Steal, cheat, embezzle or lie on Wall Street, and your wrongdoing could be flagged by high-tech surveillance programs used by banks to sniff out law-breaking employees. But those same snooping tools might also be drawing attention to bankers attempting to do something noble, like blow the whistle.

A review by CNBC of surveillance software used in the financial industry found that some programs don’t limit their targets to typical bad behavior, like defrauding clients, rigging bids or laundering money. The applications can also pick up on employees who might be reaching out to reporters or authorities with concerns.

“The compliance industry is based on ‘complying’ with the law, not doing what is right,” an expert in the field told CNBC. “Some firms take that to the extreme when it comes to things they need to watch out for.”

The report sheds light on a little-understood corner of the banking world, where teams of compliance officers monitor endless torrents of employee emails flagged by programs for signs that legal risks may be bubbling beneath the surface. Although such surveillance is meant to root out bad actors, it might also discourage whistleblowers.

In one program analyzed by CNBC, emails from mainstream media outlets were flagged for review. According to the source, Janus Capital and at least one other large financial company used the software.

In the wake of tightened financial reforms and a spate of multibillion-dollar fines since the financial crisis of 2008, major banks have invested heavily in strengthening their compliance desks to ensure another Libor rigging scandal or London Whale never happens again.

CNBC previously reported on the keywords and phrases used in emails that automatically triggered further review at Goldman Sachs. The wide-ranging list included everything from expressions of dismay (words like “pissed,” “angry” and “concerned”) to indications of trades gone wrong (“break the trade,” “time to dump”).