Compliance 360, a provider of enterprise governance, risk and compliance solutions, has expanded its solution footprint with the addition of a new, integrated Third Party Risk Management application.

Designed to manage much more than vendor credentialing and initial sanction verifications, the Compliance 360 Third Party Risk Management application is an industrial strength solution that addresses the full spectrum of risk management requirements including regulatory compliance and audits. This comprehensive solution includes Compliance 360’s robust contract management system as well as policy and procedure management, incidents and case management, and internal audit.

The system supports proactive risk assessments and scoring with heat map dashboards that highlight critical vendors and their risks, and enables drill-down to identify and address underlying issues. All third-party contracts and risk management policies, actions, assessments and incidents are tied together in the industry’s only Virtual Evidence Room.

This capability helps organizations maintain an audit-ready state with a comprehensive view of compliance. Third party risk information is also linked back to the Compliance 360 Enterprise Risk Management system to enable centralized management and reporting of internal and external risks.

The Third Party Risk Management application is designed to help manage a wide variety of relationships including those with customers, IT vendors and service providers, product vendors and suppliers, services and consulting firms as well as employees. The solution is also applicable to many types of risk. In addition to addressing data security and privacy risks, the Third Party Risk Management application addresses compliance risks, transactional risks, credit risks, reputational and strategic risks, and many others.

International law firm Steptoe & Johnson has announced the new opening of its Beijing, China office.

Steptoe advises companies doing business in and from China on a wide range of matters, including international trade, market access, export control, antitrust, and compliance with U.S. and European environmental, product safety, and other regulations. The Beijing office will help Steptoe expand its work in these areas and better serve its clients, the company said.

The firm’s International Trade and Investment practice helps companies seeking to enter and expand their business in the Chinese market. The firm currently advises the Government of China on matters before the World Trade Organization. Led by Edward Krauland, the firm’s International Regulation and Compliance practice advises clients on sensitive regulatory issues, including U.S. and European export control rules.

Steptoe also maintains an internationally recognized anti-corruption practice under the direction of Lucinda Low and Patrick Norton, who counsel clients subject to the Foreign Corrupt Practices Act and various anti-corruption laws around the world including throughout Asia. The practice also represents clients in internal investigations, enforcement actions, and collateral proceedings, including before the World Bank and other institutions.

Serving as managing partner of the Beijing office is Eric Emerson, a partner in Steptoe’s International Trade and Investment practice. Emerson has been with Steptoe for 18 years and advises companies on all types of international trade issues, including U.S. trade litigation and access to U.S. markets.

Joining Emerson in the China practice is Susan Munro, a new partner who recently joined Steptoe from the Shanghai office of a major international law firm. Munro has spent more than ten years advising financial institutions, multinational companies, and investment funds on business and investment issues. Her experience includes advising clients on market entry and exit strategies, acquisitions, and regulatory matters. She also has conducted numerous FCPA and earnings management investigations and represented clients in arbitrations and cross-border litigation. Munro is a solicitor qualified in England & Wales and is a non-practicing barrister called to the Bar of the Hong Kong Special Administrative Region of the People’s Republic of China.

Another key member of the firm’s China practice is Ying Huang, who has spent seven years as a Foreign Legal Consultant in Steptoe’s Washington, D.C. office, and has played an important role in the firm’s market access initiatives.

Index Engines, an enterprise discovery solutions provider, has announced a partnership with Venio Systems. This partnership will provide customers and service partners with a cost effective end-to-end solution for e-Discovery following the electronic discovery reference model.

Index Engines’ indexing technology enables high-speed processing of large volumes of hard-to-access data through direct indexing of backup tapes and online data. Venio Systems offers an innovative e-Discovery management platform that allows the analysis, review, and export of data using an easy and efficient process that works with all industry standard litigation support applications. The marriage of these two solutions allows eDiscovery projects to be executed quickly, effectively, and with cost-efficient results.

NetSuite, a provider of cloud computing business management software, said it plans to make its cloud computing enterprise resource planning (ERP) suite available in the Google Apps Marketplace, Google’s recently launched online storefront for Google Apps products and services.

