Philosophical: hidden DOM elements && client side validation only

I wasn't sure where this best fit because it encompasses all of web development (HTML, CSS, JavaScript).

It seems to be in industry standard to hide DOM elements on a page and then toggle their visibility on the page when a trigger event happens (clicking on an anchor or the like) it seems like clutter then you could just create or destroy that DOM element on the trigger event. Yeah its generally more code but it would be cleaner and expose less to prying eye using the inspector.

This brings me to my next point of client side validation only. I'll give you a hypothetical.

Let’s say you have a mortgage, you also have a bank account at a random bank linked to that mortgage payment for automatic deductions. Let’s say you change banks and go to link the new bank account to the mortgage payment system on your mortgage provider’s website. They only give you the option to setup auto draft on a data AFTER your payment is due say its due on the 1st of the month and only let you select the 4th or later. Now suppose you call them, they explain in order to select the date of the 1st you must pay an additional entire mortgage payment so you are ahead one month.

Being a tinkerer you thank them for their time and hang up and then go back to the website and in the inspector manually enter the date of the first and it works. If their validation and security are that low. Should you trust them with your money?

All hypothetically of course.

Or am I looking at development in the wrong light?