
To effectively respond to potential risks that may arise across its business operations, MCNEX has established and operates a risk management policy. In accordance with its risk management regulations, the CEO has overall responsibility for company-wide risk management. Within the Board of Directors, the Audit Committee oversees policies centered on financial risks, while the ESG Committee oversees those centered on non-financial risks. Operational teams for each risk area perform risk management duties—such as risk identification, analysis, evaluation, response, and monitoring—according to these regulations and report the results to the committee in charge.
These risk management activities and key pending issues are reported regularly to the Board of Directors at least once a year, following an in-depth review by the relevant committee and final approval from the CEO. Additionally, in the event of an unforeseen significant risk or a sudden change in the business environment, MCNEX operates an ad-hoc reporting system to support the Board of Directors and management in making timely and rational decisions.
Risk Management Framework
Classification | Details | Status | Department |
ESG | Climate change, water resource, and natural capital risks; human rights violation factors, etc | Regular Monitoring through the ESG Committee | ESG Management Team |
Safety & Health | Serious accidents, natural disasters, infectious diseases, hazardous chemical spills, etc | Operation of a Dedicated OSH Organization | General Affairs & |
Finance | Management of internal controls, foreign exchange risk, domestic and global economic/market outlook, review of strategic investments, etc | Audit Committee, Internal Transactions Committee | Finance Team |
Compliance | Violations of fair trade and anti-corruption laws; sanctions resulting from unethical conduct during business activities, etc | Operation of the ESG Hotline System | Compliance Manager |
The management status of financial and non-financial risks is reported to the Audit Committee and the ESG Committee, respectively, at least once a year. Non-financial risks are classified into environmental, social, and governance domains to define their specific details, and the company analyzes the risk factors and their corresponding potential impacts. Major risks are identified through a matrix-based assessment that evaluates each risk based on its likelihood (probability of occurrence, frequency, etc.) and severity (financial impact, external disclosure impact, etc.).
Non-Financial Risk Types and Countermeasures
Classification | Identification | Response | ||
|---|---|---|---|---|
Domain | Type | Description | Potential Impact | Response |
Environmental | Waste & | Illegal discharge of chemical | Fines and penalties due to violations of environmental regulations | ① Acquisition and renewal of ISO 14001 certification |
Energy | Energy loss due to aging equipment | Increase in energy costs, decline in corporate competitiveness | ① Replacement with high-efficiency equipment | |
Social | Human Rights & | Workplace harassment, forced labor, etc. | Occurrence of organizational conflict and imposition of fines for violations of relevant laws | ① Conducting Human Rights Impact Assessments |
Information | Technological, physical, and human security incidents | Leakage of core information assets, decline in corporate competitiveness | ① Quarterly security inspections | |
Health & Safety | Serious accidents due to safety violations | Loss of working days, human casualties, and legal penalties | ①Acquisition and renewal of ISO 45001 certification | |
Supply Chain | Tightening supply chain & CBAM regulations | Risk of supply restrictions to global customers | ① Conducting supply chain ESG self-assessments | |
Conflict Minerals | Potential use of minerals from conflict-affected areas | Transaction restrictions with global customers | ① Verification of Conflict Minerals Reporting Templates (CMRT) | |
Governance | Ethics | Bribery, embezzlement, fraudulent accounting, etc. | Violations of ethical management, decline in corporate credibility | ① Conducting ethics training |
Information | Lack of transparency and inaccuracy of ESG information | Decline in ESG ratings and trustworthiness | ① Establishing an ESG data management system | |
Emerging risks refer to factors that can significantly impact the business from a long-term perspective. MCNEX responds to emerging risks by regularly identifying and assessing risks and establishing countermeasures.
As the intensity and frequency of natural disasters such as typhoons and earthquakes increase due to the acceleration of climate change, the trend of countries strengthening policies and regulations aimed at carbon neutrality continues. As climate change emerges as a key variable determining a company's long-term financial stability and growth potential beyond a simple environmental issue, strategic responses such as greenhouse gas (GHG) reduction and eco-friendly product development are required as essential tasks in corporate management. Accordingly, MCNEX has selected climate change as a major risk factor and is focusing its response.
① Increase in energy costs at business sites due to rising average summer temperatures and an increasing number of heatwave days.
② Decline in corporate competitiveness and reputation in the event of an insufficient response to climate change.
③ Potential disadvantages in competing for customer orders if the level of climate change response within the supply chain is not met.
① MCNEX has installed and is operating a solar self-generation system at its Incheon headquarters since December 2024, and additionally
installed a solar self-generation system with an annual capacity of approximately 130,000 kWh in February 2026.
② Completed the measurement and verification of GHG emissions for the Incheon headquarters and MCNEX VINA for the years 2019, 2022,
2023, 2024, and 2025.
③ Establishment and execution of a roadmap to achieve RE100 by 2050.
To enhance the transparency of its financial information and provide responsible disclosures to external stakeholders, MCNEX operates its Internal Accounting Control System (IACS) as a key tool for company-wide risk response. This system operates based on internal accounting control regulations and work guidelines, which are grounded in relevant laws such as Korea's 'Act on External Audit of Stock Companies' and its enforcement decree. It is managed overall by the Internal Control Management Team, a dedicated organization reporting directly to the CEO and the internal accounting manager. The Internal Control Management Team is formed independently, without its members holding concurrent positions, to institutionally secure its objectivity and effectiveness, and is responsible for the design and operation of the internal accounting control system.
The internal accounting control system consists of Entity Level Controls (ELC), Transaction Level Controls (TLC), and Information Technology General Controls (ITGC). In accordance with the Risk Control Matrix (RCM), it establishes and updates risk identification and response measures for each control. The RCM is updated annually in response to changes in the external environment and management strategy. The reliability and effectiveness of the control operations are strengthened through self-assessment by the Internal Control Management Team and independent review by an external audit firm.
The internal accounting operational evaluation is conducted two times a year. To ensure the evaluation's reliability, a first-round assessment is performed by the Internal Control Management Team, followed by a second-round verification by an external audit firm. Any deficiencies identified during the evaluation are corrected through consultation among the external auditor, relevant operational departments, and the dedicated internal control team. MCNEX continuously enhances the system's operational effectiveness by concurrently implementing RCM-based, risk-focused process design and a continuous monitoring system. The annual operational results of the internal accounting control system are regularly reported to the CEO and the Audit Committee. Looking ahead, MCNEX is establishing and preparing a mid-to-long-term roadmap with the goal of introducing a consolidated internal accounting control system by 2030.