Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Cybersecurity Risk Management and Strategy Cybersecurity is an important aspect of Colony’s business operations and the execution of our strategic plans, including growth initiatives. We maintain a comprehensive cyber risk management program aimed at identifying, assessing, mitigating, managing, and responding to cybersecurity threats. This program is incorporated into our enterprise risk management framework, covering both our internal information technology systems and customer-facing products and services. Colony has implemented a formal risk management process to address cyber-related risks, encompassing identification, assessment, monitoring, consultation, communication, and review of cyber-related risks which is designed in accordance with regulatory guidance, industry standards and best practices for cybersecurity and information technology. Annually, our information security standards undergo external audits against applicable System and Organizational Controls (SOC). Our program undergoes periodic evaluations utilizing the Federal Financial Institutions Examination Council's (FFIEC) Cybersecurity Assessment Tool to gauge our cybersecurity readiness, ensure alignment with associated risks, identify potential areas for improvement or enhancement in our risk management practices and controls, and guide our risk management strategies.. Our information security program incorporates a diverse range of technologies aimed at safeguarding our operations and proprietary information. We have an established Business Continuity/Disaster Recovery program that undergoes regular updates and testing to ensure the protection of our networks, data, systems, and facilities against attacks or unauthorized access. Furthermore, we maintain an Incident Response program outlining Colony's protocols, procedures, and roles for addressing cybersecurity incidents. This program undergoes regular testing via tabletop exercises, which often yield valuable insights and lead to subsequent enhancements in our Incident Response protocols. We believe Colony’s employees play a vital role in the Company’s cybersecurity defenses. Employees at all levels and in all lines of business and support functions participate in training programs on cybersecurity and social engineering to mitigate risk. Exercises to test the effectiveness of Colony's training program are conducted on a regular basis. Third-party cyber advisors play an important role in Colony's cybersecurity framework, and we have established partnerships with leading cybersecurity entities and organizations to harness external technology and expertise as needed. We regularly enlist third-parties to conduct periodic reviews and assessments of our information security program, as well as annual penetration tests on our network. Additionally, we maintain cyber coverage through our insurance carrier to mitigate risks associated with cybersecurity incidents, subject to customary terms and exclusions. Additionally, we exercise cybersecurity due diligence and oversight over critical third-party relationships and vendors ensuring that those with access to personal, confidential, or proprietary information adhere to cybersecurity practices consistent with applicable legal standards and industry best practices Colony remains committed to investing in the development and improvement of our security processes and controls, as well as maintaining our technology infrastructure. These processes include a comprehensive plan for notifying, informing, consulting, analyzing, and communicating any risks or incidents to a range of internal stakeholders, including executive management and the Board, as well as external stakeholders such as regulators, affected individuals, and the investment community, as deemed necessary and appropriate based on the circumstances. Colony’s business relies on the availability, security, reliability, and confidentiality of our information systems, networks, and data. Any disruption or compromise of these systems or data due to a cybersecurity incident or threat could materially impact our business strategy, financial condition, or results of operation. While the Company has encountered, and will continue to encounter, cyber incidents in the normal course of business, to date, the Company has not experienced a cybersecurity incident that has materially impacted our business strategy, financial condition, or results of operation. Despite our ongoing efforts to continually strengthen our cybersecurity program, there can be no assurance that our cybersecurity risk management processes and measures described will be fully implemented, complied with, or effective in safeguarding our systems and information. We face risks from certain cybersecurity threats that, if realized, could reasonably be expected to materially affect our business strategy, financial condition, or results of operation. See “Part I - Item 1A. Risk Factors – Risks Related to our Business” of this Report.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity is an important aspect of Colony’s business operations and the execution of our strategic plans, including growth initiatives. We maintain a comprehensive cyber risk management program aimed at identifying, assessing, mitigating, managing, and responding to cybersecurity threats. This program is incorporated into our enterprise risk management framework, covering both our internal information technology systems and customer-facing products and services.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board is actively engaged in the oversight of Colony’s information security risk management and cybersecurity programs and has delegated primary oversight of cybersecurity to its Technology and Risk Management Committees
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board is actively engaged in the oversight of Colony’s information security risk management and cybersecurity programs and has delegated primary oversight of cybersecurity to its Technology and Risk Management Committees.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Technology Committee receives quarterly and as needed updates from the Company’s ISO on the Company’s information security and cyber risk strategy, cyber defense initiatives, cyber event preparedness, and cybersecurity risk assessments. As a part of these quarterly updates, the ISO updates the Technology Committee on the development of any new or emerging cyber risks or threats and the appropriate mitigation actions. The Technology Committee routinely provides a report of their activities to the full Board.
Cybersecurity Risk Role of Management [Text Block]	Colony’s Information Security Officer ("ISO"), reports to Colony’s Chief Risk Officer. Our ISO has eleven years of information security experience specific to the financial services industry which includes cybersecurity risk management. The ISO holds relevant certifications and completes annual training. The ISO is responsible for assessing and managing Colony’s cyber risk management program and strategy, informing executive management regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents, and supervising such enterprise-wide efforts. Our Board is actively engaged in the oversight of Colony’s information security risk management and cybersecurity programs and has delegated primary oversight of cybersecurity to its Technology and Risk Management Committees. The Technology Committee receives quarterly and as needed updates from the Company’s ISO on the Company’s information security and cyber risk strategy, cyber defense initiatives, cyber event preparedness, and cybersecurity risk assessments. As a part of these quarterly updates, the ISO updates the Technology Committee on the development of any new or emerging cyber risks or threats and the appropriate mitigation actions. The Technology Committee routinely provides a report of their activities to the full Board.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Colony’s Information Security Officer ("ISO"), reports to Colony’s Chief Risk Officer. Our ISO has eleven years of information security experience specific to the financial services industry which includes cybersecurity risk management. The ISO holds relevant certifications and completes annual training. The ISO is responsible for assessing and managing Colony’s cyber risk management program and strategy, informing executive management regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents, and supervising such enterprise-wide efforts.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our ISO has eleven years of information security experience specific to the financial services industry which includes cybersecurity risk management. The ISO holds relevant certifications and completes annual training.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Technology Committee receives quarterly and as needed updates from the Company’s ISO on the Company’s information security and cyber risk strategy, cyber defense initiatives, cyber event preparedness, and cybersecurity risk assessments. As a part of these quarterly updates, the ISO updates the Technology Committee on the development of any new or emerging cyber risks or threats and the appropriate mitigation actions.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Cybersecurity Risk Management and Strategy

