The given answers are pretty much right on (security, age, periodic updates, etc). Also I think there is a bit of “that is how we have always done it”. The software for creating the card and the bank software has a field for expiration date and to remove it would break a lot of things. That goes for retail software as well, if they suddenly removed the date, how many websites would break due to it being a required field.

One last point, there are lots of people that would notice if the card suddenly had no expiration date and call in to find out what was up.