The board’s eye view: what ASIC v Bekier asks of casinos, clubs and bookmakers
When the Federal Court delivered its judgment in Australian Securities and Investments Commission v Bekier in March 2026, most of the commentary that followed came from the corporate governance bar, addressed to directors and officers at large.[1] That is understandable. The judgment is the most comprehensive contemporary statement of what section 180(1) of the Corporations Act 2001 (Cth) requires, and its lessons travel well beyond any single sector.[2]
But the case did not arise in the abstract. It arose from a casino. The conduct the Court examined was the handling of money laundering risk, junket relationships and misleading communications with a banker, all of it inside a licensed gambling operation. For those of us who work in and around the gambling sector, the judgment is not simply a governance case study with an incidental casino backdrop. It is a description, in unusually plain language, of how a regulated gambling business is expected to govern the very risks that licensing is meant to contain.
That makes it worth reading carefully, and not only by casino boards. The reasoning reaches registered clubs, wagering operators and anyone holding a gambling licence on the basis that they are a fit and proper custodian of a privileged activity. The purpose of this piece is to draw out what the judgment actually decided, resist the temptation to over-read it, and then ask what it means for the parts of the sector that were not in the courtroom.
What the Court decided, and what it did not
The architecture of the decision matters more than any single finding. The Court found that two senior executives of The Star Entertainment Group, the former Chief Executive Officer and the former Group General Counsel, had each contravened section 180(1) by failing to ensure that serious risks reached the board.[3] It dismissed the regulator’s case against all seven non-executive directors.[4] That split is the centre of gravity of the judgment, and it rewards close attention before any lessons are drawn.
The duty itself was not redrawn. Lee J was explicit that the content of section 180(1) is settled, and that the case turned on application rather than principle. The standard is objective but contextual: it asks what a reasonable person would have done in the corporation’s circumstances, occupying the particular office and holding the particular responsibilities of the individual concerned.[5] It does not demand perfection, and a mistake does not by itself establish a want of care. Critically, conduct must be assessed on the information actually held at the time, not with the benefit of hindsight.[6]
That last point did real work. The Court rejected the regulator’s primary case against the former CEO on two of the junket matters because it was framed as a cascading counterfactual: that a reasonable director would have made further enquiries, obtained information he did not in fact possess, and then acted on it. Liability under section 180(1), the Court held, attaches to a failure to act on what a person knew, not to a hypothetical chain of steps premised on information they did not have.[7] Contraventions were established only on the narrower, alternative case grounded in the information the former CEO actually held.
On the Court’s findings, the non-executive directors were not exonerated as a matter of conduct so much as on the evidence. The Court accepted that management had not placed the full substance of the relevant risks before them. As the Court found, a warning of an unacceptable level of risk recorded in an internal email was never disclosed to the board; the full external review of the anti-money laundering program was never loaded to the board portal; and references to compliance concerns in board papers were, in the Court’s assessment, framed in a way unlikely to invite attention.[8] The regulator’s case contained an internal tension it could not resolve: it argued simultaneously that the executives had failed to inform the board and that the directors should have recognised the information was inadequate. Those propositions sat uneasily together, and the directors’ decision not to give evidence left the regulator to prove its case on the documents alone.[9]
So the result is not a charter for passivity, and the judgment is careful to say so. The Court observed that the contemporaneous minutes did not portray directors pressing management with difficult questions, and that there was little sign of sustained scrutiny where risks were obvious.[10] On one view the directors prevailed because the regulator could not bridge the gap between what they were told and what it said they should have discovered, rather than because the Court was impressed by the board’s curiosity. That is a narrow vindication, and it should be read narrowly.
Why this is a gambling case, not merely a governance one
Three features of the reasoning are calibrated to risk, and that calibration is where the gambling sector should pay attention.
First, the standard of care rises with the risk profile of the business. The Court described a casino as operating in a singularly high-risk context and held that the level of attention and independent inquiry expected of directors increases accordingly.[11] This is not a casino-specific doctrine. It is a general principle that the section 180(1) standard is contextual, and the context here happened to be gambling. But the implication for the sector is direct: the more a business is exposed to money laundering, criminal infiltration or harm-related risk, the more the law expects its directors to engage with those risks rather than receive assurance about them. A registered club with significant gaming machine revenue, or a wagering operator handling high volume and large account flows, cannot place less weight on this requirement.
