So theoretically speaking a banking company should be secure by nature.
Say my email gets hacked, or social engineered, etc etc.
It would take 10 seconds to search for “Monzo” in my email app and deduce that I do in fact use Monzo.
Now they would only need to download the app, and enter my email address, generate a magic link and they have full access to my bank account.
What was wrong with passwords, or 2FA, or even passwords and then Magic links to verify. Magic links are not secure on their own and incredibly dangerous.