Perhaps e-mail is not the solution, even if it is encrypted. Perhaps a web based SSL connection would suffice? The data stream would be encrypted end to end and you can have the user create their own password on a web site (via SSL). Then, for added security, a bank employee could verify that the user was who they said they were in the password creation process (How, I don't know. Phone call?).
I know it is still possible, though rather difficult, to sniff SSL traffic and of course there are of ther security issues. I access one of my bank accounts through SSL but I don't remeber how I got the initial password. Perhaps it was snail mail.
Maybe you may want to research what other banks are doing? Rember that as an IT professional, much of your time will be spent in research. Are their any security compaines that offer a third party solution?

Just a though.