With just a SIM swap, isn't it possible for an attacker to reset the password on your main email account (e.g. gmail) via the phone, then from there reset the password on your money account through the stolen email?