Comment by Delokolo

Banks use different security measures, ones are better at it, others really superficial to the extent it's scary (seen with my own eyes). There's no standard what they need or must have - rather depends on the size of the risk, resources available at their disposal. Which often is a result of whether they have ever been hacked or not. A lot of banks never have been and feel they are invincible, and that shows in their security/redundancy measures.

"where the money is stored".. that one. In a nutshell, 99% of people (HN crowd including) do not understand, what is money in a bank, imagine it like some kind of electronic vault, which you as a client can access securely and transfer it (semi physically). Money in a bank does not exist. An IT guy would say "it's bits and bites, nothing more". A finance guy would say that it is a web of collaterals and liabilities. Simple example: 100 clients each open accounts with a bank and deposit 100 EUR; bank has 10'000 EUR assets and 10'000 EUR liabilities (it owes 10K to its customers); bank deposits that money, say, with TARGET2 interbank gross-settlement system (which again has accounts with other banks), so its clients can make/get credit transfers. So, as soon as money is deposited, it gets transferred to other parties, pledged, lent or invested - it is almost never "in the bank". So there's little to steal. Even if you do, the trouble is that somebody's asset is typically another party's liability (and vice versa), i.e. stuff is recorded by different actors - and all that can be traced back, you can't hack into all of them. Hence, stealing bank's funds without a trace is close to impossible. Keyword - "close" ;)