How real is the risk of a registered and legit business selling a banking app taking your banking credentials and stealing your money? I’d estimate it to be 0.
It stores the data locally, so first you have to break into the system, then the encrypted container of the app. If someone does that then you are probably a pretty high value target and have different problems.
An open source, non audited app, that’s not even compiled yourself (iOS app) isn’t much different than that.