Cybersecurity is an important aspect of Colony’s business operations and the execution of our strategic plans, including growth initiatives. We maintain a comprehensive cyber risk management program aimed at identifying, assessing, mitigating, managing, and responding to cybersecurity threats. This program is incorporated into our enterprise risk management framework, covering both our internal information technology systems and customer-facing products and services.

Colony has implemented a formal risk management process to address cyber-related risks, encompassing identification, assessment, monitoring, consultation, communication, and review of cyber-related risks which is designed in accordance with regulatory guidance, industry standards and best practices for cybersecurity and information technology. Annually, our information security standards undergo external audits against applicable System and Organizational Controls (SOC). Our program undergoes periodic evaluations utilizing the Federal Financial Institutions Examination Council's (FFIEC) Cybersecurity Assessment Tool to gauge our cybersecurity readiness, ensure alignment with associated risks, identify potential areas for improvement or enhancement in our risk management practices and controls, and guide our risk management strategies..

Our information security program incorporates a diverse range of technologies aimed at safeguarding our operations and proprietary information. We have an established Business Continuity/Disaster Recovery program that undergoes regular updates and testing to ensure the protection of our networks, data, systems, and facilities against attacks or unauthorized access. Furthermore, we maintain an Incident Response program outlining Colony's protocols, procedures, and roles for addressing cybersecurity incidents. This program undergoes regular testing via tabletop exercises, which often yield valuable insights and lead to subsequent enhancements in our Incident Response protocols.

