No, we are not afraid of our own systems. The idea that there is some fabled computer system which everyone is too scared to touch doesn’t exist (I work in payment processing). There are levels of controls way outside these systems which provide these safety nets (e.g settlement / reconciliation controls).

If the cobol is still there, it’s not due to risk. If anything, the cobol is a much higher operational risk than replacing it.