The problem isn't what an attacker can do with Teller credentials. The problem is what an attacker can do with the banking credentials you ask users for. The risk profile is similar here to a breach in an online password manager -- if you used an online password manager to store your banking credentials, are you perfectly comfortable with an attacker gaining access to your credentials since the password manager implements no banking functionality?
