How the Star Case Rewrote Executive Liability for Compliance Risk

More than $900 million moved through casino ATMs using cards expressly prohibited for gambling. A junket partner generating $5.9 billion in annual turnover maintained its exclusive arrangement despite known criminal links. A board received reporting that omitted the scale and nature of these risks while executives managed the fallout internally. On 5 March 2026, the Federal Court in ASIC v Bekier put names to those failures, finding former Star Entertainment Group CEO Matt Bekier and former Group Chief Legal and Risk Officer Paula Martin personally liable under section 180 of the Corporations Act 2001 for breaching their duties of care, skill, and diligence. The findings centre not on financial mismanagement but on the failure to escalate non-financial compliance risks to the board. With a penalty hearing listed for 27 May 2026 and Australia’s overhauled AML/CTF framework now in force, this analysis unpacks what the court found, why the dismissal of claims against non-executive directors sharpens rather than softens executive accountability, what the penalty phase may deliver, and what ASX-listed boards and executive teams should take from this case.

The verdict, its scope, and the claims that did not succeed

The court upheld four of seven allegations against Bekier, with the breaches centring on his failure to escalate known AML/CTF and criminal risks associated with the Suncity junket operation and China Union Pay card misuse to the Star board. Martin’s breach findings focused on a distinct but overlapping failure: inadequate board reporting on those same risks and her role in facilitating misleading information to NAB about the nature of CUP card transactions on Star’s premises.

The findings against each executive carried specific contours:

• Bekier: Breached section 180 by failing to act on KPMG findings identifying AML weaknesses, failing to escalate Suncity-related criminal risks to the board, and failing to ensure the board received accurate, timely reporting on material compliance exposures
• Martin: Breached section 180 through inadequate board reporting on AML/CTF risks and facilitating misleading communications to NAB regarding the CUP card scheme

Equally significant was what the court did not find. All claims against the seven former non-executive directors were dismissed, with a formal dismissal order dated 20 March 2026. ASIC Chair Joe Longo confirmed publicly that ASIC would not appeal this outcome, making the executive/non-executive distinction legally settled for this proceeding.

ASIC’s official findings in the Star Entertainment case confirm that the court drew a precise line between executive accountability and non-executive reliance, with ASIC Chair Joe Longo specifically framing the executives’ failure to escalate serious compliance risks as the core breach.

ASIC Chair Joe Longo stated that executives bear a critical obligation to identify serious risks, manage them appropriately, and escalate them urgently to boards, reinforcing that the duty sits with those who control information flows.

The line the court drew is precise: executives who controlled what reached the board were personally liable; directors who relied on what executives provided were not. That distinction sharpens accountability rather than diluting it.

ASIC enforcement proceedings do not always result in liability, as the April 2026 dismissal of all claims against Nuix and its former directors demonstrates; but the contrast between a dismissal based on adequate disclosure and the Star findings, where executives controlled what information reached the board, illustrates precisely where the legal line now sits.

The factual basis of the breaches: junket operations, prohibited card use, and a bank misled

The Suncity junket relationship

Star Entertainment’s relationship with Suncity, a VIP gaming promoter with documented links to criminal networks, operated through an exclusive arrangement centred on Salon 95 at Star’s properties. Suncity’s turnover through Star escalated sharply: $2.1 billion in FY2017, $4 billion in FY2018, and $5.9 billion in FY2019.

A KPMG report had identified specific weaknesses in Star’s AML/CTF procedures, placing Bekier on notice. Media reporting on Crown Resorts had separately surfaced the criminal network links associated with Suncity’s operations. Neither trigger prompted adequate escalation to the board. The relationship continued, the turnover grew, and the board received reporting that did not reflect the scale or nature of the risks the executive team was managing.

The China Union Pay card scheme

Between 2013 and 2019, more than $900 million was withdrawn via China Union Pay debit cards at NAB ATMs located on Star’s premises. These transactions were expressly prohibited by CUP International. Martin facilitated misleading communications to NAB about the nature of this activity, and neither executive escalated the misleading NAB communications to the board.

