3i's risk governance framework provides a structured process to oversee the identification, assessment and approach to mitigation in respect of those risks which could materially impact the Group's strategic objectives or execution.

Risk management operates at all levels throughout the Group, across business lines, geographies and professional functions. The Board is ultimately responsible for risk management, which includes the Group's risk governance or oversight structure and maintaining an appropriate internal control framework. Management's responsibility is to manage risk on behalf of the Board.

By reporting regularly to Audit and Compliance Committee, the Group's Risk Committee provides support to the Board in maintaining oversight of the effectiveness of risk management across the Group.

The risk governance framework and the responsibilities of the main committees involved are shown in the 2012 Annual report. Details can also be found in the Governance section (Pillar 3 disclosures). 

There have been no changes to 3i's risk management framework over the course of the year. Risk reviews are generally carried out on a quarterly basis and aligned with the Group Risk Committee meetings, which are held as part of the Leadership Team meetings.

A number of policies and procedures have been upgraded during the year. This has included a complete update of the Group's incident response plan; a review and update of human resources policies; the launch of an updated anti-bribery policy, supported by all staff e-learning; and some process changes in response to the Financial Service Authority's remuneration code.

There is no material or pending litigation on Health & Safety or Responsible Investment matters.