Seems pretty simple to me. Just use IPSec to create a tunnel end to end. It doesn't matter where and how this tunnel gets transported (isdn, atm, pots etc.) noone will be able to eavesdrop.

NB sending unencrypted financial data over an T1 connection is just as bad as doing it over an ISDN line. I know, we encrypt all our WAN links because we use a third party for our WAN infrastructure.