ASIC v Bekier: What the Star Case Means for Board Reporting

On 5 March 2026, Justice Michael Lee of the Federal Court handed down the liability judgment in Australian Securities and Investments Commission v Bekier [2026] FCA 196. The case involved nine former Star Entertainment executives and directors, and the questions it tackled go well beyond the casino sector.

Two senior officers were found to have breached section 180 of the Corporations Act (the duty of care and diligence). Seven non-executive directors were cleared. But even the directors who were cleared did not escape criticism.

If you sit on a board, this judgment is worth reading. It says a lot about what courts now expect of the information that reaches your boardroom table.

Primary source: ASIC v Bekier [2026] FCA 196 — Federal Court of Australia, Justice Lee, 5 March 2026.

Who was found liable?

Matthias Bekier, Star’s former CEO and Managing Director, was found to have breached s 180 on four counts. He failed to properly deal with a KPMG report that identified deficiencies in Star’s anti-money laundering processes, failed to manage risks arising from the junket operator Suncity’s operations in Salon 95, and failed to escalate the misuse of China UnionPay (CUP) cards to the board.

Paula Martin, Star’s former Company Secretary and Group General Counsel (and, from August 2019, Chief Legal & Risk Officer), was found to have breached s 180 on three counts. She failed to adequately inform the board about Suncity risks and played a role in misleading National Australia Bank about how CUP cards were being used at Star’s casinos.

Justice Lee described Martin as an “unimpressive witness” and found inconsistencies in her evidence. He noted, with regret, that she was “willing to tell an untruth of an important matter if she perceived that doing so could assist her in maintaining her position.”

Two other former officers, Gregory Hawkins (Chief Casino Officer) and Harry Theodore (CFO), had already admitted contraventions by consent order in 2025, with penalties of $180,000 and $60,000 respectively.

At the time of the contraventions, each breach of s 180 carried a maximum penalty of $200,000 for conduct before 13 March 2019. From 13 March 2019 onwards, the maximum became the greater of $1,050,000 (5,000 penalty units at the then-current rate) or three times the benefit derived from the contravention. (The statutory maximum has since been raised, but those are the figures applicable here.) The contraventions span 2017 to 2019, so both tiers are in play. Penalties for Bekier and Martin will be determined at a later hearing.

What about the non-executive directors?

Seven former non-executive directors were cleared. Justice Lee found ASIC did not make its case against them. But that does not mean boards can relax. Justice Lee was pointed in his criticism of the board’s conduct, noting the absence in board minutes of “directors actively pressing management with difficult questions.”

He said non-executive directors must apply an “enquiring mind” to the material they are presented with and, where appropriate, “test management if it appears that they are not being frank or candid.”

The standard is contextual. A gaming company dealing with known criminal risks demands more vigilance than a low-risk operation. As Justice Lee put it: “This was no ordinary enterprise, and the role demanded vigilance.”

The board reporting problem

Justice Lee said boards “cannot rely upon an inability to cope with the volume of information they receive.” Information reaching the board must be “in a form that is both comprehensive and capable of proper digestion.”

He also took aim at the common practice of dumping everything into the board pack without thought:

Without imposing upon management the discipline of synthesising and summarising material to make it practical for the pack to be delivered manually, the temptation exists for those preparing the pack to chuck in everything.

A 500-page board pack is not evidence of good governance. If directors cannot properly digest the material, the reporting has failed, and both management (for producing it) and the board (for tolerating it) share responsibility.

Directors, particularly the Chair, should take steps to strengthen board reporting processes. That means thinking through what the board actually needs to make informed decisions, and setting the expectation that management escalates material compliance and regulatory risks promptly and accurately.

The CEO’s escalation duty

The judgment establishes that a CEO has an ongoing duty to raise matters posing a serious risk to the company with the board. Bekier’s failure to do so was at the heart of his contraventions.

Justice Lee identified three responsibilities for a CEO:

1. Information conduit. A CEO must routinely escalate serious risks to the board. Personal judgment about whether something is “serious enough” is not a substitute for board oversight.

2. System competence. A CEO must understand the company’s systems for managing risk. When an external review (like KPMG’s) identifies deficiencies, the CEO must track remediation and revisit decisions that relied on those defective processes.

3. Risk prioritisation. Competing demands are not an excuse. When the company is sending misleading statements to its banker, the CEO must recognise the gravity of the situation and prioritise it for board consideration.

The company secretary and general counsel

Martin’s case has particular implications for company secretaries and general counsel. She tried to argue that her duties as company secretary, general counsel, and chief legal and risk officer were separate, and that she did not have a direct reporting line to the board in her company secretary capacity.

Justice Lee rejected this outright. He said her suggestion that she could operate “within discrete spheres of responsibility” was without substance. As Star’s most senior solicitor, she owed duties across all her roles. Her client was the corporation, not the CEO, and when she became aware of matters exposing the company to legal, regulatory or reputational harm, she was obliged to notify the board directly.

Telling the CEO was not enough.

In both the Centro case (2011) and now the Star case (2026), it is the senior officers rather than the non-executive directors who have been found liable. Company secretaries and in-house counsel should pay close attention to where their obligations sit.

What boards should do now

The Star judgment does not create new law. Section 180 has been on the books for decades, and the Centro case covered similar ground fifteen years ago. But the Star case applies those principles to a modern, complex organisation with real consequences, and the court’s language is unusually direct.

The practical takeaways:

For boards:

• Review your board reporting processes. Are your board packs digestible, or is management burying you in volume?
• Make sure your minutes reflect that directors are asking questions, testing management, and engaging with risk information.
• Set clear expectations about what information you need, in what form, and how quickly material risks should be escalated.

For CEOs and executives:

• If you know about a serious risk, tell the board. Do not filter it, soften it, or assume someone else will raise it.
• Track the remediation of issues identified in external reviews. A KPMG report sitting in a drawer is a liability, not an asset.

For company secretaries and general counsel:

• You owe duties to the corporation across all your roles. You cannot compartmentalise.
• If you become aware of something that exposes the company to harm, the board must know. Informing the CEO alone does not discharge your obligation.
• Your professional obligations as a solicitor inform your duties as an officer. Justice Lee made this explicit.

The Centro parallel

The similarities between this judgment and ASIC v Healey [2011] FCA 717 (the Centro case) are hard to miss. Both cases turned on s 180 and the duty of care and diligence. Both examined what directors and officers should have known and what they should have done about it. Both found that you cannot delegate away individual responsibility.

The difference is scope. Centro was about financial statements: directors signing off on accounts that contained errors they would have caught if they had read, understood and applied their minds to the documents. The court found that every director had a personal obligation to read and understand the financial statements, regardless of whether the audit committee had reviewed them.

Star is wider. It covers the entire flow of information between management and the board: risk reporting, compliance failures, escalation culture, and whether the board was asking the right questions. Centro said directors must read what they are given. Star says the board must also control what it is given in the first place.

In both cases the senior officers bore the brunt of liability, while non-executive directors were either cleared (Star) or received lighter findings (Centro). The trend is consistent: courts hold executives and company secretaries to a higher standard on information flow, because they are the ones who decide what the board sees.

The consistent point across both cases: boards are not entitled to be passive recipients of management’s information. And the people who control that flow carry the greatest risk if it fails.

Citation

Australian Securities and Investments Commission v Bekier (Liability Judgment) [2026] FCA 196 (Federal Court official)

Related resources

What is a Board Committee?

Delegation of Authority

Risk Appetite

Risk Register

Writing Better Board Papers

Free Minute Health Check