Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Governance – Roles of our Board of Directors and Management Our Board has delegated both the Audit Committee and Technology & Operations Committee with responsibility for monitoring and oversight of the information technology and cybersecurity components of our risk assessment and risk management programs. The independent directors comprising our Audit Committee and our Technology & Operations Committee: •regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents; •oversee technology and operations processes that relate to or affect our internal control systems, information security, data protection and privacy, fraud and cybersecurity risks; and, •assist management in developing our risk management methodologies and the steps taken to identify, monitor and control such exposures. Our Chief Information Officer ("CIO") and our Chief Information Security Officer ("CISO") are responsible for our company’s overall information security activities and cyber risk programs. Our CISO reports to the CIO and leads our cyber and data-related incident response activities. Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field. We have a cross-functional approach to addressing cybersecurity risk, with our information technology, legal, and internal audit functions regularly presenting to the Audit Committee and Technology & Operations Committee on key cybersecurity topics. Our CISO, together with our CIO and other members of the senior leadership in our information technology organization, also provide the Audit Committee and Technology & Operations Committee with these updates on at least a quarterly basis, and more often as needed. These reports include topics such as analyses of recent cybersecurity threats and incidents across the industry, as well as a review of our own security controls, assessments and program maturity, and risk mitigation status. Cybersecurity Risk Management & Strategy We have strategically integrated cybersecurity risk management into our broader enterprise risk management program to ensure cybersecurity risks are identified, evaluated and addressed alongside our operational objectives. Overall, we seek to address cybersecurity risks through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, integrity and availability of our data and information by identifying, preventing and mitigating cybersecurity threats and being prepared to effectively respond to cybersecurity incidents when they occur. As a global company, we are also committed to respecting individual privacy and complying with applicable data privacy laws throughout the world, such as the European Union’s General Data Protection Regulation ("GDPR"), U.K. Data Protection Act and the California Consumer Privacy Act ("CCPA"). Our cybersecurity policies, standards, processes, and practices are designed to align with the National Institute of Standards and Technology ("NIST") Cybersecurity Framework. We have achieved ISO 27001 certification. Our cybersecurity program also includes a detailed control catalog that maps to several other frameworks, providing a broad approach to managing cyber risks. However, we use NIST and other cybersecurity frameworks solely as a guide to help us identify, assess and manage cybersecurity risks relevant to our business. We conduct internal vulnerability scans, penetration tests, and breach simulation exercises, reinforcing our controls and our readiness to respond to potential threats. Recognizing the complexity and evolving nature of cybersecurity threats, we regularly engage with a range of external experts, including cybersecurity consultants, auditors and advisers, in evaluating and testing our risk management systems. Our collaboration with these third parties includes cybersecurity audits and testing, threat assessments and tabletop exercises, along with regular consultation on security enhancements. We have implemented processes designed to mitigate risks related to data breaches or other security incidents originating from third parties. With our vendors, we conduct security assessments of key third-party providers before engagement and maintain ongoing monitoring to ensure their compliance with our cybersecurity standards. Through our cybersecurity training program, employees and contractors are provided with cybersecurity training upon hire and thereafter on an annual basis. In addition, training and awareness campaigns continue throughout the year, where we employ various methods such as conducting mock phishing tests, live training sessions and informational articles.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We have strategically integrated cybersecurity risk management into our broader enterprise risk management program to ensure cybersecurity risks are identified, evaluated and addressed alongside our operational objectives. Overall, we seek to address cybersecurity risks through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, integrity and availability of our data and information by identifying, preventing and mitigating cybersecurity threats and being prepared to effectively respond to cybersecurity incidents when they occur. As a global company, we are also committed to respecting individual privacy and complying with applicable data privacy laws throughout the world, such as the European Union’s General Data Protection Regulation ("GDPR"), U.K. Data Protection Act and the California Consumer Privacy Act ("CCPA").
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance – Roles of our Board of Directors and Management Our Board has delegated both the Audit Committee and Technology & Operations Committee with responsibility for monitoring and oversight of the information technology and cybersecurity components of our risk assessment and risk management programs. The independent directors comprising our Audit Committee and our Technology & Operations Committee: •regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents; •oversee technology and operations processes that relate to or affect our internal control systems, information security, data protection and privacy, fraud and cybersecurity risks; and, •assist management in developing our risk management methodologies and the steps taken to identify, monitor and control such exposures. Our Chief Information Officer ("CIO") and our Chief Information Security Officer ("CISO") are responsible for our company’s overall information security activities and cyber risk programs. Our CISO reports to the CIO and leads our cyber and data-related incident response activities. Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field. We have a cross-functional approach to addressing cybersecurity risk, with our information technology, legal, and internal audit functions regularly presenting to the Audit Committee and Technology & Operations Committee on key cybersecurity topics. Our CISO, together with our CIO and other members of the senior leadership in our information technology organization, also provide the Audit Committee and Technology & Operations Committee with these updates on at least a quarterly basis, and more often as needed. These reports include topics such as analyses of recent cybersecurity threats and incidents across the industry, as well as a review of our own security controls, assessments and program maturity, and risk mitigation status.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our Board has delegated both the Audit Committee and Technology & Operations Committee with responsibility for monitoring and oversight of the information technology and cybersecurity components of our risk assessment and risk management programs.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents;
Cybersecurity Risk Role of Management [Text Block]	Our CISO reports to the CIO and leads our cyber and data-related incident response activities.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our Chief Information Officer ("CIO") and our Chief Information Security Officer ("CISO") are responsible for our company’s overall information security activities and cyber risk programs.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	We have a cross-functional approach to addressing cybersecurity risk, with our information technology, legal, and internal audit functions regularly presenting to the Audit Committee and Technology & Operations Committee on key cybersecurity topics.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Governance – Roles of our Board of Directors and Management

Our Board has delegated both the Audit Committee and Technology & Operations Committee with responsibility for monitoring and oversight of the information technology and cybersecurity components of our risk assessment and risk management programs. The independent directors comprising our Audit Committee and our Technology & Operations Committee:

•regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents;

•oversee technology and operations processes that relate to or affect our internal control systems, information security, data protection and privacy, fraud and cybersecurity risks; and,

•assist management in developing our risk management methodologies and the steps taken to identify, monitor and control such exposures.

