Sure they might find out an App Update was issued in the App Store... but they cannot possibly know what API changes were made without reverse-engineering the API's all over again.
Not to mention, once they discover what changed, now this service has to go make the changes on their system... meanwhile that bank doesn't work with this service anymore.
So the App is broken for some undefined period of time.
The bank has to deploy their client code to all of their users before they can depreciate the old API. That should give them plenty of buffer time to reverse engineer the changes.
"All" of their client code is a bunch of apps, that mostly auto-update. My bank (small town credit union) has a banking app that refuses to work at all unless it's the most recent version of the App. I see no reason why this would be a challenge for the bank - it's only a challenge for this service.
That doesn't stop them from deploying new APIs to their client software deactivated. Then "flip" a switch to cause it to behave differently all at once.
