Ugh. Sure, for non-critical stuff that might be acceptable, but for anyone working on core banking or infrastructure PLEASE don't be doing this.
What about fraud detection and prevention? I hope to think I'm not alone in that perspective that it's acceptable in those cases.
It's easy to see both pros and cons of that. I guess, like most stuff, it depends upon the appetite for risk vs the downsides of false positives/negatives and incorrect analysis.