Our Chief Information Officer ("CIO") and our Chief Information Security Officer ("CISO") are responsible for our company’s overall information security activities and cyber risk programs. Our CISO reports to the CIO and leads our cyber and data-related incident response activities. Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field.

We have a cross-functional approach to addressing cybersecurity risk, with our information technology, legal, and internal audit functions regularly presenting to the Audit Committee and Technology & Operations Committee on key

cybersecurity topics. Our CISO, together with our CIO and other members of the senior leadership in our information technology organization, also provide the Audit Committee and Technology & Operations Committee with these updates on at least a quarterly basis, and more often as needed. These reports include topics such as analyses of recent cybersecurity threats and incidents across the industry, as well as a review of our own security controls, assessments and program maturity, and risk mitigation status.

Cybersecurity Risk Management & Strategy

We have strategically integrated cybersecurity risk management into our broader enterprise risk management program to ensure cybersecurity risks are identified, evaluated and addressed alongside our operational objectives. Overall, we seek to address cybersecurity risks through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, integrity and availability of our data and information by identifying, preventing and mitigating cybersecurity threats and being prepared to effectively respond to cybersecurity incidents when they occur. As a global company, we are also committed to respecting individual privacy and complying with applicable data privacy laws throughout the world, such as the European Union’s General Data Protection Regulation ("GDPR"), U.K. Data Protection Act and the California Consumer Privacy Act ("CCPA").

Our cybersecurity policies, standards, processes, and practices are designed to align with the National Institute of Standards and Technology ("NIST") Cybersecurity Framework. We have achieved ISO 27001 certification. Our cybersecurity program also includes a detailed control catalog that maps to several other frameworks, providing a broad approach to managing cyber risks. However, we use NIST and other cybersecurity frameworks solely as a guide to help us identify, assess and manage cybersecurity risks relevant to our business.

We conduct internal vulnerability scans, penetration tests, and breach simulation exercises, reinforcing our controls and our readiness to respond to potential threats. Recognizing the complexity and evolving nature of cybersecurity threats, we regularly engage with a range of external experts, including cybersecurity consultants, auditors and advisers, in evaluating and testing our risk management systems. Our collaboration with these third parties includes cybersecurity audits and testing, threat assessments and tabletop exercises, along with regular consultation on security enhancements.

We have implemented processes designed to mitigate risks related to data breaches or other security incidents originating from third parties. With our vendors, we conduct security assessments of key third-party providers before engagement and maintain ongoing monitoring to ensure their compliance with our cybersecurity standards.

Through our cybersecurity training program, employees and contractors are provided with cybersecurity training upon hire and thereafter on an annual basis. In addition, training and awareness campaigns continue throughout the year, where we employ various methods such as conducting mock phishing tests, live training sessions and informational articles.

Cybersecurity Risk Management Processes Integrated [Text Block]

We have strategically integrated cybersecurity risk management into our broader enterprise risk management program to ensure cybersecurity risks are identified, evaluated and addressed alongside our operational objectives. Overall, we seek to address cybersecurity risks through a comprehensive, cross-functional approach that is focused on preserving the confidentiality, integrity and availability of our data and information by identifying, preventing and mitigating cybersecurity threats and being prepared to effectively respond to cybersecurity incidents when they occur. As a global company, we are also committed to respecting individual privacy and complying with applicable data privacy laws throughout the world, such as the European Union’s General Data Protection Regulation ("GDPR"), U.K. Data Protection Act and the California Consumer Privacy Act ("CCPA").

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance – Roles of our Board of Directors and Management

Our Board has delegated both the Audit Committee and Technology & Operations Committee with responsibility for monitoring and oversight of the information technology and cybersecurity components of our risk assessment and risk management programs. The independent directors comprising our Audit Committee and our Technology & Operations Committee:

•regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents;

•oversee technology and operations processes that relate to or affect our internal control systems, information security, data protection and privacy, fraud and cybersecurity risks; and,

•assist management in developing our risk management methodologies and the steps taken to identify, monitor and control such exposures.

Our Chief Information Officer ("CIO") and our Chief Information Security Officer ("CISO") are responsible for our company’s overall information security activities and cyber risk programs. Our CISO reports to the CIO and leads our cyber and data-related incident response activities. Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field.

We have a cross-functional approach to addressing cybersecurity risk, with our information technology, legal, and internal audit functions regularly presenting to the Audit Committee and Technology & Operations Committee on key

cybersecurity topics. Our CISO, together with our CIO and other members of the senior leadership in our information technology organization, also provide the Audit Committee and Technology & Operations Committee with these updates on at least a quarterly basis, and more often as needed. These reports include topics such as analyses of recent cybersecurity threats and incidents across the industry, as well as a review of our own security controls, assessments and program maturity, and risk mitigation status.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

regularly review our cybersecurity and related information technology risks, controls and procedures, including data protection and privacy and our plans to mitigate cybersecurity risks and to respond to cybersecurity incidents;

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our current CIO and CISO have more than 40 years of combined experience in the digital and information technology field.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true