Risk Management Framework

To effectively respond to potential risks that may arise across its business operations, MCNEX has established and operates a risk management policy. In accordance with its risk management regulations, the CEO has overall responsibility for company-wide risk management. Within the Board of Directors, the Audit Committee oversees policies centered on financial risks, while the ESG Committee oversees those centered on non-financial risks. Operational teams for each risk area perform risk management duties—such as risk identification, analysis, evaluation, response, and monitoring—according to these regulations and report the results to the committee in charge.

These risk management activities and key pending issues are reported regularly to the Board of Directors at least once a year, following an in-depth review by the relevant committee and final approval from the CEO. Additionally, in the event of an unforeseen significant risk or a sudden change in the business environment, MCNEX operates an ad-hoc reporting system to support the Board of Directors and management in making timely and rational decisions.

Risk Management Framework

Internal Accounting Management

To enhance the transparency of its financial information and provide responsible disclosures to external stakeholders, MCNEX operates its Internal Accounting Control System (IACS) as a key tool for company-wide risk response. This system operates based on internal accounting control regulations and work guidelines, which are grounded in relevant laws such as Korea's 'Act on External Audit of Stock Companies' and its enforcement decree. It is managed overall by the Internal Control Management Team, a dedicated organization reporting directly to the CEO and the internal accounting manager. The Internal Control Management Team is formed independently, without its members holding concurrent positions, to institutionally secure its objectivity and effectiveness, and is responsible for the design and operation of the internal accounting control system.

The internal accounting control system consists of Entity Level Controls (ELC), Transaction Level Controls (TLC), and Information Technology General Controls (ITGC). In accordance with the Risk Control Matrix (RCM), it establishes and updates risk identification and response measures for each control. The RCM is updated annually in response to changes in the external environment and management strategy. The reliability and effectiveness of the control operations are strengthened through self-assessment by the Internal Control Management Team and independent review by an external audit firm.

The internal accounting operational evaluation is conducted three times a year. To ensure the evaluation's reliability, a first-round assessment is performed by the Internal Control Management Team, followed by a second-round verification by an external audit firm. Any deficiencies identified during the evaluation are corrected through consultation among the external auditor, relevant operational departments, and the dedicated internal control team. MCNEX continuously enhances the system's operational effectiveness by concurrently implementing RCM-based, risk-focused process design and a continuous monitoring system. The annual operational results of the internal accounting control system are regularly reported to the CEO and the Audit Committee. Looking ahead, MCNEX is establishing and preparing a mid-to-long-term roadmap with the goal of introducing a consolidated internal accounting control system by 2030.