"* Continue using your device for financial stuff and have the whole thing compromised exposing all that data to the bad guys.

* Have a secure device but lose the ability to do financial stuff with it."

While I agree with your sentiment I must point out that some custom ROMs, like CyanogenMod, actually don't execute as rooted by default. In the latter case you have to enable root using a developer option, so you can still get the benefit of the quick updates without root.