Second, the judgment treats escalation as the load-bearing element of governance. The recurring failure was not that risks were unknown inside the organisation, but that they did not travel to the board in a form capable of supporting oversight. On the Court’s findings, the former CEO sat at the centre of the information flow and did not ensure the board understood what he understood; the former Group General Counsel knew of the substance of the warning email and of an internal investigation into suspicious transactions in a dedicated gaming salon, and did not ensure the board was informed.[12] For a sector whose licences rest on a financial-crime and integrity premise, a judgment that locates liability at the point where risk fails to escalate is squarely on point. It is also a reminder that the extensive suitability checks made at the point of licensing do little to govern conduct of this kind once an operator is running, a limitation I have explored elsewhere, in Inside Asian Gaming: Australia’s casino probity framework.
Third, the position of the general counsel carries a specific lesson for how gambling businesses structure legal and compliance functions. Applying the High Court’s decision in Shafron v ASIC, the Court held that an officer who occupies several roles cannot compartmentalise their duties; the section 180(1) obligation attaches to all of their responsibilities, regardless of reporting lines.[13] More pointedly, the Court held that the lawyer’s client is the company, not the chief executive, and that informing the chief executive is not a substitute for informing the board.[14] In an industry where the general counsel, the company secretary and the chief compliance or risk officer are frequently the same person, or sit within the same small team, this collapses a convenient distinction. It is a sharp comparator for the larger registered clubs in New South Wales, and for wagering operators of scale, where dedicated financial-crime and risk functions have only recently been built and where, not long ago, such roles barely existed. The person who knows the integrity risk cannot discharge their duty by passing it up a single executive line and assuming the board will hear of it.
The wider perimeter: clubs and wagering
It would be a mistake to file this judgment under large listed casino operators and move on. The duty it applies is owed by directors and officers of every corporation, and the risk-calibration principle means the duty bites harder, wherever the underlying activity carries elevated integrity or harm risk. Two parts of the sector illustrate the point.
Registered clubs are not listed entities and are not casinos, but many are substantial businesses operating large gaming floors, and they are squarely within the financial-crime enforcement perimeter. AUSTRAC has civil penalty proceedings on foot against a major NSW club group for alleged serious and systemic anti-money laundering non-compliance.[15] More recently it directed another large Sydney club group to appoint an independent auditor of its anti-money laundering program, using its statutory power to compel an external review where it suspects systemic weakness, before any contravention has been established.[16] The regulator’s Acting Chief Executive has framed clubs and pubs as sitting on the frontline of Australia’s response to money laundering, given the volume of cash and the poker machines they operate, and has signalled that the test is whether a venue understands its risks, has strong controls, and reports suspicious activity. For a club board, that is the Bekier question in a different setting: not whether a compliance function exists, but whether material risk is met with curiosity, challenge and demonstrable engagement, and whether that engagement is recorded. A board that treats anti-money laundering compliance as an operational matter delegated downward, and does not assure itself that material risks are escalated and tested, is exposed to precisely the gap the Court identified: the difference between management failure and oversight, and the evidentiary thinness that follows when minutes show receipt of information but no engagement with it.
Wagering and sportsbetting operators sit in a comparable position, and are equally within the regulator’s sights, with an enforcement action ensnaring one major operator and an enforceable undertaking accepted from another.[17] They are not casinos, but they are reporting entities handling high-volume customer transactions, they carry distinct integrity exposures around match-fixing and customer due diligence, and they are subject to active enforcement. The governance question for a wagering board is the same one the Court asked of the casino board: when a serious integrity or compliance risk is identified somewhere in the business, is the system capable of carrying it to the board in time and in a form that allows an informed decision? The answer cannot be assumed from the existence of a compliance function. It has to be demonstrable on the record.
What boards across the sector should take from it
Several practical propositions follow, and they are deliberately measured. This is not a judgment that invents new obligations; it is one that shows, with perhaps uncomfortable clarity, what the existing obligations look like when they are not met.
Boards must control the information they receive. The Court was unimpressed by the argument that directors cannot be expected to read voluminous board packs, holding that controlling the volume and form of board material is itself part of taking an intelligent interest in the business.[18] For gambling boards, where compliance reporting can be dense and technical, the discipline runs both ways: management must synthesise rather than dump, and directors must insist that material risk is surfaced in the covering papers rather than buried in appendices.
The contemporaneous record is the evidence. The Court treated board minutes as the primary record of whether directors engaged, and the directors’ silence in the minutes nearly told against them even though they prevailed.[19] A board that asks hard questions about integrity risk but does not record having done so is, in any later proceeding, a board that cannot prove it. This is a material point well beyond the casino floor: for registered clubs, wagering operators and licensed pubs of any scale, minutes that capture challenge, enquiry and follow-up are not bureaucratic overhead; they are the difference between defensible and indefensible oversight.
