Governance Risk Management

Governance Risk Management

  • Risk Management System

    Hyosung TNC defines risk as any market uncertainty, internal or external threat, or opportunity that could significantly impact our business activities. We categorize these into financial and non-financial risks (including business continuity and operational risks). Key risks are identified based on their potential impact and likelihood, and we have established a proactive risk prevention system to respond by identifying and addressing root causes. Our risk management governance is clearly defined. The Chief Financial Officer (CFO) serves as the manager for financial risks, with our finance department periodically assessing financial risks and executing hedging strategies across the head office and all subsidiaries. For non-financial risks, the executive in charge of ESG and the Chief Safety Officer (CSO) are the designated managers. They work with the ESG Management and Safety & Health teams to identify and establish mitigation measures for related risks through an internal ESG-focused committee. All risk managers report regularly to the Board of Directors through the ESG Management Committee, a formal subcommittee of the Board. These reports provide a comprehensive overview of risk management activities, including evaluations of the system's adequacy, the results of risk identification and assessment, ongoing monitoring efforts, and detailed risk management and response plans.

  • See below
    See below
    • Board Activity
    • Management Committee
    • Top management
    • ESG Management Promotion Committee
      • Chief Executive Officer(risk management officer)
      • Management strategy director
      • Finance director
      • Support director
      • Executive in charge of purchasing
      • Executive incharge of public relations in charge of purchasing
      • Each plant manager
      • Each business unit manager
    • Operational team
    • Financial risk
      • Corporate management organization
      • Finance Department
      • Each business division and domestic/overseas subsidiaries
    • Non-financial risk
      • Chief Safety Officer
      • ESG Management Team
      • ESG Operational Committee (Each collaborative department)
      • in charge of ESG management
      • Safety and Health Team
      • Environmental Safety Team for each plant

Risk Management Process

See below
  • Internal and external situation assessment

    Survey of demands from internal and external stakeholders

  • Risk identification

    SWOT, 3C Analysis, etc.

  • Risk evaluation

    Likelihood of occurrence, severity

  • Risk mitigation

    Development and implementation of measures to mitigate risks

  • Risk monitoring and change management

    Risk change management after implementation of measures

  • Report to the board of directors/top management

    Reporting on key risks

  • Activities By Risk Types

  • Finance

    Market

    Risks associated with financial factors such as stock prices, interest rates, and exchange rate fluctuations

    • Risk measurement, analysis, and hedging through the operation of specialized personnel for capital procurement/trade finance
    • Operation of internal accounting management system
    • Minimization of exchange position discrepancies by aligning deposit and withdrawal currencies, and specifying measurement frequencies, hedging periods, and hedging ratios in the exchange risk management policy

    Credit

    Risk of counterparties not meeting contractual obligations as per contract terms

    • Compliance with internal receivables management regulations, setting and managing credit limits for counterparties in sales receivables transactions
    • Credit investigation and recovery plan management for investments and loans, among others

    Liquidity

    Risk of unexpected liquidity deterioration leading to financial losses

    • Regularly forecasting the future cash flows to maintain an appropriate level of deposit cash
    • Entering into agreements with financial institutions for emergency fund injections

  • Non-financial Business continuity

    Supply chain

    Risk of delayed product delivery due to a raw material shortages or production continuity disruptions

    • Establishing response systems and training for supply continuity emergencies (raw material supply interruption, customer supply emergency) by scenario
    • Regular evaluation and quality/environmental audits of suppliers in accordance with IATF 16949, ISO 9001, and ISO 14001 standards
    • Consulting support and regular assessments to enhance the ESG management capabilities of partner companies
    • Regularly identifying energy improvement directions for partner companies

    Disaster and safety

    Risks of disasters such as earthquakes, fires, or workplace safety accidents, etc.

