Rest assured nothing
I would very much hope that banks practice security in depth and that there is more than one layer of security between someone's money and a thief.
However that is no excuse for running outdated encryption. The fact they do throws into doubt how secure the rest of their site actually is or if there is anyone working there who has a clue what they're doing. For example if the crypto is that ancient, then what site software are they running and is it kept up to date? What separation exists between the authentication server and app server? Is there a DMZ? Is there 2-way SSL between the app server and the banking services? Are the muppets in charge of security? etc.
Now would be a good time for them to fix things.
Biting the hand that feeds IT
