Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We maintain a documented Information Security Program (the Program) that is informed by industry standards, frameworks and best practices and is designed to protect the confidentiality, integrity, and availability of our information assets and systems that store, process or transmit information. Our Chief Information Security Officer (CISO) oversees and directs the Program, including implementing adjustments in response to changes in technology, internal and external threats, business processes, and regulatory or statutory requirements and communicates our information security risk posture to senior management and the Board of Directors (the Board). The Program includes the following key elements: •Network, Systems and Data Security – Technical and organizational safeguards that are designed to protect our networks, systems, and data from cybersecurity threats, including firewalls, intrusion prevention and detection systems, anti-malware functionality, and access controls. •Threat and Vulnerability Management – A threat and vulnerability management program that leverages continuous threat intelligence to seek to proactively identify, assess, and mitigate evolving cybersecurity risks. This program incorporates vulnerability scanning, remediation management, bug bounty, penetration testing, and threat response capabilities, all designed to safeguard our information assets and ensure business continuity. •Cybersecurity Incident Monitoring and Response – Incident response plans that address our response to a cybersecurity incident, utilizing a cross-functional approach. •Third-Party Assessment and Oversight – A third-party risk management program designed to identify and manage cybersecurity risks from third-party service providers, including initial due diligence as well as initial and periodic re-assessments of the service provider’s control environment. •Security Training and Awareness – Annual cybersecurity and awareness training for employees and contractors. The Program is evaluated on an ongoing basis, both internally and through third-party audit firms, to address and protect against the evolving cyber threat landscape. The Program seeks to align to industry standards such as the National Institute of Standards and Technology Cybersecurity Framework, as well as applicable legal and regulatory guidance and mandates applicable to all of our stakeholders, including investors, customers, and employees. Control adequacy and design are reviewed at least annually. Independent audits and penetration tests assist in identifying areas for continued focus, improvement and/or inclusion, and are designed to provide assurance that controls are appropriately designed and operating effectively. Additionally, our Internal Audit group performs independent testing of our control environment, including key components of the Program. We also operate a bug bounty program through a crowdsourced security platform to incentivize responsible disclosure of software defects. These independent evaluations help uncover potential security vulnerabilities for remediation by our cybersecurity team.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We maintain a documented Information Security Program (the Program) that is informed by industry standards, frameworks and best practices and is designed to protect the confidentiality, integrity, and availability of our information assets and systems that store, process or transmit information. Our Chief Information Security Officer (CISO) oversees and directs the Program, including implementing adjustments in response to changes in technology, internal and external threats, business processes, and regulatory or statutory requirements and communicates our information security risk posture to senior management and the Board of Directors (the Board).
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board oversees the Program and the management of risks from cybersecurity threats. The Board reviews and monitors our business and technology strategy, including the policies, processes, and practices that management implements to address risks from cybersecurity threats. The Board believes that all directors are responsible for oversight of these matters given the increasing importance of cybersecurity to our risk profile, as well as the significant role our technology strategy plays in our strategic priorities. The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Group Risk Committee (GRC): The GRC is a committee comprised of senior management and is responsible for assessing significant risk issues on a global basis to protect our financial strength, optimize our intrinsic value, and protect our reputation. The risks considered by the GRC include those relating to cybersecurity. Technology Risk and Controls Committee (TRCC): The TRCC is used as a platform to assess risk and controls components across the information technology (IT) landscape including cybersecurity. It manages the risk assessment process, escalation, and implementation of risk acceptance thresholds with the help of the GRC. In addition, there are regional and country risk and IT risk committees, including in Asia Pacific, Europe, the Middle East and Africa, the United Kingdom, Latin America and the Caribbean. These committees engage with relevant IT leaders and functional leaders within Enterprise Risk Management, Legal, Compliance, and Internal Audit. Reporting and Governance The Board and regional and country leadership boards may receive periodic presentations and reports on cybersecurity risks. We have an established issue escalation protocol for technology incidents, including cyber related incidents. In the event of a material cybersecurity incident, the Board will receive prompt information and ongoing updates about the incident. Our technology incidents and risks are tracked and rated. Items that are rated as "critical" are discussed in the TRCC, and escalated to the GRC as appropriate. At least once each year, the Board discusses our approach to cybersecurity risk management with the CISO. The CISO and regional/country information security officers regularly present to the Company’s regional and country leadership boards on material cyber risks and our information security posture and strategy. The CISO works collaboratively with business and functional colleagues to implement a program designed to protect our information systems from cybersecurity threats and promptly respond to potential cybersecurity incidents. Multidisciplinary teams are deployed to respond to cybersecurity incidents in accordance with our incident response plans. Through ongoing communication with these teams, the CISO monitors the prevention, detection, mitigation and remediation of cybersecurity incidents in real time, and reports such incidents to senior management, who escalate to the Board as appropriate.
