XML 57 R41.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
The Bank has approved policies and implemented procedures defining roles and responsibilities for managing information security as part of the Information Security and Technological Risk Management Framework. These policies and procedures, which apply throughout the Bank, cover any access to data, resource management and information systems by the Bank’s employees, providers and suppliers, as well as any other person who deals with the Bank on a permanent or temporary basis and has some form of access to data, resource management and IT systems.
The Bank’s Information Security Team is responsible for overseeing compliance with the applicable policies and procedures by any person with access to the Bank's systems. The Bank also engages independent third-party consultants to review and assess its cybersecurity program.
The Bank's cybersecurity program was developed using a holistic approach, which covers both the technical and strategic measures. This framework is based on five fundamental pillars: Perimeter and Cloud Security, Service and Infrastructure Security, User Security, Third Party Security and Data Security. For all the pillars, the Bank has in place a group of next generation security platforms that help to maintain a strong cybersecurity level.
For the year ended December 31, 2024, Bladex has not been a victim of critical system failures, data loss or cyber-attacks.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
The Bank has approved policies and implemented procedures defining roles and responsibilities for managing information security as part of the Information Security and Technological Risk Management Framework. These policies and procedures, which apply throughout the Bank, cover any access to data, resource management and information systems by the Bank’s employees, providers and suppliers, as well as any other person who deals with the Bank on a permanent or temporary basis and has some form of access to data, resource management and IT systems.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
The Board recognizes the importance of maintaining the trust and confidence of the Bank’s shareholders, clients, and employees, and devotes significant time and attention to oversight of cybersecurity and information security risk. The Risk Policy and Assessment Committee receive regular reporting on cybersecurity and information security risk. The Board and the Risk Policy and Assessment Committee also receive annual training sessions on cybersecurity and information security topics. In 2018, the Risk Policy and Assessment Committee’s Charter was updated to expressly include its responsibility for overseeing cybersecurity and information security risks as well as the steps taken by management to understand and mitigate such risks.
The Bank has defined a methodology that allows the identification, evaluation and management of cybersecurity risks and threats. This methodology consists of two fundamental pillars: risk profile and maturity model. The assessment provides a repeatable and measurable process over time, so that senior management can be informed of the risks and measures that must be adopted to manage cybersecurity.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]
The Board recognizes the importance of maintaining the trust and confidence of the Bank’s shareholders, clients, and employees, and devotes significant time and attention to oversight of cybersecurity and information security risk. The Risk Policy and Assessment Committee receive regular reporting on cybersecurity and information security risk. The Board and the Risk Policy and Assessment Committee also receive annual training sessions on cybersecurity and information security topics. In 2018, the Risk Policy and Assessment Committee’s Charter was updated to expressly include its responsibility for overseeing cybersecurity and information security risks as well as the steps taken by management to understand and mitigate such risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Risk Policy and Assessment Committee receive regular reporting on cybersecurity and information security risk.
Cybersecurity Risk Role of Management [Text Block]
The Board recognizes the importance of maintaining the trust and confidence of the Bank’s shareholders, clients, and employees, and devotes significant time and attention to oversight of cybersecurity and information security risk. The Risk Policy and Assessment Committee receive regular reporting on cybersecurity and information security risk. The Board and the Risk Policy and Assessment Committee also receive annual training sessions on cybersecurity and information security topics. In 2018, the Risk Policy and Assessment Committee’s Charter was updated to expressly include its responsibility for overseeing cybersecurity and information security risks as well as the steps taken by management to understand and mitigate such risks.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Bank’s Information Security Team is responsible for overseeing compliance with the applicable policies and procedures by any person with access to the Bank's systems.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] The Board and the Risk Policy and Assessment Committee also receive annual training sessions on cybersecurity and information security topics.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
The Bank has defined a methodology that allows the identification, evaluation and management of cybersecurity risks and threats. This methodology consists of two fundamental pillars: risk profile and maturity model. The assessment provides a repeatable and measurable process over time, so that senior management can be informed of the risks and measures that must be adopted to manage cybersecurity.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true