So? If I, the customer, want to access my banking info, on my phone, with whatever means I want, I should be able to. As I said, it’s not like every app gets root access, if I, as the owner of the device, explicitly gave root access to something, it’s for a reason.
And the main point that a rooted phone can basically hide itself from any app remains; these “detections” are trivially bypassed in the exact situation they’re supposed to detect.
And if you don’t want to wear a mask on your face during a pandemic, you should be able to? Not everything is about you.
Banks practice defense in depth as other security practitioners do. Not every defense will stop every attack, so a layered, overlapping approach is used.