Do banks using third-party cloud services just trust that the provider won't abuse their data? Do they actually store financial data there, or just use them for front-end stuff like websites?
The trust will come from very stringent contracts (beyond the regular contracts that other customers would use), third-party certifications that the provider achieves, and the provider being covered by certain aspects of the regulations that cover banks (or healthcare or whatever).
