Is there a concrete reason you believe that or just a gut feeling?
It's pretty obvious to anyone really. Even if you assume that OpenBSD had 0 bugs, it doesn't protect you if someone exploits your browser, or some application that you have, which may have a lot of bugs. In contrast, tou can create two isolated OpenBSD VMs in Qubes, one where you do your banking related activities (and setup the firewall to only allow connections to your bank for example), and the other where you do your browsing, so that even if someone pwns your browser in the second VM they won't be able to steal your banking logging credentials - unless they have a Xen exploit of course.
https://en.wikipedia.org/wiki/Address_space_layout_randomiza...