Should we discuss about all the 15 years old bugs that are found in Windows, Linux and MacOS which are well into production (and many of them critical bugs that affect the core of the product)? Has a software company ever been fined or held liable for bugs in its products? In fact too often, bug fixes are paid updates.
Financial companies are held to extraordinary standards, and in my opinion it's a game they cannot win.
This is not a minor bug, this is a bug that caused data to be misrepresented. If you want to compare it to OS bugs, then you need to look at silent data corruption: how many data corruption bugs have gone undetected in operating systems for 15 years?
You mean a server OS leaking kernel memory to any external connection doing something special with TLS without leaving any audit trail that this happened is a minor bug?
Financial companies are held to extraordinary standards, and in my opinion it's a game they cannot win.