privsec
Banking applications want this authorisation to protect against fraud.
When checking the IMEI of your phone, this authorisation allows you to be sure that it is really you and not a thief who has stolen your phone to get your money…
BTW: My bank app requires access to location and phone (device location, WLAN name and IMEI)
This app also works without these authorisations, but then without the extended account protection that my bank offers me when authorisations are granted.
The background to such requests for authorisations from banks is that everything now works with just one app and no really good additional protection such as a second device is required.
If such an app is successfully attacked, your money can be gone.
The bank saves itself the expense of separate devices and pays in the event of a loss if you have given the app authorisation and something happens anyway.
But: read your bank's terms and conditions and data protection regulations, because your bank may not protect you any better if you give their app all the authorisations.