This is the classic "Castle vs. Moat" debate in security architecture.
While Docker provides a Moat (isolation from the host machine), the Sandbox provides the Code of Conduct (rules for what happens inside the castle).
For a "Bank Grade" system transferring $10 Trillion, relying solely on Docker is insufficient for three critical reasons: Determinism, Data Exfiltration, and Noisy Neighbour Protection.