Cybersecurity Risk Role of Management [Text Block]	Group Risk Committee (GRC): The GRC is a committee comprised of senior management and is responsible for assessing significant risk issues on a global basis to protect our financial strength, optimize our intrinsic value, and protect our reputation. The risks considered by the GRC include those relating to cybersecurity. Technology Risk and Controls Committee (TRCC): The TRCC is used as a platform to assess risk and controls components across the information technology (IT) landscape including cybersecurity. It manages the risk assessment process, escalation, and implementation of risk acceptance thresholds with the help of the GRC. In addition, there are regional and country risk and IT risk committees, including in Asia Pacific, Europe, the Middle East and Africa, the United Kingdom, Latin America and the Caribbean. These committees engage with relevant IT leaders and functional leaders within Enterprise Risk Management, Legal, Compliance, and Internal Audit. Reporting and Governance The Board and regional and country leadership boards may receive periodic presentations and reports on cybersecurity risks. We have an established issue escalation protocol for technology incidents, including cyber related incidents. In the event of a material cybersecurity incident, the Board will receive prompt information and ongoing updates about the incident. Our technology incidents and risks are tracked and rated. Items that are rated as "critical" are discussed in the TRCC, and escalated to the GRC as appropriate. At least once each year, the Board discusses our approach to cybersecurity risk management with the CISO. The CISO and regional/country information security officers regularly present to the Company’s regional and country leadership boards on material cyber risks and our information security posture and strategy. The CISO works collaboratively with business and functional colleagues to implement a program designed to protect our information systems from cybersecurity threats and promptly respond to potential cybersecurity incidents. Multidisciplinary teams are deployed to respond to cybersecurity incidents in accordance with our incident response plans. Through ongoing communication with these teams, the CISO monitors the prevention, detection, mitigation and remediation of cybersecurity incidents in real time, and reports such incidents to senior management, who escalate to the Board as appropriate. The CISO reports to the CIO and is principally responsible for overseeing the Program, in partnership with other business leaders across the Company including regional information security and technology officers. Our cybersecurity personnel maintain current knowledge through specific training programs, professional certifications, and participation in industry groups (e.g., Financial Services Sector Coordinating Council, Financial Services Information Sharing and Analysis Center, Analysis and Resilience Center, Securities Industry and Financial Markets Association, Cybersecurity and Infrastructure Security Agency, etc.). Our CISO has extensive cybersecurity experience, maintains multiple professional certifications and has served in various roles in information technology and information security for over 25 years.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CISO reports to the CIO and is principally responsible for overseeing the Program, in partnership with other business leaders across the Company including regional information security and technology officers. Our cybersecurity personnel maintain current knowledge through specific training programs, professional certifications, and participation in industry groups (e.g., Financial Services Sector Coordinating Council, Financial Services Information Sharing and Analysis Center, Analysis and Resilience Center, Securities Industry and Financial Markets Association, Cybersecurity and Infrastructure Security Agency, etc.). Our CISO has extensive cybersecurity experience, maintains multiple professional certifications and has served in various roles in information technology and information security for over 25 years.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Board and regional and country leadership boards may receive periodic presentations and reports on cybersecurity risks. We have an established issue escalation protocol for technology incidents, including cyber related incidents. In the event of a material cybersecurity incident, the Board will receive prompt information and ongoing updates about the incident. Our technology incidents and risks are tracked and rated. Items that are rated as "critical" are discussed in the TRCC, and escalated to the GRC as appropriate. At least once each year, the Board discusses our approach to cybersecurity risk management with the CISO. The CISO and regional/country information security officers regularly present to the Company’s regional and country leadership boards on material cyber risks and our information security posture and strategy. The CISO works collaboratively with business and functional colleagues to implement a program designed to protect our information systems from cybersecurity threats and promptly respond to potential cybersecurity incidents. Multidisciplinary teams are deployed to respond to cybersecurity incidents in accordance with our incident response plans. Through ongoing communication with these teams, the CISO monitors the prevention, detection, mitigation and remediation of cybersecurity incidents in real time, and reports such incidents to senior management, who escalate to the Board as appropriate.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We maintain a documented Information Security Program (the Program) that is informed by industry standards, frameworks and best practices and is designed to protect the confidentiality, integrity, and availability of our information assets and systems that store, process or transmit information.

