A system error is a bit different to a security breach, in addition they will obviously take something more seriously when a customer is losing money rather than gaining it.
I am at a loss as to why you havent noticed web sites of banks are no more secure than non banking companies.
e.g.
I have never seen a bank use an expired cert.
I have never seen a bank rely on only a password for authentication.
I have never seen a bank use ciphers that are considered obselete by the community.
I have never seen a bank send authentication details in unencrypted email.
Maybe some banks do this, but not any I have used, I have seen plenty of other companies follow those kind of practices tho, so I am not saying banks have flawless protection, there is no such thing, but rather that their security is at a different level to non banking operations.
Not to mention there is numerous banks in a high level private security mailing list I am a member off, with the likes of google and microsoft also contributing to that list, but no representatives from places like retailers, social media sites, game companies etc. They play an active role in how security moves forward.
end of the day if you want a server completely protected, then disconnect the network cable.