Whistler is an application for reporting suspected misconduct that allows a whistleblower to submit a report in good faith — either under their name or anonymously.
Regardless of whether the whistleblower has disclosed their identity or remained anonymous, they create a username and password upon first accessing the application. Using these two authentication elements, they log into the application, through which communication with the investigator and monitoring of the reporting process takes place. The report can be updated at any time, documentation can be added, or the whistleblower can communicate with the investigator via the dialogue box ("chat").
Whistler is hosted on an external portal: NLB Whistler, which allows reporting from external environments, such as a library, a café, etc.
It is very important for the user to remember their username and password. The password is not stored, and the user cannot recover a forgotten password. A new login will be required to re-establish contact, but the new login will not provide access to content linked to the previous (forgotten) username and password.
Even if you forget your login details, you can log in again with a new username and password, and in this new (additional) login, inform the investigator about the previous report, which will still be visible to the investigator.
The system is intended for the bank’s clients, employees, and other stakeholders who believe that an act has been committed that could harm the bank or its employees, and which may have serious consequences in terms of regulatory sanctions, criminal liability, or damage to the bank’s reputation.
The whistleblowing system is not intended for general inquiries about the bank’s operations or for customer questions and complaints. For such cases, please contact: nlbinfo@nlb-rs.ba.
Reports submitted by whistleblowers are received exclusively by authorized reporting officers, who are also designated trustees in accordance with the law governing whistleblower protection.
When receiving, handling, investigating, and archiving an individual report, the reporting officer ensures strict protection of the data in the report, including the identity of the whistleblower. This guarantees full protection of the whistleblower throughout the entire process and even after it is concluded. If the whistleblower, despite the protection, does not wish to reveal their identity, it will remain unknown to the reporting officer thanks to the features provided by the application, while communication will still be possible.
Additional protection for the whistleblower is also provided by national legislation. In accordance with the law, the bank has appointed trustees who carry out the prescribed procedures.
If the whistleblower discloses their identity when submitting a report, the bank, in accordance with applicable data protection laws, ensures the protection of the personal data of individuals who have reported harmful conduct to the detriment of the bank. All information about the whistleblower is treated as confidential.