degree in Management Information Systems from Auburn University. The ISO is also a graduate of the Alabama Banking School of the University of South Alabama. The ISO also holds multiple professional certifications, including specialized certifications in vendor risk management and community banking technology.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true