Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Cybersecurity is a critical component of AEP’s risk management framework. As an electric utility operating critical infrastructure, AEP is subject to mandatory requirements under applicable federal, state, and industry standards. AEP maintains a risk-based cybersecurity program designed to protect the confidentiality, integrity, and availability of its information technology, operational technology, and critical infrastructure assets. Cybersecurity Risk Management and Strategy AEP’s cybersecurity risk management program is designed to identify, assess, and manage risks from cybersecurity threats, including those posed by third parties. The program incorporates a defense-in-depth approach, leverages partnerships with government and peers to assess the evolving threats and aligns with recognized industry standards and regulatory requirements applicable to electric utilities. Key elements of AEP’s cybersecurity program include, among others: •Continuous monitoring and detection of cyber threats; •Vulnerability assessments and penetration testing; •Incident response planning and exercises; •Business continuity and disaster recovery planning; •Security awareness training, including advanced phishing simulations; •Third-party risk management, including vendor due diligence and contractual controls; •Cybersecurity insurance coverage. AEP regularly evaluates and updates its cybersecurity controls, processes, and technologies in response to the evolving threat landscape and regulatory developments. We leverage both internal expertise and external partners to assist with assessments, testing, and program maturity evaluations.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity is a critical component of AEP’s risk management framework.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	AEP’s Board of Directors, through the Technology Committee, oversees the cybersecurity program and our approach to cyber risk management. The Technology Committee receives periodic updates from management regarding cybersecurity risks, the threat environment, and the status of AEP’s security programs, including significant incidents, if any.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	AEP’s Board of Directors, through the Technology Committee, oversees the cybersecurity program and our approach to cyber risk management.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Technology Committee receives periodic updates from management regarding cybersecurity risks, the threat environment, and the status of AEP’s security programs, including significant incidents, if any.
Cybersecurity Risk Role of Management [Text Block]	Management is responsible for implementing and maintaining AEP’s cybersecurity programs. Day-to-day oversight is led by AEP’s Senior Vice President (SVP) of Enterprise Security, Resilience, and National Security Policy who reports to AEP’s Chief Executive Officer. The SVP for Enterprise Security, Resilience, and National Security Policy has expertise in electricity sector risk management, critical infrastructure protection, cybersecurity, and incident response. This individual also oversees and leads AEP’s engagements with Federal agencies on cybersecurity and physical security threat information sharing and partnerships with the Department of Homeland Security, Federal Bureau of Investigation, Department of Energy, and the intelligence community. The SVP for Enterprise Security, Resilience, and National Security Policy also works closely with AEP’s Chief Information Officer, Generation, Transmission, and Distribution operations leadership, along with legal, compliance, internal audit, and business resilience to help ensure cybersecurity risks are identified, assessed, and managed across the enterprise. Management also provides relevant cybersecurity updates to the Audit Committee.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Day-to-day oversight is led by AEP’s Senior Vice President (SVP) of Enterprise Security, Resilience, and National Security Policy who reports to AEP’s Chief Executive Officer.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The SVP for Enterprise Security, Resilience, and National Security Policy has expertise in electricity sector risk management, critical infrastructure protection, cybersecurity, and incident response.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Management also provides relevant cybersecurity updates to the Audit Committee
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity is a critical component of AEP’s risk management framework. As an electric utility operating critical infrastructure, AEP is subject to mandatory requirements under applicable federal, state, and industry standards. AEP maintains a risk-based cybersecurity program designed to protect the confidentiality, integrity, and availability of its information technology, operational technology, and critical infrastructure assets.

Cybersecurity Risk Management and Strategy

AEP’s cybersecurity risk management program is designed to identify, assess, and manage risks from cybersecurity threats, including those posed by third parties. The program incorporates a defense-in-depth approach, leverages partnerships with government and peers to assess the evolving threats and aligns with recognized industry standards and regulatory requirements applicable to electric utilities.

Key elements of AEP’s cybersecurity program include, among others:

•Continuous monitoring and detection of cyber threats;

•Vulnerability assessments and penetration testing;

•Incident response planning and exercises;

•Business continuity and disaster recovery planning;

•Security awareness training, including advanced phishing simulations;

•Third-party risk management, including vendor due diligence and contractual controls;

•Cybersecurity insurance coverage.

AEP regularly evaluates and updates its cybersecurity controls, processes, and technologies in response to the evolving threat landscape and regulatory developments. We leverage both internal expertise and external partners to assist with assessments, testing, and program maturity evaluations.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity is a critical component of AEP’s risk management framework.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

AEP’s Board of Directors, through the Technology Committee, oversees the cybersecurity program and our approach to cyber risk management. The Technology Committee receives periodic updates from management regarding cybersecurity risks, the threat environment, and the status of AEP’s security programs, including significant incidents, if any.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

AEP’s Board of Directors, through the Technology Committee, oversees the cybersecurity program and our approach to cyber risk management.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Technology Committee receives periodic updates from management regarding cybersecurity risks, the threat environment, and the status of AEP’s security programs, including significant incidents, if any.

Cybersecurity Risk Role of Management [Text Block]

Management is responsible for implementing and maintaining AEP’s cybersecurity programs. Day-to-day oversight is led by AEP’s Senior Vice President (SVP) of Enterprise Security, Resilience, and National Security Policy who reports to AEP’s Chief Executive Officer. The SVP for Enterprise Security, Resilience, and National Security Policy has expertise in electricity sector risk management, critical infrastructure protection, cybersecurity, and incident response. This individual also oversees and leads AEP’s engagements with Federal agencies on cybersecurity and physical security threat information sharing and

partnerships with the Department of Homeland Security, Federal Bureau of Investigation, Department of Energy, and the intelligence community. The SVP for Enterprise Security, Resilience, and National Security Policy also works closely with AEP’s Chief Information Officer, Generation, Transmission, and Distribution operations leadership, along with legal, compliance, internal audit, and business resilience to help ensure cybersecurity risks are identified, assessed, and managed across the enterprise. Management also provides relevant cybersecurity updates to the Audit Committee.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Day-to-day oversight is led by AEP’s Senior Vice President (SVP) of Enterprise Security, Resilience, and National Security Policy who reports to AEP’s Chief Executive Officer.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The SVP for Enterprise Security, Resilience, and National Security Policy has expertise in electricity sector risk management, critical infrastructure protection, cybersecurity, and incident response.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Management also provides relevant cybersecurity updates to the Audit Committee

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true