If hundreds of millions of dollars are one JS exploit away, the defense model is flawed. That sort of movement should require approvals from multiple people and even dedicated terminals that are not used for everyday browsing.

Security is a tradeoff; nuking browsers for everyone is just a bad tradeoff in 2019.