Escalation is a system, not a virtue. The lesson for executives and compliance leaders is that the duty to escalate is personal and is owed to the company. It is not discharged by informing a superior, and it is not confined to matters the board has specifically asked about.[20] Gambling businesses should be able to demonstrate that their escalation pathways function in practice, particularly for the financial-crime and integrity risks at the centre of these cases.
The use of artificial intelligence must be governed, not improvised. In a passage that has attracted attention well beyond the sector, the Court accepted that there is nothing inherently objectionable in directors using AI tools to help navigate board materials, but cautioned that such use cannot displace informed human judgment and should be the subject of deliberate, board-adopted policy rather than informal shadow use.[21] As compliance and customer-monitoring functions across gambling lean further on automated systems, the same principle applies one level down: a tool may assist comprehension, but the statutory obligation remains personal.
Deterrence, parity and the value of reasons
The liability findings were followed in June 2026 by orders on penalty. The former CEO was ordered to pay a pecuniary penalty of $700,000 and disqualified from managing corporations for six years; the former Group General Counsel was ordered to pay $400,000 and disqualified for seven years; both were ordered to pay a share of the regulator’s costs.[22] The regulator had sought materially higher penalties, pressed expressly on general deterrence grounds. These are civil penalties under the Corporations Act, imposed by a court, not administrative sanctions imposed by a regulator. The distinction turns out to matter.
The governing principle for a civil penalty is deterrence rather than retribution. The High Court in Pattinson held that such a penalty is set at no more than is necessary to deter, and that proportionality in the criminal sense is not the controlling test.[23] On that footing the regulator’s deterrence argument had real force. Yet the Court did not simply maximise the signal. It reduced the penalties below what the regulator sought, principally to preserve a rational relationship with the lower penalties imposed on the two officers who had settled earlier, and it indicated that the penalties would otherwise have been higher.[24] Even a deterrence-led sanction, in other words, was disciplined by consistency.
There is also an audience for that signal. Professor Arie Freiberg has observed that the casino disciplinary penalties of recent years were imposed in a market of very few operators, where the pool able to receive a general-deterrent message is correspondingly thin. The individual penalties in Bekier are different in this respect: a finding against a named chief executive and a named general counsel speaks not only to the gambling sector but to directors and officers at large, which is where its deterrent force is most likely to land.
That distinction invites a longer view. Professor Freiberg has examined the wave of casino penalties that followed the inquiries of the early 2020s, when the maximum fines available to several regulators were lifted, in some cases to $100 million, largely on the stated ground that the previous ceilings were too low to deter.[25] As Freiberg observes, it is doubtful that the inadequate size of the available penalties, as distinct from the inadequacy of enforcement, was what produced the misconduct in the first place.[26] That caution is worth carrying into the sector’s reading of Bekier. The case is a powerful statement of what the duty requires; it is not evidence that larger numbers would have prevented the conduct, and it should not be read as a warrant for penalty inflation as a substitute for supervision.
The more durable lesson concerns process rather than quantum. The individual penalties in Bekier were reached by a court that gave extensive published reasons and whose orders are subject to appeal. That is the model the law applies when it affects a person’s property and livelihood. Freiberg’s critique of the operator-facing administrative regimes that bookend this saga is that they lack those features: in several jurisdictions the most serious disciplinary sanctions can be imposed without legislated criteria, without published reasons, and, for some heads of decision, without any right of review.[27] For administrative sanctions the touchstone should be a penalty proportionate to the nature and gravity of the contravention, yet proportionality cannot be assessed where the criteria are unlegislated and the reasons are unpublished. The very large penalties imposed on the operator at the height of the saga ran, in the regulator’s own notices, to a few lines.[28]
The contrast is the lesson. Deterrence is supposed to buy credibility, but credibility is produced by reasoned and reviewable decision-making, not by the size of the sanction. A regulator earns authority the same way a licensed operator does: by making its accountability visible and capable of being tested.
The harder lesson
There is a strong temptation, when a long-running enforcement saga finally produces findings and penalties, to read the outcome as vindication of the regulators or as confirmation that the sector’s governance is irredeemable. On one view the decision supports neither reading. The Court found serious contraventions against two individuals on the information they held, imposed penalties calibrated to consistency rather than to the largest available signal, and declined to find against seven others because the case against them was not proved. It applied settled law without expanding it, and it was candid that its task was to determine pleaded contraventions, not to conduct a roving audit of the board’s performance.[29]
The Court also offered an observation that should give the whole sector pause, and not as rhetoric. It noted that no regulatory architecture, however well designed, can substitute for the competence and integrity of management and the active supervision of directors, and that in this instance it fell to investigative journalism and then a belated statutory inquiry to expose the extent of the problems.[30] The point cuts two ways. The internal governance system did not catch the failures it existed to catch; but neither did the external one. There is a longer argument, which I have made elsewhere and will not rehearse here, about whether the sector’s regulatory effort is still weighted toward the right risks. For present purposes it is enough to say that active supervision, if it means anything, means engaging with conduct, culture and incentives once an operator is licensed, not resting on the front loaded probity checks made at the point of admission, a model better suited to an earlier era than to the operating risks this very case lays bare.
