I agree, as long as fines are lower than the CEOs salary + bonuses, these "fines" remain laughable. But based on these other cases, it's unlikely that the ICO would or could do anything to severely impact how a bank operates, which makes them toothless.

As for telling the ICO, well the deputy director of the National Cyber Security Centre (NCSC, part of GCHQ) explicitly said he won't tell ICO if people report breaches to him... so I wouldn't cross my fingers.