It all boils down to the simple fact that a secure(by industry standards) system is being brought down by the use of an insecure system. If I were to ever be a victim of this sort of crime I'd go after the bank for using a system which is & proven by numerous examples now.. Is insecure. They are at fault! At the end of the day, use of cellular technology to push OTP is only a worthy feature if the transit and recipient of the OTP is secure. CLEARLY there is a problem with securing transit/message end point which means the banks at fault for implementing..
Sure the real issue is that sim swaps and porting happens illegally.. But this is not a banking issue. The banking issue is that these stupid banks continue to use an insecure means of securing logins.