The most durable lesson of Bekier is not about any individual’s liability, nor about the size of any penalty. It is that a regulated gambling business earns the privilege of its licence by ensuring that what management knows about serious risk reaches the board that governs, in time for that accountability to mean something, and that the regulators who hold the sector to that standard owe it in return, through reasons that are published, criteria that are legislated, and decisions that can be tested on review.
By Paul Newson
Footnotes
[1] Australian Securities and Investments Commission v Bekier (Liability Judgment) [2026] FCA 196 (Lee J, 5 March 2026).
[2] Corporations Act 2001 (Cth) s 180(1).
[3] ASIC v Bekier [2026] FCA 196 at [72] and [73]; Australian Securities and Investments Commission, ‘26-040MR Federal Court finds two Star Entertainment senior executives breached duties, non-executive directors did not breach duties’ (media release, 5 March 2026).
[4] Ibid [74].
[5] Corporations Act 2001 (Cth) s 180(1); ASIC v Bekier [2026] FCA 196 at [356] and [360].
[6] ASIC v Bekier [2026] FCA 196 at [359].
[7] Ibid [84] to [86].
[8] Ibid [592] to [600], [695] and [1956].
[9] Ibid [1948] and [1949].
[10] Ibid [1951].
[11] Ibid [1944].
[12] Ibid [1398], [1456], [1682] and [1691].
[13] Shafron v Australian Securities and Investments Commission (2012) 247 CLR 465; ASIC v Bekier [2026] FCA 196 at [1523] to [1528].
[14] ASIC v Bekier [2026] FCA 196 at [1625] and [1639].
[15] AUSTRAC, ‘Enforcement actions taken’ (civil penalty proceedings against Mount Pritchard and District Community Club Ltd, commenced 30 July 2025).
[16] AUSTRAC, ‘AUSTRAC steps in on suspected AML weaknesses at NSW club’ (media release, 20 May 2026) (direction to Bankstown District Sports Club Ltd under s 162 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)); AUSTRAC, ‘Enforcement actions taken’ (enforcement investigation into Tabcorp; enforceable undertaking with Sportsbet).
[17] AUSTRAC, ‘Enforcement actions taken’ (civil penalty proceedings against Entain Group Pty Ltd, commenced 16 December 2024).
[18] ASIC v Bekier [2026] FCA 196 at [384] and [395].
[19] Ibid [1945] and [1949]; Corporations Act 2001 (Cth) ss 251A(6), 1305.
[20] ASIC v Bekier [2026] FCA 196 at [1682] and [1691].
[21] Ibid [391] to [394].
[22] Australian Securities and Investments Commission, ‘26-123MR Former Star Entertainment executives Mathias Bekier and Paula Martin disqualified and ordered to pay penalties’ (media release, 19 June 2026); ASIC v Bekier (Penalty Judgment) [2026] FCA 756 at [216], [272] and [283].
[23] Australian Building and Construction Commissioner v Pattinson (2022) 274 CLR 450; [2022] HCA 13 (deterrence the primary purpose); applied in ASIC v Bekier (Penalty Judgment) [2026] FCA 756 at [17] and [202].
[24] Australian Securities and Investments Commission, ‘25-018MR’ (settled penalties imposed on the former Chief Financial Officer and former Chief Casino Officer, February 2025); ASIC v Bekier (Penalty Judgment) [2026] FCA 756 at [211], [212] and [272].
[25]Arie Freiberg, ‘Casino Regulation: A Crowning Achievement?’ (2025) 32 AJ Admin L 193.
[26] Ibid.
[27] Comcare v Banerji (2019) 267 CLR 373; Wotton v Queensland (2012) 246 CLR 1; Freiberg (n 25).
[28] Freiberg (n 25); Casino Control Act 1992 (NSW) ss 23, 155.
[29] ASIC v Bekier [2026] FCA 196 at [1953] and [1954]; see also Freiberg (n 25).
[30] ASIC v Bekier [2026] FCA 196 at [1943] and [1952].
