((share-holder) value, he created new KPIs such as economic value added, return on
capital employed (ROCE), and stressed the need to measure non-tangible assets.
Because the approach focuses on external shareholders, communication with
capital market gained importance.
Risk and compliance management—the 2000s: Fraud at the end of the last
century [25] led to new legal rules (e.g. Sarbanes–Oxley Act (SOX) [26]), and risk
and compliance management: The latter entails systematically scanning legal
requirements and internal rules, training people accordingly, and checking that
internal activities are in line with these rules. Risk management includes identifying
risks, quantifying their potential damage and likelihood of occurrence, and
developing strategies to avoid them [27]. Typical output of risk and compliance
management are risk reports supported by frameworks like COSO [28]. The 2008/
2009 economic crisis led to a renaissance in work on early indicators and their
impact on financial KPIs [e.g., 29].