From what I understood, many banks in the US are still making use of insecure 2FA methods like via SMS. Or they don't use 2FA at all! Think of Amercian Express and E-Trade. Very weird, you would think that most would have adopted 2FA via security keys, hardware tokens or authentication apps. Also, mobile banking is a complete joke, even over here in Europe, 2FA is not used at all from what I understood. Which makes phishing attacks more dangerous. On the other hand, when people are really making dumb mistakes, I can understand that banks don't always want to pay. Because certain people give hackers full access to their PC, via remote control apps.
Another example where financial system is only strictly applied when it benefis banks and other financial institutions.
