The rules of international banking guide many business processes by establishing limits for profit and loss. In risk management, international banks and other financial institutions control loss resulting from inadequate and failed internal processes, systems, and people as well as external forces by adhering to policy like Basel II. Two main occurrences of operational risk including fraud and IT failure resolve in the supplement which provide banks an answer to the current crisis. For successful risk management banks should follow these three steps as suggested by the Capital Asset Pricing theory. Managing Risk and Scenarios When considering operational risk bank managers should attempt to control fraud. Loss resulting from fraud happens when a group organizes to enter a position to disrupt the flow of business service by disavowing the rights and duties of the established management. A familiar incident of fraud, risky business mergers, provide an example of risk for analysis. The 2008 crisis suggests several corporations experienced some financial insecurity during the millennium which lead to corrupt business practices. Many corporations and smaller business firms did not continue certain business transactions due to practices that caused debts and other penalties in the beginning of the first decade. A popular case, the Lehman Brothers incident proves that banks lacked confidence about the progress of some businesses. The facts remain. If risk from fraud occurs at international banks, then regional banks must answer another threat. Certain reasons of risk are inherent only after a control has been implemented in banking policy creating a "scenario" to which officials must respond. Rules bend based on security. IT Failure Yet, other risk occurs when external forces act upon IT systems. Failure within IT systems exist after Storms, earthquakes, and other forces of Nature happen. Damage to hard drives can cause systems to slow down and frequent disconnects from ISPs. When ISPs deny service after weather conditions or other reasons, IT failure occurs. After 9/11 IT teams still hold responsibility for monitoring and controlling failures in mainframes; IT teams prepare the changing agenda for networks as we approach the second decade. There are instances when an ISP should deny service to customers who are in danger of breaching service agreements. If involved in behavior that causes reason to believe that illegal acts, such as hacking, etc., a customer's rights to service can be suspended or denied. Severe cases of viral attacks can also damage to IT systems and lead to failures. It is imperative for IT members to implement security systems that can prevent costly damage to the network; a weak security system leaves the network open to viral attacks. Also, risk from failed internal systems and processes exists as individuals who have access to data refuse to do as should. Training and other policy suggests methods for problem solving and rules of conduct for staff and members. It is up to efforts made by the individual to assist with the functioning of the system. Even at regional banks avoiding failure to internal systems becomes necessary. It only takes a minute for a serious mistake that costs time and money to occur. In Three "Steps" 1. Determining which fines should be charged and to whom is the first step to risk management as laid out in the Capital Asset Theory. Sanctions should deter behavior that causes more detriment to the flow and stability of business. Limits on access and participation after fines have been charged will also remove loss. 2. Next, more analysis of scenarios will help establish reasonable expectations for banking practices. Managers and other officials will use discretion in communication after implementing approved controls. 3. The use of strict time constraints for access to IT and other systems will discourage illegal activity like hacking, damage from viral cases, etc. Especially in regional banking, time constraints will limit access to systems while allowing IT members monitoring duties. Balancing the risk in international banking requires action from managers, other banking officials, IT members and staff alike; policy like the Basel supplement provide many sustainable resolutions to issues, like reasons for scenarios occurring after set controls in the millennium. It is clear. If advances in the banking industry are to improve the way we think about profit and loss, then the effort should carry on to regional banking. An important solution to risk management, the Capital Asset Theory establishes the framework for the implementing of fines and penalties for business firms and financial institutions who have not complied to policy. Necessary adjustments through the means of time constraints and balancing of duty after attempts to disrupt the flow of business will encourage progress through the second decade.