Cybersecurity Risk Management, Strategy and Governanc	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Management and Strategy We and our customers and suppliers have an increasing reliance on our technology systems and infrastructure. We aim to safeguard the digital infrastructure of Expeditors, enabling the highest levels of customer service while managing and minimizing risk and maintaining global compliance. The cybersecurity and risk management program within Expeditors is defined through strategy, execution, management, and oversight, with continual assessments to verify the program’s overall effectiveness. Identifying and assessing cybersecurity risks and threats is integrated into our overall enterprise risk management program. Our Enterprise Cybersecurity Committee defines the strategy, prioritizes, and sets the expectations for execution of the cybersecurity program, leveraging an industry-standard cybersecurity framework, the National Institute of Standards and Technology cybersecurity framework (NIST CSF). Our Cybersecurity and Risk Management program (CSRM) is designed around but not limited to five key pillars: (i) strategic development and continuous iteration of a risk strategy in line with our information services and business goals; (ii) engineering and architecture of cybersecurity preventative and response solutions and capabilities; (iii) governance, risk, and compliance defining policies, standards, and systems of control and measurement in line with industry best practices and regulatory requirements; (iv) cybersecurity operations designed to prepare, identify, contain, eradicate, and recover from cyber-related incidents; and (v) identity and access management defining global practices for access, authentication, and authorization to technology systems. Our Cybersecurity and Information Services (IS) department executes and measures the delivery of the cybersecurity program and incorporates the program into the governance and internal controls framework for our Company. We engage third parties such as consultants, auditors and specialists to support, evaluate, and improve the program, and utilize cybersecurity technologies and services to prevent, identify, detect, respond, and recover from cybersecurity threats and incidents. We also maintain a third party continuous monitoring security program to identify, prioritize, assess, mitigate and remediate third party risks, which is part of our overall cybersecurity risk management framework. In February 2022, we determined that our Company was the subject of a targeted cyber-attack which resulted in having to shut down most of our connectivity, operating and accounting systems globally to manage the safety of our entire global systems environment, and we initiated our cybersecurity incident response plan. We had limited ability to conduct operations for a period of approximately three weeks, including but not limited to arranging for shipments of freight or managing customs and distribution activities for our customers’ shipments. While we continue to incorporate learnings from the cyber-attack, we do not expect to have a further material adverse impact on the Company’s business from this cyber-attack. Since the cyber-attack, we have accelerated investments in our CSRM program, strengthened the security of our systems and networks and enhanced continued monitoring of the known information security environment. We also added a Chief Information Security Officer (CISO) to our IS leadership. Governance Our Board of Directors provides direct oversight of and evaluates our CSRM at least annually. The Board’s oversight is led by James Dubois, former CISO and Chief Information Officer (CIO) with the Microsoft Corporation, who communicates with cybersecurity leadership throughout the year. The Board is provided updates via our Enterprise Risk Management program quarterly, while meeting with the CISO at least annually. Our Enterprise Risk Management Committee includes a cross-functional team including the Chief Executive Officer, CIO, Chief Financial Officer and the General Counsel as members who are well versed in risk management. In addition, the Enterprise Cybersecurity Committee includes the CIO, CISO, and Vice Presidents who have the relevant risk management and cybersecurity expertise. The Cybersecurity and Information Services department is led by the CISO and includes cyber professionals who have the relevant cybersecurity expertise. The CISO reports to the CIO and has over 20 years of experience, a graduate degree and several certifications in the field of cybersecurity. Material risks are managed and monitored by persons or committees with relevant expertise and experience. The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Identifying and assessing cybersecurity risks and threats is integrated into our overall enterprise risk management program. Our Enterprise Cybersecurity Committee defines the strategy, prioritizes, and sets the expectations for execution of the cybersecurity program, leveraging an industry-standard cybersecurity framework, the National Institute of Standards and Technology cybersecurity framework (NIST CSF).
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board of Directors provides direct oversight of and evaluates our CSRM at least annually. The Board’s oversight is led by James Dubois, former CISO and Chief Information Officer (CIO) with the Microsoft Corporation, who communicates with cybersecurity leadership throughout the year. The Board is provided updates via our Enterprise Risk Management program quarterly, while meeting with the CISO at least annually.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board’s oversight is led by James Dubois, former CISO and Chief Information Officer (CIO) with the Microsoft Corporation, who communicates with cybersecurity leadership throughout the year.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board is provided updates via our Enterprise Risk Management program quarterly, while meeting with the CISO at least annually.
Cybersecurity Risk Role of Management [Text Block]	Our Enterprise Risk Management Committee includes a cross-functional team including the Chief Executive Officer, CIO, Chief Financial Officer and the General Counsel as members who are well versed in risk management. In addition, the Enterprise Cybersecurity Committee includes the CIO, CISO, and Vice Presidents who have the relevant risk management and cybersecurity expertise. The Cybersecurity and Information Services department is led by the CISO and includes cyber professionals who have the relevant cybersecurity expertise. The CISO reports to the CIO and has over 20 years of experience, a graduate degree and several certifications in the field of cybersecurity. Material risks are managed and monitored by persons or committees with relevant expertise and experience. The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our Enterprise Risk Management Committee includes a cross-functional team including the Chief Executive Officer, CIO, Chief Financial Officer and the General Counsel as members who are well versed in risk management. In addition, the Enterprise Cybersecurity Committee includes the CIO, CISO, and Vice Presidents who have the relevant risk management and cybersecurity expertise. The Cybersecurity and Information Services department is led by the CISO and includes cyber professionals who have the relevant cybersecurity expertise.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CISO reports to the CIO and has over 20 years of experience, a graduate degree and several certifications in the field of cybersecurity. Material risks are managed and monitored by persons or committees with relevant expertise and experience. The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management, Strategy and Governanc

