Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Mar. 31, 2026 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | Cybersecurity Risk Management and Strategy We recognize the critical importance of developing, implementing, and maintaining robust cybersecurity measures to help maintain the security, confidentiality, integrity, and availability of our business systems and confidential information, including personal information and intellectual property. We have established policies and processes for assessing, identifying, and managing material risk from cybersecurity threats. This includes processes to oversee and identify material risks from cybersecurity threats associated with our use of third-party service providers and maintaining a cyber incident response plan designed to assist us in identifying, responding to and recovering from cybersecurity incidents. We utilize third parties to assess the effectiveness of our cybersecurity program on a periodic basis. This includes cybersecurity assessors and cybersecurity experts to assist in the identification, verification, and validation of material risks from cybersecurity threats, as well as to support associated mitigation plans when necessary. We have integrated these cybersecurity processes into our overall risk management framework, systems, and processes. We routinely assess material risks from cybersecurity threats, including any potential unauthorized occurrence on or conducted through our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems or any information residing therein. We conduct a regular cybersecurity risk assessment process through our Chief Technology Officer, a dedicated information security team and certain compliance individuals. The Chief Technology Officer involves key leadership across the organization, on an as needed basis, including our Chief Executive Officer, Chief Financial Officer, Chief Underwriting Officer, President and Chief Fiduciary Officer, and General Counsel. These individuals meet frequently, generally at least monthly, to discuss and evaluate risks that could be material to our business, including cybersecurity threats. As part of our overall risk management system, our dedicated information security team monitors and tests our cybersecurity policies and procedures through methods such as periodic reviews, targeted assessments, and tabletop exercises. All personnel are made aware of our cybersecurity policies and procedures upon hire and through periodic refresher trainings. Such policies and procedures cover areas such as identity and access management, vendor management, data governance and protection, vulnerability management, incident response, and operational risk management. Our cybersecurity policies and procedures are also incorporated into our broader risk management framework such that all enterprise and operational risks are evaluated in a holistic manner. We have not experienced any cybersecurity incidents that have materially impacted or are likely to materially impact our business strategy, results of operations, or financial condition based on information known to us as of the date of this Annual Report on Form 10-K. Although we cannot eliminate all potential threats, our cybersecurity program is operated in a manner to minimize the likelihood of any threat becoming material and to keep pace with a constantly evolving cybersecurity landscape. For additional description of cybersecurity risks and potential related impacts on the Company, refer to the risk factor captioned “Any cybersecurity attack or other security breach of our technology systems, or those of third-party vendors we rely on, could subject us to significant liability and harm our business operations and reputation” in “Item 1A. Risk Factors.”
|
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We have integrated these cybersecurity processes into our overall risk management framework, systems, and processes. We routinely assess material risks from cybersecurity threats, including any potential unauthorized occurrence on or conducted through our information systems that may result in adverse effects on the confidentiality, integrity, or availability of our information systems or any information residing therein.
|
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Our Board, as a whole and as assisted by Board-level Enterprise Risk Committee (until it was dissolved in March 2026, at which point its responsibilities were assumed by the Board), has responsibility for the oversight of our cybersecurity risk management framework. Consistent with this approach, our Board and, until it was dissolved, our Enterprise Risk Committee maintain oversight of cybersecurity matters through discussions with management, question and answer sessions, and reports from the management team, which occurs on an annual basis and ad hoc as needed. Such reports include updates on any cybersecurity incidents and mitigation efforts. Our Board and, until it was dissolved, our Enterprise Risk Committee also receive regular and ad hoc reports from our management-level enterprise risk committee on all enterprise risks, including risks from cybersecurity threats. Our Audit Committee provides additional oversight on our cybersecurity risk management framework, with an emphasis on public reporting obligations and the effects cybersecurity risks could have on our financial condition generally.
|
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Board, as a whole and as assisted by Board-level Enterprise Risk Committee (until it was dissolved in March 2026, at which point its responsibilities were assumed by the Board), has responsibility for the oversight of our cybersecurity risk management framework. Consistent with this approach, our Board and, until it was dissolved, our Enterprise Risk Committee maintain oversight of cybersecurity matters through discussions with management, question and answer sessions, and reports from the management team, which occurs on an annual basis and ad hoc as needed. Such reports include updates on any cybersecurity incidents and mitigation efforts. Our Board and, until it was dissolved, our Enterprise Risk Committee also receive regular and ad hoc reports from our management-level enterprise risk committee on all enterprise risks, including risks from cybersecurity threats. Our Audit Committee provides additional oversight on our cybersecurity risk management framework, with an emphasis on public reporting obligations and the effects cybersecurity risks could have on our financial condition generally.
