Doesn't that create an awkward situation where a bank would be the guardian of my critical information instead of the bank having access to some third party being responsible for that information, because you put the customer in a vulnerable situation where he has to deal with the bank, being secure of course, but at the same time the objective of the bank is to make money, not to guard my information? That puts the customer in a weak situation with the bank.
On April 10th, 2019. See this statement in context.