We believe Colony’s employees play a vital role in the Company’s cybersecurity defenses. Employees at all levels and in all lines of business and support functions participate in training programs on cybersecurity and social engineering to mitigate risk. Exercises to test the effectiveness of Colony's training program are conducted on a regular basis.

Third-party cyber advisors play an important role in Colony's cybersecurity framework, and we have established partnerships with leading cybersecurity entities and organizations to harness external technology and expertise as needed. We regularly enlist third-parties to conduct periodic reviews and assessments of our information security program, as well as annual penetration tests on our network. Additionally, we maintain cyber coverage through our insurance carrier to mitigate risks associated with cybersecurity incidents, subject to customary terms and exclusions. Additionally, we exercise cybersecurity due diligence and oversight over critical third-party relationships and vendors ensuring that those with access to personal, confidential, or proprietary information adhere to cybersecurity practices consistent with applicable legal standards and industry best practices

Colony remains committed to investing in the development and improvement of our security processes and controls, as well as maintaining our technology infrastructure. These processes include a comprehensive plan for notifying, informing, consulting, analyzing, and communicating any risks or incidents to a range of internal stakeholders, including executive management and the Board, as well as external stakeholders such as regulators, affected individuals, and the investment community, as deemed necessary and appropriate based on the circumstances.

Colony’s business relies on the availability, security, reliability, and confidentiality of our information systems, networks, and data. Any disruption or compromise of these systems or data due to a cybersecurity incident or threat could materially impact our business strategy, financial condition, or results of operation. While the Company has encountered, and will continue to encounter, cyber incidents in the normal course of business, to date, the Company has not experienced a cybersecurity incident that has materially impacted our business strategy, financial condition, or results of operation. Despite our ongoing efforts to continually strengthen our cybersecurity program, there can be no assurance that our cybersecurity risk management processes and measures described will be fully implemented, complied with, or effective in safeguarding our systems and information. We face risks from certain cybersecurity threats that, if realized, could reasonably be expected to materially affect our business

strategy, financial condition, or results of operation. See “Part I - Item 1A. Risk Factors – Risks Related to our Business” of this Report.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Technology Committee receives quarterly and as needed updates from the Company’s ISO on the Company’s information security and cyber risk strategy, cyber defense initiatives, cyber event preparedness, and cybersecurity risk assessments. As a part of these quarterly updates, the ISO updates the Technology Committee on the development of any new or emerging cyber risks or threats and the appropriate mitigation actions. The Technology Committee routinely provides a report of their activities to the full Board.

Cybersecurity Risk Role of Management [Text Block]

Colony’s Information Security Officer ("ISO"), reports to Colony’s Chief Risk Officer. Our ISO has eleven years of information security experience specific to the financial services industry which includes cybersecurity risk management. The ISO holds relevant certifications and completes annual training. The ISO is responsible for assessing and managing Colony’s cyber risk management program and strategy, informing executive management regarding the prevention, detection, mitigation, and remediation of cybersecurity incidents, and supervising such enterprise-wide efforts.

Our Board is actively engaged in the oversight of Colony’s information security risk management and cybersecurity programs and has delegated primary oversight of cybersecurity to its Technology and Risk Management Committees. The Technology Committee receives quarterly and as needed updates from the Company’s ISO on the Company’s information security and cyber risk strategy, cyber defense initiatives, cyber event preparedness, and cybersecurity risk assessments. As a part of these quarterly updates, the ISO updates the Technology Committee on the development of any new or emerging cyber risks or threats and the appropriate mitigation actions. The Technology Committee routinely provides a report of their activities to the full Board.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our ISO has eleven years of information security experience specific to the financial services industry which includes cybersecurity risk management. The ISO holds relevant certifications and completes annual training.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true