I don't think the root permission ban is for the website. In most cases it's about how your phone + the bank's app has become the new hardware token / key generator. Before smartphones I could log on to the bank's website but any transaction will have to be authenticated using a hardware token (presumed secure). That's moved into an app now.