The scale of the underlying conduct is not incidental to the legal findings. It grounds the section 180 breach in commercial activity that ran for years, involved hundreds of millions of dollars, and was known to the executives who chose to manage it internally.

Why section 180 now covers non-financial risk, and why that changes everything

Section 180 of the Corporations Act 2001 requires officers and directors to exercise their powers with “reasonable care, skill, and diligence.” Historically, enforcement actions under this provision targeted financial mismanagement: accounting failures, inadequate capital stewardship, or misleading financial disclosures. The standard was understood primarily as a financial-stewardship obligation.

ASIC v Bekier is widely characterised as the first ASIC enforcement action under section 180 centred specifically on non-financial compliance failures. The court applied the same statutory standard to the question of whether executives adequately identified, managed, and escalated regulatory compliance risks, permanently extending the provision’s practical reach.

In practical terms, the judgment now requires executives to demonstrate four specific dimensions of conduct:

• Active compliance engagement: Direct, informed involvement with AML/CTF and other non-financial risk functions, not passive reliance on compliance teams
• Timely escalation: Material risks must reach the board promptly, not be managed internally or delayed
• Accurate, specific board reporting: Reporting that addresses identified risks with granularity, not generalised compliance summaries
• Avoidance of downplaying known warnings: Where external reports, media coverage, or internal assessments signal risk, executives cannot minimise or withhold those signals

The Australian Institute of Company Directors (AICD) described the judgment as a “stark reminder” for directors about the personal accountability attached to oversight of non-financial risks, particularly in regulated industries.

For any executive or director in a regulated Australian industry, the personal legal duty attached to compliance risk has been materially expanded. The interpretation is not temporary; it is now part of how section 180 operates.

Differentiated liability and what the court’s findings mean for director duties

What the court said about non-executive reliance

The dismissal of claims against all seven former non-executive directors rested on a specific factual finding: these directors relied on information provided to them by management, and that reliance was defensible given the information as it was presented. The court did not find that directors had been negligent in accepting what they received. It found that the information itself had been inadequately prepared and filtered by executives before it reached the board.

This finding does not create a safe harbour. It creates a conditional defence: reliance on management is defensible only where the information provided is complete, accurate, and timely. Where executives filter, delay, or mislead, the liability sits with the executives. But the corollary is that boards are entitled to complete information, and that entitlement carries an obligation to actively demand it.

What boards should now demand from management

ASIC Chair Joe Longo framed “fragile or manipulated” information flows as a core enforcement concern. The AICD and governance commentators have responded with specific structural recommendations:

1. Direct risk officer access to boards: Compliance and risk officers should have reporting channels to the board that bypass management filtering
2. Independent AML framework reviews: External assessments of non-financial risk frameworks at regular intervals, not solely internal assurance
3. Risk dashboards with direct compliance feeds: Board-level visibility into compliance data that does not depend on management curation
4. Remuneration alignment with candid reporting: Incentive structures that reward accurate escalation rather than risk minimisation

The NED dismissal does not lower the bar for boards. It raises the bar for what boards must actively demand from the executives who sit between them and the risk functions.

The penalty phase and what prior Star enforcement suggests about the stakes

The penalty hearing for Bekier and Martin is listed for 27 May 2026, with a two-day estimate. ASIC is seeking both financial penalties and disqualification orders against both former executives.

Two prior outcomes from the same enforcement sequence provide the most directly comparable benchmarks:

ASIC Federal Court penalties across ASX-listed entities have followed a consistent pattern in 2025-2026: the regulator pursues enforcement to conclusion, accepts court-ordered penalties that establish public precedent, and frames each outcome as a signal to the broader market rather than a one-off resolution.

Bekier and Martin’s conduct and seniority sit above both Theodore and Hawkins in the Star enforcement sequence. Bekier served as CEO; Martin held the most senior legal and risk role. The scope of their breach findings, spanning both the Suncity and CUP card threads, is broader than either prior defendant’s.