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

We and our customers and suppliers have an increasing reliance on our technology systems and infrastructure. We aim to safeguard the digital infrastructure of Expeditors, enabling the highest levels of customer service while managing and minimizing risk and maintaining global compliance. The cybersecurity and risk management program within Expeditors is defined through strategy, execution, management, and oversight, with continual assessments to verify the program’s overall effectiveness.

Identifying and assessing cybersecurity risks and threats is integrated into our overall enterprise risk management program. Our Enterprise Cybersecurity Committee defines the strategy, prioritizes, and sets the expectations for execution of the cybersecurity program, leveraging an industry-standard cybersecurity framework, the National Institute of Standards and Technology cybersecurity framework (NIST CSF).

Our Cybersecurity and Risk Management program (CSRM) is designed around but not limited to five key pillars:

(i)

strategic development and continuous iteration of a risk strategy in line with our information services and business goals;

(ii)

engineering and architecture of cybersecurity preventative and response solutions and capabilities;

(iii)

governance, risk, and compliance defining policies, standards, and systems of control and measurement in line with industry best practices and regulatory requirements;

(iv)

cybersecurity operations designed to prepare, identify, contain, eradicate, and recover from cyber-related incidents; and

(v)

identity and access management defining global practices for access, authentication, and authorization to technology systems.

Our Cybersecurity and Information Services (IS) department executes and measures the delivery of the cybersecurity program and incorporates the program into the governance and internal controls framework for our Company. We engage third parties such as consultants, auditors and specialists to support, evaluate, and improve the program, and utilize cybersecurity technologies and services to prevent, identify, detect, respond, and recover from cybersecurity threats and incidents. We also maintain a third party continuous monitoring security program to identify, prioritize, assess, mitigate and remediate third party risks, which is part of our overall cybersecurity risk management framework.

In February 2022, we determined that our Company was the subject of a targeted cyber-attack which resulted in having to shut down most of our connectivity, operating and accounting systems globally to manage the safety of our entire global systems environment, and we initiated our cybersecurity incident response plan. We had limited ability to conduct operations for a period of approximately three weeks, including but not limited to arranging for shipments of freight or managing customs and distribution activities for our customers’ shipments. While we continue to incorporate learnings from the cyber-attack, we do not expect to have a further material adverse impact on the Company’s business from this cyber-attack. Since the cyber-attack, we have accelerated investments in our CSRM program, strengthened the security of our systems and networks and enhanced continued monitoring of the known information security environment. We also added a Chief Information Security Officer (CISO) to our IS leadership.

Governance

Our Board of Directors provides direct oversight of and evaluates our CSRM at least annually. The Board’s oversight is led by James Dubois, former CISO and Chief Information Officer (CIO) with the Microsoft Corporation, who communicates with cybersecurity leadership throughout the year. The Board is provided updates via our Enterprise Risk Management program quarterly, while meeting with the CISO at least annually.

Our Enterprise Risk Management Committee includes a cross-functional team including the Chief Executive Officer, CIO, Chief Financial Officer and the General Counsel as members who are well versed in risk management. In addition, the Enterprise Cybersecurity Committee includes the CIO, CISO, and Vice Presidents who have the relevant risk management and cybersecurity expertise. The Cybersecurity and Information Services department is led by the CISO and includes cyber professionals who have the relevant cybersecurity expertise. The CISO reports to the CIO and has over 20 years of experience, a graduate degree and several certifications in the field of cybersecurity. Material risks are managed and monitored by persons or committees with relevant expertise and experience. The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board’s oversight is led by James Dubois, former CISO and Chief Information Officer (CIO) with the Microsoft Corporation, who communicates with cybersecurity leadership throughout the year.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board is provided updates via our Enterprise Risk Management program quarterly, while meeting with the CISO at least annually.

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The CISO reports to the CIO and has over 20 years of experience, a graduate degree and several certifications in the field of cybersecurity. Material risks are managed and monitored by persons or committees with relevant expertise and experience. The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The Company maintains a Cybersecurity incident response team and a Business Continuity Plan and has a well-established incident reporting protocol to inform management, the Board of Directors or third parties.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true