Future-proofing with the Metaverse

Lee Carlo B. Abadia

The Metaverse has been positioned as the next phase of the internet. It makes use of several innovations in technology, from extended reality (XR) to artificial intelligence (AI), to enable new digital experiences.

With the increasing focus on how to appropriately regulate data and the use of AI, digital governance is becoming even more crucial. Similarly, in the future of the Metaverse, effective board oversight will be just as essential and serve as a significant difference between firms that thrive and those that struggle.

As mentioned in my previous article, “The Metaverse beckons: Is it time to explore?” published in this column in June 2022, the Metaverse can be defined as a virtual world where people can take on digital identities. The key characteristics of the Metaverse include (1) Persistence: where your central digital identity is maintained even as you enter and leave the Metaverse; (2) Ownership: where everything you earn or purchase in the virtual world is certified and attributed to be truly yours; (3) Interoperability: where you can carry what you own and use it in other virtual places, and (4) Decentralization: where there is no central organization that dictates the rules of the space, and is instead defined by the users themselves.

By understanding the opportunities as well as risks the Metaverse presents, boards can provide effective oversight and value creation.

A wide range of use cases, including entertainment, education, commerce, and even virtual prototyping, can be expected from the Metaverse. More immersive extensions of entertainment are already taking place in virtual worlds on gaming platforms like Fortnite and Roblox, such as a celebrity concert held on Roblox that received almost 37 million visits, according to Wired UK.

The synergy between digital twins — defined as digital versions of their physical counterparts in the real world — and the Metaverse in the working world is exciting. Before making changes in the real world, a digital twin can be used to test new policies or corporate decisions online. Digital twins can assist with tasks that include product creation, urban planning, and even customer experience design when combined with the Metaverse immersion.

Boards may assist their organizations in seeing the value of leveraging these platforms for internal learning requirements, particularly for Gen Z and younger frontline employees, in addition to external customer interaction. New hires can have the opportunity to tour their workplace before starting for a much more immersive virtual onboarding.

As the Metaverse becomes mainstream, it can give rise to new risks. Similar to the risks today arising from the widespread use of the internet, increasing participation and commercialization of the Metaverse is likely to exacerbate existing issues, ranging from online safety to data privacy.

It is imperative for boards to fully understand the risks magnified by the Metaverse and include the related technical and social risk subjects in the company risk management process, given broader ethical concerns regarding the use of technologies to influence human behavior. Privacy issues are the first ones to consider, particularly in how information will be used due to the variety of biometric and emotional data that is likely going to be collected through Metaverse hardware.

Depending on the applications being used in the Metaverse, boards must concentrate on protecting the privacy of consumer and employee data.

Boards must also be aware of security concerns in three key areas: devices, fraud, and identity. Attacks may target Metaverse hardware, such VR headsets, and use them to rob unknowing users of their private information. The Metaverse will also likely give rise to more sophisticated or advanced phishing and counterfeiting attacks, including stealing non-fungible tokens (NFTs) and scamming for wallet credentials. Moreover, there are issues of digital identity to consider, where compromised user identities can lead to digital identity theft.


1. Determine applicability and long-term value

Boards will have to adopt a critical and measured perspective toward the Metaverse and its applicability to the organization. They need to evaluate whether they are engaging the Metaverse only as a response to a trend or if it truly offers a specific benefit that enables long-term value without compromising the core principles of the business. This will help influence if the enterprise risk management program of their organization will be concentrated on monitoring the achievement of strategic goals from investments in the Metaverse.

As boards determine the Metaverse’s applicability, they must consider if they have the necessary expertise to manage the risks that arise from it to protect its value. They should look into enabling tools to help identify and quantify the resulting risk scenarios accordingly and facilitate management in developing responses to them. To complement this, boards should determine if the business has teams with enough age, identity, experience, and cognitive diversity to comprehend the technological, business, ethical, cultural, and legal aspects of the Metaverse use cases so that they can drive actions in improving the thoughtful adoption of it.

2. Prioritize oversight based on purpose and risk

The board is responsible for applying due diligence and supporting technology investments to boost the organization’s strategy, purpose, and values. In line with this, they must understand the extent and purpose of why the Metaverse is being leveraged by the business. In the gaming industry for example, close oversight is necessary because investments in the Metaverse can be instrumental in delivering differentiated services or goods of a gaming company.

In other cases, the Metaverse may only be used solely for marketing purposes, but there would still be associated risks — particularly if it can jeopardize the company’s reputation or legal standing. Another example would be the buying and selling of digital assets to facilitate Metaverse activity, in which boards need to understand the legal and accounting repercussions of these operations. Depending on the purpose and related risks, the level of oversight will need to be carefully considered. Regardless of this however, Boards have to consider if they will need additional investments in compliance, data privacy, and fraud prevention.

3. Recognize laws and moral standards

 Boards can help management execute a Metaverse plan by making the business aware of any legal and compliance challenges and enabling them to address these. Furthermore, they can explore how businesses can collaborate with policymakers to develop workable laws and regulations that foster innovation while upholding human rights and providing value to relevant stakeholders.

Boards should consider what “code of conduct” or ethics guidelines can be applied to foster the constructive cooperative engagement in the Metaverse world of the company and minimize its risks. In parallel, they must be conscious of any new governance models that may need to emerge from Metaverse activities and pivot on how these can be considered in their enterprise risk management program.

With the Metaverse bringing about exciting new ways to live and work through an immersive virtual world, boards must understand the strategic opportunities and risks associated with it to provide effective oversight. Only then can they effectively influence investment decisions, evaluate risks, and seize their future in the Metaverse.


This article is for general information only and is not a substitute for professional advice where the facts and circumstances warrant. The views and opinions expressed above are those of the author and do not necessarily represent the views of SGV & Co. 

Lee Carlo B. Abadia is a technology consulting principal of SGV & Co.

Leading the way in business

Other SGV News and Publications