ASIC Chair Joe Longo has emphasised that executives bear a critical obligation to escalate serious compliance issues urgently, positioning this case as a model for enforcement where information flows to boards are fragile or manipulated.

The AML/CTF Amendment Bill 2024, with reforms effective from 31 March 2026, provides the legislative backdrop against which penalty arguments will be made. Regulatory expectations have been formally elevated since the conduct occurred, a factor likely to inform the court’s assessment of proportionality.

Past enforcement outcomes do not guarantee comparable results. Penalty determinations are subject to the court’s assessment of individual circumstances, severity, and the specific facts of each case.

The governance reset this judgment demands from ASX-listed boards

What executives must demonstrate going forward

The court’s findings in ASIC v Bekier establish a concrete standard. Executives in regulated industries must demonstrate active compliance engagement, specific escalation protocols for material risks, and board reporting that is accurate and granular on identified exposures. The judgment makes clear that managing compliance risks internally without surfacing them to the board is not risk management; it is a breach of duty.

Star Entertainment Group remains ASX-listed as of May 2026. The governance failures at the centre of this case persisted across years of active trading, demonstrating that AML/CTF risk in regulated businesses is not hypothetical but operationally embedded. ASIC has positioned ASIC v Bekier as a model case, not an exception, for pursuing executive accountability where information flows are fragile or manipulated.

Governance reforms under regulatory pressure have become a recurring feature of the Australian regulated-entity landscape in 2026, with ASX Limited itself subject to a separate ASIC inquiry that resulted in a $150 million capital charge and a hard 30 June 2026 deadline to reset its Accelerate Program, underscoring that no ASX-listed entity in a regulated sector is beyond the reach of escalating regulatory expectations.

What investors should look for in ASX governance disclosures

For investors evaluating governance risk in ASX-listed companies, particularly those in gaming, financial services, or other regulated sectors, the standards this judgment establishes offer a concrete checklist. Specific signals to monitor in annual reports and board communications include:

• Whether boards disclose direct access channels between non-executive directors and risk or compliance officers
• Whether independent reviews of AML/CTF or non-financial risk frameworks are commissioned and reported
• Whether risk reporting structures have been updated to provide board-level dashboards with direct compliance feeds
• Whether remuneration structures align executive incentives with candid risk reporting rather than risk minimisation
• Whether board committee charters have been updated to reflect the expanded section 180 standard for non-financial risk oversight

The AML/CTF reform obligations now in force from 31 March 2026 for gambling sector entities add a legislative layer to what was already a judicial standard. The compliance culture shift this case demands is no longer optional.

Investors evaluating governance risk across regulated Australian entities will find our deep-dive into APRA’s board oversight gap findings examines how the same structural failures identified in Star, specifically boards relying on filtered management reporting rather than direct risk-function access, are now surfacing in banking, insurance, and superannuation governance under a separate but convergent regulatory pressure.

This article is for informational purposes only and should not be considered financial advice. Investors should conduct their own research and consult with financial professionals before making investment decisions.

The 27 May hearing will not be the end of this story

The ASIC v Bekier judgment leaves two distinct legacies. The first is personal: Bekier and Martin face financial penalties and disqualification orders at the 27 May 2026 hearing, with outcomes likely to exceed the benchmarks set by Theodore and Hawkins given the seniority and scope of the conduct involved. The second is structural: section 180 of the Corporations Act now applies to non-financial compliance risk with the same force it has historically applied to financial stewardship failures.

ASIC’s stated enforcement posture, the AML/CTF reform regime now in effect, and the AICD’s governance recommendations all point in the same direction. For boards and executives in regulated Australian industries, the standard for how compliance risks are identified, escalated, and reported to boards has been permanently recalibrated. The penalty hearing will set a concrete benchmark for personal liability. The judgment itself has already set the standard for what boards and executives owe to investors, regulators, and each other.

—