Some phones are really complicated to get a custom ROM onto, and in that case the risk is very high. Especially phones that are complicated to get a custom ROM onto and don't have an easy way to get back to a normal OS.
I'll give you 2 examples:
My Nexus 6p (RIP) was really easy to get a custom rom into. You could easily unlock the bootloader, very easily install twrp, and very easily get the new ROM installed. If you broke something, you could very easy restore to backup.
By contrast, my Huawei P10 lite was a nightmare to get a custom rom into. It was hard to unlock tho bootloader, I never got twrp installed, and eventually I broke the phone and couldn't restore to backup.
There's also some other stuff to keep in mind. A custom ROM is only as good as the community support around it. My Galaxy S1 SGH-i897 was amazing in that respect, it was released with cupcake and I had it running well into jellybean (as I recall, it's been like 10 years). Everything worked, and every new rom made it an even better phone. By contrast, I've got some tablets that have important features missing, or you had to choose between a new version of android or having all the features of your device working.
Moving to a custom ROM is always a good move in my book, unfortunately it won't solve the security update issue. Once a company (I.e. Samsung, Google, Oneplus) stops pushing security updates, custom ROMs developed for the phone pretty much stop getting them as well. You'd continue to get OS updates though, depending on the ROM developer. If security updates aren't super important to your threat model then that's all non-issue.
Long story short, you won't really have any problems with app compatibility on a custom ROM. I've run the following OS on various devices:
LineageOS
LineageOS (with Gapps installed)
LineageOS for microg
CalyxOS
GrapheneOS
Any ROM that includes Gapps will work with streaming and banking no problem. It'll function the same as stock android.
Graphene works with every banking and streaming app ive tried. The only two commonly used services it cannot run are Android Auto and Google Pay.
Anything that uses MicroG (CalyxOS, lineage for MicroG) also worked with all the streaming and banking apps ive tested. You may run in to more trouble running Google specific services here though. RCS wouldnt work for me in Google messages, but I think that was the only problem I ran in to personally.
In the end a custom ROM that is based on open source software is always going to be a better experience. I'd recommend checking out the Techlore youtube channel as a means for finding open source android software resources, as there are some amazing alternatives to commonly used proprietary apps.