This solution is for two banks and I'm wondering how secure the voice is. Would it be better to use a VPN?

The security level the voips provide depends on what type of firmware that is loaded into them and whether or not a gatekeeper is used. The proprietary firmware authenticates calls via MAC address and phonebook entries. It also has inbound/outbound call authentication options so that a DTMF sequence has to be sent before calling. Basically for someone to gain access to call your voip they would have to know the MAC address, the IP address and be added into the host phonebook.
The H.323 firmware by itself is not secure....if someone knows the IP address and has an H.323 client then they can call to that voip provided they are using a compatible voice coder. Security is added to the H323 by using a gatekeeper which is a separate server which can authenticate all calls going in and out of the voip(s)....of course VPN could add another layer of security to what I mentioned above. Be careful with voice over VPN as VPN adds encryption and could cause latency or delay to the voice.