> anybody who does banking on their phone is taking a big and unnecessary risk

It is not necessarily a matter of choice. Besides what the other commenter notes about 2FA, in some countries banks have been removing functionality from their online-banking website, and you can only do certain things in the phone app.

See, the thing is, here you can't use banking on your computer without having a bespoke authentication app on your phone. There used to be a system of one-time codes sent via paper mail, but even that has been scrapped by now, so using bank ID apps is literally the only option across all of the local banks. In my bank the ID app and the bank app are even different apps, and it's the ID app that's the truly important one to have (and that, of course, hates rooted/modified phones with a passion).

The government services also go through these ID apps, although there is a poorly supported alternative that uses USB smart card readers. I have not seen a single person actually use it, probably for a reason, though I'm planning to get one just to have a backup...

I see you suggest you can't say more, but I'll still ask the questions:

Is it a privacy or financial risk to have banking on your phone?

How is banking on a phone app more dangerous than banking via mobile or desktop websites?

Not a choice if you live in a "developed" country