original hero image
Governance
Risk Management

Risk Management Framework

To effectively respond to potential risks that may arise across its business operations, MCNEX has established and operates a risk management policy. In accordance with its risk management regulations, the CEO has overall responsibility for company-wide risk management. Within the Board of Directors, the Audit Committee oversees policies centered on financial risks, while the ESG Committee oversees those centered on non-financial risks. Operational teams for each risk area perform risk management duties—such as risk identification, analysis, evaluation, response, and monitoring—according to these regulations and report the results to the committee in charge.

These risk management activities and key pending issues are reported regularly to the Board of Directors at least once a year, following an in-depth review by the relevant committee and final approval from the CEO. Additionally, in the event of an unforeseen significant risk or a sudden change in the business environment, MCNEX operates an ad-hoc reporting system to support the Board of Directors and management in making timely and rational decisions.

Risk Management Framework

Classification

Details

Status

Department

ESG

Climate change, water resource, and natural capital risks; human rights violation factors, etc

Regular Monitoring through the ESG Committee

ESG Management Team

Safety & Health

Serious accidents, natural disasters, infectious diseases, hazardous chemical spills, etc

Operation of a Dedicated OSH Organization
Operation of the Occupational Safety and Health Committee
Operation of the Safety and Health Council

General Affairs &
Safety Team

Finance

Management of internal controls, foreign exchange risk, domestic and global economic/market outlook, review of strategic investments, etc

Audit Committee, Internal Transactions Committee

Finance Team

Compliance

Violations of fair trade and anti-corruption laws; sanctions resulting from unethical conduct during business activities, etc

Operation of the ESG Hotline System
Ongoing Monitoring by Responsible Manager

Compliance Manager

Major Risk Management

The management status of financial and non-financial risks is reported to the Audit Committee and the ESG Committee, respectively, at least once a year. Non-financial risks are classified into environmental, social, and governance domains to define their specific details, and the company analyzes the risk factors and their corresponding potential impacts. Major risks are identified through a matrix-based assessment that evaluates each risk based on its likelihood (probability of occurrence, frequency, etc.) and severity (financial impact, external disclosure impact, etc.).

Non-Financial Risk Types and Countermeasures

Classification

Identification

Response

Domain

Type

Description

Potential Impact

Response

Environmental

Waste &
Chemical
Substances

Illegal discharge of chemical
substances and waste

Fines and penalties due to violations of environmental regulations

① Acquisition and renewal of ISO 14001 certification
Environmental emergency response training
Regular monitoring of environmental risks

Energy
Efficiency

Energy loss due to aging equipment

Increase in energy costs, decline in corporate competitiveness

Replacement with high-efficiency equipment
Monitoring of energy consumption

Social

Human Rights &
Labor

Workplace harassment, forced labor, etc.

Occurrence of organizational conflict and imposition of fines for violations of relevant laws

Conducting Human Rights Impact Assessments
Conducting company-wide human rights training
Operating a PC-Off program

Information
Security

Technological, physical, and human security incidents

Leakage of core information assets, decline in corporate competitiveness

Quarterly security inspections
Introduction of ISO/IEC 27001 certification

Health & Safety

Serious accidents due to safety violations

Loss of working days, human casualties, and legal penalties

Acquisition and renewal of ISO 45001 certification
Conducting occupational safety and health training

Supply Chain

Tightening supply chain & CBAM regulations

Risk of supply restrictions to global customers

Conducting supply chain ESG self-assessments
Collecting Supplier Code of Conduct compliance pledges

Conflict Minerals

Potential use of minerals from conflict-affected areas

Transaction restrictions with global customers

Verification of Conflict Minerals Reporting Templates (CMRT)
Strengthening responsible sourcing policies

Governance

Ethics

Bribery, embezzlement, fraudulent accounting, etc.

Violations of ethical management, decline in corporate credibility

Conducting ethics training
Collecting ethical pledges
Operating a whistleblowing channel

Information
Disclosure

Lack of transparency and inaccuracy of ESG information

Decline in ESG ratings and trustworthiness

Establishing an ESG data management system
Disclosing non-financial information based on global ESG standards

Emerging Risk Management

Emerging risks refer to factors that can significantly impact the business from a long-term perspective. MCNEX responds to emerging risks by regularly identifying and assessing risks and establishing countermeasures.

Climate Change

Non-Financial Risk Types and Countermeasures

As the intensity and frequency of natural disasters such as typhoons and earthquakes increase due to the acceleration of climate change, the trend of countries strengthening policies and regulations aimed at carbon neutrality continues. As climate change emerges as a key variable determining a company's long-term financial stability and growth potential beyond a simple environmental issue, strategic responses such as greenhouse gas (GHG) reduction and eco-friendly product development are required as essential tasks in corporate management. Accordingly, MCNEX has selected climate change as a major risk factor and is focusing its response.

Potential Impacts

① Increase in energy costs at business sites due to rising average summer temperatures and an increasing number of heatwave days.
② Decline in corporate competitiveness and reputation in the event of an insufficient response to climate change.
③ Potential disadvantages in competing for customer orders if the level of climate change response within the supply chain is not met.

Response Activities

① MCNEX has installed and is operating a solar self-generation system at its Incheon headquarters since December 2024, and additionally
installed a solar self-generation system with an annual capacity of approximately 130,000 kWh in February 2026.
② Completed the measurement and verification of GHG emissions for the Incheon headquarters and MCNEX VINA for the years 2019, 2022,
2023, 2024, and 2025.
③ Establishment and execution of a roadmap to achieve RE100 by 2050.

Internal Accounting Management

To enhance the transparency of its financial information and provide responsible disclosures to external stakeholders, MCNEX operates its Internal Accounting Control System (IACS) as a key tool for company-wide risk response. This system operates based on internal accounting control regulations and work guidelines, which are grounded in relevant laws such as Korea's 'Act on External Audit of Stock Companies' and its enforcement decree. It is managed overall by the Internal Control Management Team, a dedicated organization reporting directly to the CEO and the internal accounting manager. The Internal Control Management Team is formed independently, without its members holding concurrent positions, to institutionally secure its objectivity and effectiveness, and is responsible for the design and operation of the internal accounting control system.
The internal accounting control system consists of Entity Level Controls (ELC), Transaction Level Controls (TLC), and Information Technology General Controls (ITGC). In accordance with the Risk Control Matrix (RCM), it establishes and updates risk identification and response measures for each control. The RCM is updated annually in response to changes in the external environment and management strategy. The reliability and effectiveness of the control operations are strengthened through self-assessment by the Internal Control Management Team and independent review by an external audit firm.
The internal accounting operational evaluation is conducted two times a year. To ensure the evaluation's reliability, a first-round assessment is performed by the Internal Control Management Team, followed by a second-round verification by an external audit firm. Any deficiencies identified during the evaluation are corrected through consultation among the external auditor, relevant operational departments, and the dedicated internal control team. MCNEX continuously enhances the system's operational effectiveness by concurrently implementing RCM-based, risk-focused process design and a continuous monitoring system. The annual operational results of the internal accounting control system are regularly reported to the CEO and the Audit Committee. Looking ahead, MCNEX is establishing and preparing a mid-to-long-term roadmap with the goal of introducing a consolidated internal accounting control system by 2030.