    • Operation of a dedicated organization for company-wide safety risk management
      (operation of a safety and health team under the direct leadership of the CEO to manage safety, health, and disaster systems for all business locations, including the head office)
    • Establishment of emergency response organizations and preparation of manuals and recovery measures by scenario
    • Regular civil-military joint exercises based on accident scenarios such as factory fires and explosions
    • Annual accident case and hazardous substance handling law training for all factory employees
    • Continuous factory safety patrols through the factory environment safety organization

    The environment

    Risk of legal sanctions and fines due to inadequate responses to environmental regulations such as greenhouse gas and hazardous substance emissions, etc

    • Operation of a dedicated environmental risk management organization
    • Regular diagnosis and prevention of potential risks through environmental impact assessments
    • ISO 14001 certification reexamination and self-verification activities
    • Regular response training by scenario for environmental accidents such as chemical spills and wastewater discharge
    • Ongoing factory safety patrols through the factory environment safety organization

  • Non-financial Management

    Climate change

    Regulatory risks related to emissions, physical risks, and related business transition risks

    • Operation of a dedicated climate change risk management organization
    • Monitoring of changes in related regulations
    • Establishment and management of reduction targets
    • Monitoring of greenhouse gas emissions at business sites and calculation of product carbon emissions through the Carbon Asset Management System
    • Direction and investment decision-making for business reflecting climate change risks and opportunities using internal carbon pricing

    Quality management

    Risks related to changes due to the 4Ms (Machine, Material, Method, Man), risks affecting continuous supply or delivery, and risks of defective products or leaks

    • Feasibility assessment (impact of change management and 4M changes)
    • Monitoring of quality levels
    • Management according to the process for dealing with defective products
    • Establishment and training of quality management risk emergency scenarios

    Human rights

    Risks of human rights violations and risks related to human resource management

    • Periodic human rights impact assessments and improvement initiatives
    • Establishment and dissemination of human rights policies and guidelines
    • Regular training on human rights protection and non-discrimination
    • Operation of a reporting system

    Security

    Risks such as information loss due to cyberattacks from external sources or data leakage from within the organization

    • Operation of a dedicated security organization
    • Establishment of security regulations and operational standards
    • Knowledge management through the use of an enterprise content management (ECM) system
    • Thorough monitoring of the entire document process, including document creation, modification, import/export, and disposal, through the introduction of security solutions, dedicated USB devices, and mobile device camera controls
    • Regular training on the top-10 information security rules and in-house security guidelines, with IT security training conducted once a month

    Legal and ethical

    Risks such as unfavorable contract agreements, lawsuits, unfair trade, corruption, etc.

    • Prevention of legal risks through compliance with contract examination regulations and the use of standard contracts
    • Enhancement of understanding through practical education in foreign exchange, patents, and contract management, among others
    • Anti-corruption and ethical management education in accordance with the Act on the Prevention of Corruption and the Fair Trade Act, among others
    • Update of the Fair Trade Voluntary Compliance Manual
    • Raising awareness through the signing of ethical management pledges by all new employees
    • Operation of a reporting channel

    Reputation

    Risks such as a decline in corporate image due to misinformation or negative communication

    • Conducting PR risk response training for new hires, newly promoted employees, and new team leaders
    • Raising awareness through the formulation and dissemination of action principles and action processes for PR personnel
    • Communication with stakeholders through brand marketing and various channels

    Marketing ethics

    Risks such as conveying false, exaggerated, or downplayed information in advertising or marketing, or conveying information without considering groups vulnerable to such information

    • Establishment and operation of "Ethical Marketing Operating Principles"
    • Encouraging external agencies that handle advertising and marketing to respect and introduce the operating principles

    Brand/Trademark

    Risks of infringement on brand/trademark rights or damage to their value

    • Establishment and compliance with separate guidelines for the protection and enhancement of brands and trademarks

    Orders

    Bad order risks due to payment terms, contract exclusion clauses, unclear specifications, delivery uncertainty, complaints, local country situations, etc.

    • Order review and the operation of the Bid Approval Committee (BAC)

    Management in general

    Operational risks due to errors by individuals or systems

    • Integration of various management activities through the use of enterprise resource planning (ERP)
    • Systematic management and improvement of the voice of the customer (VOC) through the establishment of the C-Cube system
    • COVID-19 risk management (promotion of remote meetings, expansion of flexible work hours and IT support, and establishment and operation of response processes)