NetSuite’s cloud-based ERP suite enables users to run their key back-office operations and financial business processes—including accounting, inventory and supply chain, order management, and business intelligence—with a single, comprehensive SaaS application.

Google Apps customers integrating with the NetSuite business management software suite will get instant visibility into real-time financial, operational performance, and documentation across their entire company securely from any browser-enabled devices. In addition, companies can reduce cost and increase productivity by enabling real-time collaboration on financial data across geographically dispersed teams.

Information infrastructure solutions provider EMC Corporation has announced the launch of EMC SourceOne E-mail Supervisor, which enables customers to cost-effectively monitor inbound and outbound e-mail and instant messages for compliance with internal policies and external regulations.

A complementary product to EMC SourceOne Email Management, SourceOne Email Supervisor can cost-effectively and efficiently monitor and review messages sent or received by any identified user. Its key capabilities include:

• Flexibility in defining and customizing business policies to determine which messages will be sampled for review;
• Ability for supervisors to create and manage review groups as well as assign reviewers into each group;
• Easy navigation to highlighted text in both the message body and attachments to clearly indicate the content and business policy that caused the message to be flagged; and
• Provide proof of compliance with comprehensive reports to meet stringent NASD 3010 requirements of keeping auditable records of supervisory reviews.

SourceOne Email Supervisor is the newest addition to EMC SourceOne, a family of modular, integrated products for archiving, compliance, and e-discovery that makes information governance actionable. EMC SourceOne enables policy-based information management so customers can improve operational efficiency, ensure compliance, and mitigate risks. With SourceOne Email Supervisor, customers can sample indexed messages from the archive, present them for supervisory review and save evidence of review actions.

The NASDAQ OMX Group launched its WebCenter360 Banking Suite, an investor relations Website solution built for global, regional, and community banks. NASDAQ announced that the WebCenter360 Banking Suite will be powered by data and analytics from Highline Financial, an information and software tool provider for the financial sector.

The WebCenter360 Banking Suite leverages the unique legacy features of the current WebCenter360 platform and introduces comparative data tools designed for investors analyzing bank performance and shareholders researching company information. The platform can be customized to be seamlessly integrated with the brand look-and-feel of any corporate Website.

Integrated into the WebCenter360 banking suite, Highline Financial will provide tools that will enable investors to more easily analyze a bank’s performance via a dashboard setup. Investors can access information such as Peer Analysis and Deposit Market Analysis, which ranks banks by geographic market. Utilizing these new services, bank Investment Relations Officers can provide more transparent investor communications, more efficiently. Other new features include:

• Mergers & Acquisitions Summary, which displays information about what the bank has acquired or divested on a transaction by transaction level;
• Mergers & Acquisitions Detail, which includes information about the buying or selling party, the date, location, agent, financial arrangements, and specific sets of loan transactions;
• Financial Statistics, which offers the investors an in-depth glance at banking industry-specific financial metrics; and
• Deposits & Loans Composition, which allows the investor to view the makeup of the bank’s investment portfolio as broken out so that it totals 100 percent of total gross loans or gross deposits.

These enhancements complement the product’s current features, including the Mobile IR Site, IR Toolkit, Download Library, RSS News Feeds, Shareholder Briefcase, and programs to manage corporate governance, SEC Filings, stock information, events, press releases, information requests, and more.

SimCorp, a software provider for the financial sector, has released a new front-office suite, Version 4.7 of its SimCorp Dimension, featuring fully integrated and scalable applications for portfolio managers, compliance officers, and traders.

Among its new functionalities, SimCorp introduces three new ‘managers’ in the front office area:

• The Asset Manager, a central position analysis and decision support platform;
• The Compliance Manager, featuring tools for handling increasingly complex client mandates; and
• The Order Manager, enabling investment management organizations to quickly adapt to market requirements.

