While at InfoSec last week I did an interview for SC Magazine UK that came out quite well (it’s good not to be misquoted :) ).
You can read it at http://www.scmagazineuk.com/infosec-2013-a-lack-of-security-development-and-technology-transparecy-harms-users/article/290460/
The Bank analogy was that for software/app developers (including most at InfoSec) what matters is that the app (i.e. the Bank) looks good (regardless if there is a vault or not).
And since it is easier and cheaper to build a bank with a great frontend but no vault (for the same cost as building a restaurant), there is very little incentive to invest in 'secure coding' since the customer cannot tell the difference (until there is an compromise of course)