XML 52 R26.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
Cybersecurity

The Fund depends on and engages various third parties and service providers, including suppliers, custodians, transfer agents, administrative agents, fund administrators and other third parties to source, make and manage its investments. Accordingly, the Fund’s business is dependent on the communications and information technology (“IT”) systems that it shares with the Advisers and their ultimate parent company, TIAA, which further relies upon the systems of third-party IT service providers to TIAA. TIAA has established a cybersecurity program across its enterprise, which applies to certain of its affiliates, including the Advisers and the Fund. When identifying and overseeing risks from cybersecurity threats associated with its use of third-party service providers, the Fund further relies upon the expertise of risk management, legal, information technology, and compliance personnel of TIAA. TIAA conducts onboarding and ongoing due diligence of certain of the Fund’s key third-party service providers to identify and oversee risks from cybersecurity threats associated with the Fund’s use of such entities.
Cybersecurity Program Overview

TIAA has instituted an enterprise cybersecurity program designed to identify, assess, and mitigate cyber risks applicable to TIAA and its affiliates, which applies to the Fund and the Advisers. Cyber risk management is integrated into TIAA’s overall risk management program and involves risk assessments, implementation of security measures, and ongoing monitoring of systems and networks, including networks on which the Fund relies. TIAA relies on its internal subject matter experts and external experts, as needed, including, but not limited to, cybersecurity assessors, consultants, and auditors, to evaluate cybersecurity measures and risk management processes applicable to the Advisers, the Fund and other affiliates of TIAA.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Cyber risk management is integrated into TIAA’s overall risk management program and involves risk assessments, implementation of security measures, and ongoing monitoring of systems and networks, including networks on which the Fund relies.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Oversight of Cybersecurity Risk

The potential impact of risks from cybersecurity threats on the Fund is assessed on an ongoing basis, as well as how such risks could materially affect the Fund’s business strategy, operational results, and financial condition. Cybersecurity risk remains heightened to the financial industry, including the Fund, and a failure in or breach of our systems or infrastructure, or those of a material third party or service provider, could cause disruption and adversely impact the Fund’s operations. TIAA and the Advisers continue to invest in the cybersecurity program to protect against emerging threats, including threats against third parties and service providers. The Fund has not experienced any material cybersecurity incident, and the Fund is not aware of any cybersecurity risks that are reasonably likely to materially affect its business.

TIAA’s management team periodically reports to the Fund’s management on cybersecurity matters, primarily through presentations. Such reporting will include updates on TIAA’s cybersecurity program as it relates to the Fund, the external cybersecurity threat environment, and TIAA’s programs to address and mitigate the risks associated with the evolving cybersecurity threat environment. These reports also include updates on TIAA’s preparedness, prevention, detection, responsiveness and recovery with respect to cybersecurity incidents.

The Board has the primary responsibility for overseeing and reviewing the guidelines and policies with respect to risk assessment and risk management, including cybersecurity. The Board receives periodic updates from the Fund’s management regarding TIAA’s cybersecurity program, information on current threat landscape and risks from cybersecurity threats and cybersecurity incidents impacting the Fund.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
The Board has the primary responsibility for overseeing and reviewing the guidelines and policies with respect to risk assessment and risk management, including cybersecurity. The Board receives periodic updates from the Fund’s management regarding TIAA’s cybersecurity program, information on current threat landscape and risks from cybersecurity threats and cybersecurity incidents impacting the Fund.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]
TIAA’s management team periodically reports to the Fund’s management on cybersecurity matters, primarily through presentations. Such reporting will include updates on TIAA’s cybersecurity program as it relates to the Fund, the external cybersecurity threat environment, and TIAA’s programs to address and mitigate the risks associated with the evolving cybersecurity threat environment. These reports also include updates on TIAA’s preparedness, prevention, detection, responsiveness and recovery with respect to cybersecurity incidents.
Cybersecurity Risk Role of Management [Text Block]
TIAA actively monitors the current cyber threat landscape in an effort to identify material risks arising from new and evolving cybersecurity threats, including material risks faced by the Fund and the Advisers in connection with their day-to-day operations. TIAA’s cybersecurity leadership team are responsible for maintaining and overseeing the overall state of TIAA’s cybersecurity program, information on the current threat landscape, and risks from cybersecurity threats and cybersecurity incidents impacting TIAA and its affiliates, including the Fund, the Advisers and their respective third-party service providers.

TIAA’s cybersecurity team, including its Chief Information Security Officer, is responsible for assessing and managing material risks from cybersecurity threats to the TIAA organization, including the Fund and the Advisers. TIAA’s Chief Information Security Officer and cybersecurity leaders have significant expertise in in this area, including in IT and cybersecurity engineering, and have cybersecurity leadership experience in other major financial institutions.

Management of the Fund is informed about and monitors the prevention, detection, mitigation, and remediation of cybersecurity incidents impacting the Fund, including through the receipt of notifications from third party service providers and reliance on communications with cybersecurity, risk management, legal, IT, and/or compliance personnel of TIAA.

Oversight of Cybersecurity Risk

The potential impact of risks from cybersecurity threats on the Fund is assessed on an ongoing basis, as well as how such risks could materially affect the Fund’s business strategy, operational results, and financial condition. Cybersecurity risk remains heightened to the financial industry, including the Fund, and a failure in or breach of our systems or infrastructure, or those of a material third party or service provider, could cause disruption and adversely impact the Fund’s operations. TIAA and the Advisers continue to invest in the cybersecurity program to protect against emerging threats, including threats against third parties and service providers. The Fund has not experienced any material cybersecurity incident, and the Fund is not aware of any cybersecurity risks that are reasonably likely to materially affect its business.

TIAA’s management team periodically reports to the Fund’s management on cybersecurity matters, primarily through presentations. Such reporting will include updates on TIAA’s cybersecurity program as it relates to the Fund, the external cybersecurity threat environment, and TIAA’s programs to address and mitigate the risks associated with the evolving cybersecurity threat environment. These reports also include updates on TIAA’s preparedness, prevention, detection, responsiveness and recovery with respect to cybersecurity incidents.

The Board has the primary responsibility for overseeing and reviewing the guidelines and policies with respect to risk assessment and risk management, including cybersecurity. The Board receives periodic updates from the Fund’s management regarding TIAA’s cybersecurity program, information on current threat landscape and risks from cybersecurity threats and cybersecurity incidents impacting the Fund.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] TIAA’s cybersecurity team, including its Chief Information Security Officer, is responsible for assessing and managing material risks from cybersecurity threats to the TIAA organization, including the Fund and the Advisers.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] TIAA’s Chief Information Security Officer and cybersecurity leaders have significant expertise in in this area, including in IT and cybersecurity engineering, and have cybersecurity leadership experience in other major financial institutions.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The Board has the primary responsibility for overseeing and reviewing the guidelines and policies with respect to risk assessment and risk management, including cybersecurity.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true