In addition, SimCorp Dimension users can benefit from The Fund Administration Manager, enabling users to manage the fund administration process in one screen, thus reducing operational cost and risk. There is also a new module for managing the post-trade risk compliance process, and a fully integrated solution for the commercial lending process.

In response to Massachusetts’ stringent new data privacy law, MA 201 CMR 17, that went into effect March 1, Application Security, a provider of database security, risk, and compliance solutions for the enterprise, has announced major updates to both its AppDetectivePro for auditors and IT advisers, and DbProtect for the enterprise.

AppSec has developed a policy available through free download that will help customers ensure they are in compliance with new Massachusetts state regulations affecting all organizations that own, store, license, process, transmit, receive, or handle Massachusetts residents’ personal information.

“This new law impacts not only Massachusetts-based organizations, but also companies across the country that maintain Massachusetts resident information,” said Josh Shaul, vice president of product management for AppSec. “It’s mandatory that companies are in compliance and our downloadable policy enables organizations to achieve compliance in a timely manner.”

The downloadable policy will allow automated assessment of the database and includes a MA 201 CMR 17 compliance checklist, complete with detailed guidance on how to configure specific settings within Oracle, Microsoft SQL Server, IBM DB2, Sybase, MySQL, and Lotus Notes/Domino to ensure compliance with the law.

For AppSec customers currently using DbProtect or AppDetectivePro, the Mass 201 policy can be downloaded here, or for new customers, download a free trial of AppDetectivePro here.

MSCI, a global provider of investment decision support tools, and RiskMetrics Group, a provider of risk-management and corporate governance products and services to the global financial community, jointly announced March 1 that they have entered into a definitive merger agreement whereby MSCI will be acquiring RiskMetrics.

The transaction will unite such brands as MSCI, Barra, and RiskMetrics, to create a global, research-based, client-centric organization, dedicated to delivering world-class investment decision support tools to financial institutions worldwide. The combined company would have approximately $750 million of revenues and approximately 2,000 employees across 20 countries.

The transaction, which is currently expected to close in MSCI’s third fiscal quarter of 2010, is subject to customary closing conditions, including approval by the shareholders of RiskMetrics, the receipt by MSCI of the proceeds of the debt financing for the transaction, antitrust clearance, and other customary regulatory approvals.

OpenSpan, a provider of personal workflow management software, has announced OpenSpan Events, a real-time, lightweight service that passively and securely collects previously inaccessible user events from desktop and other legacy applications.

OpenSpan Events enables organizations to generate real-time compliance alerts and notifications, interface with enterprise business process management and business activity monitoring systems, and perform detailed user and process performance analytics with standard business intelligence and reporting tools. As a result, organizations can perform complex audits of user activity, identifying compliance or security violations, improving business performance, and reducing costs.

Highly configurable, OpenSpan Events can monitor a wide range of events including compliance violations, business process status, workflow duration, application or user errors, and user-defined transactions. Custom alerts can also be triggered for defined activities, such as the copy and pasting of private data or other compliance violations.

Key features of OpenSpan Events include:

Compliance and Audit: OpenSpan Events enables organizations and independent software vendors to add auditing capabilities to virtually any application, without requiring access to source code. It’s an ideal solution for auditing workflows that span multiple applications and generating real-time alerts for compliance violations by business users. For example, a financial services company can generate compliance alerts whenever a business user incorrectly adjusts a customer’s credit limit.

Business Visibility: OpenSpan Events provides total visibility into business processes that require human workflows. Traditional BPM systems can alert business users to a required workflow, but have limited or no visibility into the status of the workflow until it is completed. With OpenSpan Events, organizations can monitor user interactions with desktop applications and feed this event data into business process management and business activity monitoring systems.

Desktop Event Monitoring: OpenSpan Events captures data across any desktop or legacy application in real time. This information can then be fed into leading business intelligence, business activity monitoring systems, or other analysis products to gain a better understanding of user activity and to identify bottlenecks within key business processes. By logging composite events that span multiple applications and ignoring irrelevant events, OpenSpan Events delivers required granularity so that organizations can capture and report productivity metrics.