Our Chief Information Security Officer (CISO) oversees and directs the Program, including implementing adjustments in response to changes in technology, internal and external threats, business processes, and regulatory or statutory requirements and communicates our information security risk posture to senior management and the Board of Directors (the Board).

The Program includes the following key elements:

•Network, Systems and Data Security – Technical and organizational safeguards that are designed to protect our networks, systems, and data from cybersecurity threats, including firewalls, intrusion prevention and detection systems, anti-malware functionality, and access controls.

•Threat and Vulnerability Management – A threat and vulnerability management program that leverages continuous threat intelligence to seek to proactively identify, assess, and mitigate evolving cybersecurity risks. This program incorporates vulnerability scanning, remediation management, bug bounty, penetration testing, and threat response capabilities, all designed to safeguard our information assets and ensure business continuity.

•Cybersecurity Incident Monitoring and Response – Incident response plans that address our response to a cybersecurity incident, utilizing a cross-functional approach.

•Third-Party Assessment and Oversight – A third-party risk management program designed to identify and manage cybersecurity risks from third-party service providers, including initial due diligence as well as initial and periodic re-assessments of the service provider’s control environment.

•Security Training and Awareness – Annual cybersecurity and awareness training for employees and contractors.

The Program is evaluated on an ongoing basis, both internally and through third-party audit firms, to address and protect against the evolving cyber threat landscape. The Program seeks to align to industry standards such as the National Institute of Standards and Technology Cybersecurity Framework, as well as applicable legal and regulatory guidance and mandates applicable to all of our stakeholders, including investors, customers, and employees. Control adequacy and design are reviewed at least annually. Independent audits and penetration tests assist in identifying areas for continued focus, improvement and/or inclusion, and are designed to provide assurance that controls are appropriately designed and operating effectively. Additionally, our Internal Audit group performs independent testing of our control environment, including key components of the Program. We also operate a bug bounty program through a crowdsourced security platform to incentivize responsible disclosure of software defects. These independent evaluations help uncover potential security vulnerabilities for remediation by our cybersecurity team.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Our Board oversees the Program and the management of risks from cybersecurity threats. The Board reviews and monitors our business and technology strategy, including the policies, processes, and practices that management implements to address risks from cybersecurity threats. The Board believes that all directors are responsible for oversight of these matters given the increasing importance of cybersecurity to our risk profile, as well as the significant role our technology strategy plays in our strategic priorities. The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

Group Risk Committee (GRC): The GRC is a committee comprised of senior management and is responsible for assessing significant risk issues on a global basis to protect our financial strength, optimize our intrinsic value, and protect our reputation. The risks considered by the GRC include those relating to cybersecurity.

Technology Risk and Controls Committee (TRCC): The TRCC is used as a platform to assess risk and controls components across the information technology (IT) landscape including cybersecurity. It manages the risk assessment process, escalation, and implementation of risk acceptance thresholds with the help of the GRC.

In addition, there are regional and country risk and IT risk committees, including in Asia Pacific, Europe, the Middle East and Africa, the United Kingdom, Latin America and the Caribbean. These committees engage with relevant IT leaders and functional leaders within Enterprise Risk Management, Legal, Compliance, and Internal Audit.

Reporting and Governance

The Board and regional and country leadership boards may receive periodic presentations and reports on cybersecurity risks. We have an established issue escalation protocol for technology incidents, including cyber related incidents. In the event of a material cybersecurity incident, the Board will receive prompt information and ongoing updates about the incident. Our technology incidents and risks are tracked and rated. Items that are rated as "critical" are discussed in the TRCC, and escalated to the GRC as appropriate. At least once each year, the Board discusses our approach to cybersecurity risk management with the CISO. The CISO and regional/country information security officers regularly present to the Company’s regional and country leadership boards on material cyber risks and our information security posture and strategy.

The CISO works collaboratively with business and functional colleagues to implement a program designed to protect our information systems from cybersecurity threats and promptly respond to potential cybersecurity incidents. Multidisciplinary teams are deployed to respond to cybersecurity incidents in accordance with our incident response plans. Through ongoing communication with these teams, the CISO monitors the prevention, detection, mitigation and remediation of cybersecurity incidents in real time, and reports such incidents to senior management, who escalate to the Board as appropriate.

Cybersecurity Risk Role of Management [Text Block]

Reporting and Governance

The CISO reports to the CIO and is principally responsible for overseeing the Program, in partnership with other business leaders across the Company including regional information security and technology officers. Our cybersecurity personnel maintain current knowledge through specific training programs, professional certifications, and participation in industry groups (e.g., Financial Services Sector Coordinating Council, Financial Services Information Sharing and Analysis Center, Analysis and Resilience Center, Securities Industry and Financial Markets Association, Cybersecurity and Infrastructure Security Agency, etc.).

Our CISO has extensive cybersecurity experience, maintains multiple professional certifications and has served in various roles in information technology and information security for over 25 years.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

The Chief Information Officer (CIO), CISO, and Chief Risk Officer provide updates to the Board as appropriate.

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our CISO has extensive cybersecurity experience, maintains multiple professional certifications and has served in various roles in information technology and information security for over 25 years.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true