Right, my understanding is that the whole point of "device integrity" is for a device manufacturer that your bank trusts to be able to vouch that your device is "secure". If the device is under your control rather than the manufacturer's (as would generally be the case with an open source OS), they can't credibly make such guarantees.