|
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Board, as a whole and as assisted by Board-level Enterprise Risk Committee (until it was dissolved in March 2026, at which point its responsibilities were assumed by the Board), has responsibility for the oversight of our cybersecurity risk management framework. Consistent with this approach, our Board and, until it was dissolved, our Enterprise Risk Committee maintain oversight of cybersecurity matters through discussions with management, question and answer sessions, and reports from the management team, which occurs on an annual basis and ad hoc as needed. Such reports include updates on any cybersecurity incidents and mitigation efforts. Our Board and, until it was dissolved, our Enterprise Risk Committee also receive regular and ad hoc reports from our management-level enterprise risk committee on all enterprise risks, including risks from cybersecurity threats. Our Audit Committee provides additional oversight on our cybersecurity risk management framework, with an emphasis on public reporting obligations and the effects cybersecurity risks could have on our financial condition generally.
|
| Cybersecurity Risk Role of Management [Text Block] | Our management is responsible for the day-to-day oversight and management of our enterprise risks, including risks from cybersecurity threats. As described in “Risk Management and Strategy” above, primary responsibility for assessing, monitoring, and managing our cybersecurity risks rests with our Chief Technology Officer, a dedicated information security team and certain compliance individuals, who develop, prioritize, and execute our cybersecurity strategy in partnership with relevant departments and business units. Our Chief Technology Officer, who has over 20 years of information technology experience including cybersecurity and information security, oversees our cybersecurity framework and reports to our Board. Our Chief Technology Officer is assisted in this oversight role by additional members of management.
|
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Our management is responsible for the day-to-day oversight and management of our enterprise risks, including risks from cybersecurity threats. As described in “Risk Management and Strategy” above, primary responsibility for assessing, monitoring, and managing our cybersecurity risks rests with our Chief Technology Officer, a dedicated information security team and certain compliance individuals, who develop, prioritize, and execute our cybersecurity strategy in partnership with relevant departments and business units. Our Chief Technology Officer, who has over 20 years of information technology experience including cybersecurity and information security, oversees our cybersecurity framework and reports to our Board. Our Chief Technology Officer is assisted in this oversight role by additional members of management. Our Board, as a whole and as assisted by Board-level Enterprise Risk Committee (until it was dissolved in March 2026, at which point its responsibilities were assumed by the Board), has responsibility for the oversight of our cybersecurity risk management framework. Consistent with this approach, our Board and, until it was dissolved, our Enterprise Risk Committee maintain oversight of cybersecurity matters through discussions with management, question and answer sessions, and reports from the management team, which occurs on an annual basis and ad hoc as needed. Such reports include updates on any cybersecurity incidents and mitigation efforts. Our Board and, until it was dissolved, our Enterprise Risk Committee also receive regular and ad hoc reports from our management-level enterprise risk committee on all enterprise risks, including risks from cybersecurity threats. Our Audit Committee provides additional oversight on our cybersecurity risk management framework, with an emphasis on public reporting obligations and the effects cybersecurity risks could have on our financial condition generally.
|
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our Chief Technology Officer, who has over 20 years of information technology experience including cybersecurity and information security, oversees our cybersecurity framework and reports to our Board. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Our Board, as a whole and as assisted by Board-level Enterprise Risk Committee (until it was dissolved in March 2026, at which point its responsibilities were assumed by the Board), has responsibility for the oversight of our cybersecurity risk management framework. Consistent with this approach, our Board and, until it was dissolved, our Enterprise Risk Committee maintain oversight of cybersecurity matters through discussions with management, question and answer sessions, and reports from the management team, which occurs on an annual basis and ad hoc as needed. Such reports include updates on any cybersecurity incidents and mitigation efforts. Our Board and, until it was dissolved, our Enterprise Risk Committee also receive regular and ad hoc reports from our management-level enterprise risk committee on all enterprise risks, including risks from cybersecurity threats. Our Audit Committee provides additional oversight on our cybersecurity risk management framework, with an emphasis on public reporting obligations and the effects cybersecurity risks could have on our financial condition generally.
|
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |