v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Dec. 31, 2023
Cybersecurity Risk Management, Strategy, and Governance [Abstract]    
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] Cybersecurity Risk Management and Strategy 

To maintain a consistently high level of service experience for our clients, preserve the confidentiality, integrity, and availability of our information systems, safeguard our assets, data, intellectual property, and network infrastructure, while meeting regulatory requirements, it is crucial to effectively manage cybersecurity risks. To achieve this, we have implemented a comprehensive cybersecurity risk management framework, which is integrated in our overall enterprise risk management system and processes and is internally managed.

 

Our dedicated cybersecurity staff is tasked with assessing, identifying and managing risks related to cybersecurity threats and, under the leadership of our head of cybersecurity, is responsible for

 

  risk assessments designed to help identify material cybersecurity risks to our critical systems, information, products, services, and our broader enterprise IT environment;

 

  development of risk-based action plans to manage identified vulnerabilities and implementation of new protocols and infrastructure improvements;

 

  cybersecurity incident investigations;

 

  monitoring threats to sensitive data and unauthorized access to our systems;

 

  secure access control measures applied to critical IT systems, equipment and devices, designed to prevent unauthorized users, processes, and devices from assessing IT systems and data;

 

  developing and executing protocols to ensure that information regarding cybersecurity incidents is promptly shared with the board of directors, as appropriate, to allow for risk and materiality assessments and to consider disclosure and notice requirements; and

 

  developing and implementing training on cybersecurity, information security and threat awareness.

 

There were no cybersecurity incidents during the year ended December 31, 2023, that resulted in an interruption to our operations, known losses of any critical data or otherwise had a material impact on our strategy, financial condition or results of operations. However, the scope and impact of any future incident cannot be predicted. See “Item 3. Key Information - D. Risk Factors” for more information on how material cybersecurity attacks may impact our business.

  		 
Cybersecurity Risk Management Processes Integrated [Flag] true  
Cybersecurity Risk Management Processes Integrated [Text Block] Our dedicated cybersecurity staff is tasked with assessing, identifying and managing risks related to cybersecurity threats  
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]   false
Cybersecurity Risk Board of Directors Oversight [Text Block] Governance 

Our board of directors acknowledges the significance of robust cybersecurity management programs and actively participates in overseeing and reviewing our cybersecurity risk profile and exposures.

 

The board of directors receives reports on cybersecurity risks, including recent legislative developments and evolving standards on cybersecurity, key issues, priorities and challenges in our cybersecurity management, and relevant data or metrics. The board of directors also receives prompt and timely information regarding any significant cybersecurity incidents, as well as ongoing updates regarding any such incidents. Furthermore, in the event of any significant updates or adjustments to our cybersecurity related policies, the head of cybersecurity will present them to the board of directors for their review and approval.

 

Our head of cybersecurity leads the overall assessment, identification and management of risks related to cybersecurity threats. He works collaboratively within our Group and receives regular briefings on cybersecurity matters, such as report on cybersecurity incidents and responses and remedial measures.

 

Our head of cybersecurity and their dedicated staff are responsible for the daily management of our cybersecurity efforts. This includes updates and refinement of cybersecurity policies, execution and management of cybersecurity measures, and the preparation of regular reports on cybersecurity execution. Their primary focus is to consistently update our cybersecurity programs and mitigation strategies, ensuring they align with industry best practices and procedures.  

  		 
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true  
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our head of cybersecurity leads the overall assessment, identification and management of risks related to cybersecurity threats. He works collaboratively within our Group and receives regular briefings on cybersecurity matters, such as report on cybersecurity incidents and responses and remedial measures.  
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] The board of directors receives reports on cybersecurity risks, including recent legislative developments and evolving standards on cybersecurity, key issues, priorities and challenges in our cybersecurity management, and relevant data or metrics. The board of directors also receives prompt and timely information regarding any significant cybersecurity incidents, as well as ongoing updates regarding any such incidents. Furthermore, in the event of any significant updates or adjustments to our cybersecurity related policies, the head of cybersecurity will present them to the board of directors for their review and approval.