Governance
Risk Management

-
Risk Management System
Hyosung TNC defines risk as any market uncertainty, internal or external threat, or opportunity that could significantly impact our business activities. We categorize these into financial and non-financial risks (including business continuity and operational risks). Key risks are identified based on their potential impact and likelihood, and we have established a proactive risk prevention system to respond by identifying and addressing root causes. Our risk management governance is clearly defined. The Chief Financial Officer (CFO) serves as the manager for financial risks, with our finance department periodically assessing financial risks and executing hedging strategies across the head office and all subsidiaries. For non-financial risks, the executive in charge of ESG and the Chief Safety Officer (CSO) are the designated managers. They work with the ESG Management and Safety & Health teams to identify and establish mitigation measures for related risks through an internal ESG-focused committee. All risk managers report regularly to the Board of Directors through the ESG Management Committee, a formal subcommittee of the Board. These reports provide a comprehensive overview of risk management activities, including evaluations of the system's adequacy, the results of risk identification and assessment, ongoing monitoring efforts, and detailed risk management and response plans.
Risk Management Process
-
Activities By Risk Types
-
Finance
Market
Risks associated with financial factors such as stock prices, interest rates, and exchange rate fluctuations
- Risk measurement, analysis, and hedging through the operation of specialized personnel for capital procurement/trade finance
- Operation of internal accounting management system
- Minimization of exchange position discrepancies by aligning deposit and withdrawal currencies, and specifying measurement frequencies, hedging periods, and hedging ratios in the exchange risk management policy
Credit
Risk of counterparties not meeting contractual obligations as per contract terms
- Compliance with internal receivables management regulations, setting and managing credit limits for counterparties in sales receivables transactions
- Credit investigation and recovery plan management for investments and loans, among others
Liquidity
Risk of unexpected liquidity deterioration leading to financial losses
- Regularly forecasting the future cash flows to maintain an appropriate level of deposit cash
- Entering into agreements with financial institutions for emergency fund injections
-
Non-financial Business continuity
Supply chain
Risk of delayed product delivery due to a raw material shortages or production continuity disruptions
- Establishing response systems and training for supply continuity emergencies (raw material supply interruption, customer supply emergency) by scenario
- Regular evaluation and quality/environmental audits of suppliers in accordance with IATF 16949, ISO 9001, and ISO 14001 standards
- Consulting support and regular assessments to enhance the ESG management capabilities of partner companies
- Regularly identifying energy improvement directions for partner companies
Disaster and safety
Risks of disasters such as earthquakes, fires, or workplace safety accidents, etc.
-
Operation of a dedicated organization for company-wide safety risk management
(operation of a safety and health team under the direct leadership of the CEO to manage safety, health, and disaster systems for all business locations, including the head office) - Establishment of emergency response organizations and preparation of manuals and recovery measures by scenario
- Regular civil-military joint exercises based on accident scenarios such as factory fires and explosions
- Annual accident case and hazardous substance handling law training for all factory employees
- Continuous factory safety patrols through the factory environment safety organization
The environment
Risk of legal sanctions and fines due to inadequate responses to environmental regulations such as greenhouse gas and hazardous substance emissions, etc
- Operation of a dedicated environmental risk management organization
- Regular diagnosis and prevention of potential risks through environmental impact assessments
- ISO 14001 certification reexamination and self-verification activities
- Regular response training by scenario for environmental accidents such as chemical spills and wastewater discharge
- Ongoing factory safety patrols through the factory environment safety organization
-
Non-financial Management
Climate change
Regulatory risks related to emissions, physical risks, and related business transition risks
- Operation of a dedicated climate change risk management organization
- Monitoring of changes in related regulations
- Establishment and management of reduction targets
- Monitoring of greenhouse gas emissions at business sites and calculation of product carbon emissions through the Carbon Asset Management System
- Direction and investment decision-making for business reflecting climate change risks and opportunities using internal carbon pricing
Quality management
Risks related to changes due to the 4Ms (Machine, Material, Method, Man), risks affecting continuous supply or delivery, and risks of defective products or leaks
- Feasibility assessment (impact of change management and 4M changes)
- Monitoring of quality levels
- Management according to the process for dealing with defective products
- Establishment and training of quality management risk emergency scenarios
Human rights
Risks of human rights violations and risks related to human resource management
- Periodic human rights impact assessments and improvement initiatives
- Establishment and dissemination of human rights policies and guidelines
- Regular training on human rights protection and non-discrimination
- Operation of a reporting system
Security
Risks such as information loss due to cyberattacks from external sources or data leakage from within the organization
- Operation of a dedicated security organization
- Establishment of security regulations and operational standards
- Knowledge management through the use of an enterprise content management (ECM) system
- Thorough monitoring of the entire document process, including document creation, modification, import/export, and disposal, through the introduction of security solutions, dedicated USB devices, and mobile device camera controls
- Regular training on the top-10 information security rules and in-house security guidelines, with IT security training conducted once a month
Legal and ethical
Risks such as unfavorable contract agreements, lawsuits, unfair trade, corruption, etc.
- Prevention of legal risks through compliance with contract examination regulations and the use of standard contracts
- Enhancement of understanding through practical education in foreign exchange, patents, and contract management, among others
- Anti-corruption and ethical management education in accordance with the Act on the Prevention of Corruption and the Fair Trade Act, among others
- Update of the Fair Trade Voluntary Compliance Manual
- Raising awareness through the signing of ethical management pledges by all new employees
- Operation of a reporting channel
Reputation
Risks such as a decline in corporate image due to misinformation or negative communication
- Conducting PR risk response training for new hires, newly promoted employees, and new team leaders
- Raising awareness through the formulation and dissemination of action principles and action processes for PR personnel
- Communication with stakeholders through brand marketing and various channels
Marketing ethics
Risks such as conveying false, exaggerated, or downplayed information in advertising or marketing, or conveying information without considering groups vulnerable to such information
- Establishment and operation of "Ethical Marketing Operating Principles"
- Encouraging external agencies that handle advertising and marketing to respect and introduce the operating principles
Brand/Trademark
Risks of infringement on brand/trademark rights or damage to their value
- Establishment and compliance with separate guidelines for the protection and enhancement of brands and trademarks
Orders
Bad order risks due to payment terms, contract exclusion clauses, unclear specifications, delivery uncertainty, complaints, local country situations, etc.
- Order review and the operation of the Bid Approval Committee (BAC)
Management in general
Operational risks due to errors by individuals or systems
- Integration of various management activities through the use of enterprise resource planning (ERP)
- Systematic management and improvement of the voice of the customer (VOC) through the establishment of the C-Cube system
- COVID-19 risk management (promotion of remote meetings, expansion of flexible work hours and IT support, and establishment and operation of response processes)