Speaking as someone who has been writing Android banking software for eight-odd years, requiring SafetyNet attestation is a crock of user-hostile shit so long as the same institution allows random desktop Web browsers access to the same APIs. I have a feeling it was invented for anti-cheat in games but it became a line-item in every security director's checklist because Google offers it.
Works with "BOI Mobile", the Bank of Ireland mobile app, which I downloaded from the Aurora store. I get a notification on starting the app indicating that the phone is "rooted" (it isn't) but I'm not prevented from using the app.
I don't use any banking apps, sorry. AFAIK /e/ supports signature spoofing/pretending to have normal Google Play Services available, so some stuff might work.