It would be nice if banks even understood the basic idea of the hierarchical domain name system, ie using subdomains such as online.bank.co.uk instead of www.bank.co.uk, bankonline.co.uk, bankgizmos.co.uk, ukbank.com and a dozen other things.
It would be nice if banks did not send emails that seem to be designed to look as much like phishing as possible.
It would be nice if, having warned people not to hand over their passwords when asked in emails (which El Reg readers at least know how to trace), they did not then phone customers, withholding even (the easily spoofed) caller ID, and ask for their security information.
It would be nice if banks did not use obvious man-in-the-middle systems like Verified by Visa.
Complaining that the don't use DNSSEC seems rather irrelevant in this context.