[raverbashing]

Banks should send ZERO emails, period. It's not secure for that.

I do sometimes get emails from them but they're "useless" (usually a simple notification)

Several banks have their own message box inside of Internet Banking.

[Crito]

I have my bank send me an email saying "you've made a credit card purchase" every time I make a credit card purchase, just as a low-hassle way of keeping an eye on things, but those emails seem to be sent from completely separate systems from the (very occasional) marketing-ish email. The later they seem to contract out.

Certainly nothing that I need comes through email.

I would expect that they are separate systems for Citibank as well.

[sneak]

Email is the only universally-accepted federated notification system.

Emails such as "your card has been used 1000km+ from its last use" or "you just made this >$1000 purchase" are very useful indeed, and should be encouraged to detect fraud.

[raverbashing]

For small notifications (let's say a $50 purchase) I get an SMS

If it's something that rings a bell the bank calls me

[MichaelApproved]

The problem with that is banks sometimes ask what your last transaction was to prove you are the account holder. Anyone who has access to these email messages will know that information.

[drcoopster]

I've never seen this with any of the banks with which I've done business. They will tell me what the transactions were and ask me to confirm that they were indeed by me in the case that they're suspicious of fraudulent activity.

[drdaeman]

My bank knows my public key. They could send me an encrypted email... well, except that ciphersuite in subject is GOST, which is not supported by most MUAs, so they don't. So, unfortunately, the key's only used to authenticate me over a TLS connection for a web-based self-care service.