Banks are so heavily regulated, especially after the Dodd-Frank Act. I imagine there are some laws that effect disposal of sensitive information. Banks have SS numbers, address, account numbers, etc. information that hackers and identity thieves would love to get their hands on.
I would suggest you talk to your own banker and see if they will set up a meeting for you with their security expert. I am sure some banks have different requirements but I also bet there is some base level, minimum requirement by law.