What the Star litigation means for directors

Information, oversight and the modern duty of care

Most governance failures do not occur because boards make reckless decisions. They occur because well-meaning men and women approach their duties with care and diligence but never see the information that would have allowed them to act. For directors, that’s the real lesson from the Federal Court’s decision in the Star litigation (Australian Securities and Investments Commission v Bekier (Liability Judgment) [2026] FCA 196 (“Star”)).

For some commentators this outcome sits uneasily with the Court’s broader criticisms of the company’s governance culture.¹ But the judgment reflects a familiar feature of governance litigation: courts assess liability through the lens of evidence available to the directors at the time, not through hindsight about what later proved to be serious failures.

Australian corporate law has been moving in this direction for some time. Courts are increasingly less concerned with isolated decisions of directors and more concerned with the institutional processes that determine what information reaches the boardroom.

The case in brief

ASIC brought civil penalty proceedings against 11 current and former directors and executives of The Star Entertainment Group. The regulator alleged that the Star Group’s leadership had breached their statutory duties by failing to give adequate attention to risks to the Group associated with overseas junket operators and potential money laundering.

In March 2026 the Federal Court found that Star’s former CEO and General Counsel had breached their duties by failing to ensure that important information about these risks reached the board. The non-executive directors were found not to have breached their duties. Two other executives had settled the case against them earlier, admitting liability.

The judgment provides insight into how courts assess the conduct of directors and officers in large, complex organisations, particularly those operating in highly regulated sectors.

Three themes stand out:

• the importance of information flow to the board (the governance architecture);
• the limits of reliance on management; and
• the role of internal escalation systems.

Boards must control the information they receive

One of the most striking observations in the judgment concerns the board’s responsibility for the information environment in which it operates.

Justice Lee stated that boards must “control the information they receive” and take reasonable steps to place themselves in a position to guide and monitor management.  Directors are not passive recipients of board papers; they must apply an “enquiring mind” to the available information. However, in order to apply such diligence, the board must ensure that the organisation’s information and reporting architecture is capable of bringing evidence of  material risk to the board.

In modern corporations, information does not travel directly from the operational front line to the boardroom. It moves through a network of institutional systems (architecture) including:

• executive reporting lines;
• risk and compliance functions;
• internal audit;
• board committee structures and reporting processes; and
• other escalation protocols.

The practical question for boards is simple: have they positioned themselves to receive the information needed to supervise management effectively? Directors must ensure that attention is given to the issues discussed in meetings but also ensuring the institutional processes adequately and efficiently escalate, filter and present all necessary information to the board.

Boards must engage with the issues and information provided

Justice Lee emphasised that directors are remunerated to perform their role and that the role requires real engagement with the information provided to them. Directors are expected to take a “diligent and intelligent interest” in the organisation’s affairs, understand the information available to them and interrogate, probe and, if necessary, challenge such information.

The Court recognised that the board’s role is one of oversight rather than management. Directors are entitled to rely on management. But reliance is not abdication.

Where warning signs appear, directors should question management and seek additional information where necessary.

Information overload is a governance challenge

Justice Lee also addressed a familiar feature of modern governance: the ever-expanding board pack. Board packs have grown steadily larger over the past two decades. It is now common for directors to receive hundreds of pages of material before meetings.

Justice Lee observed that no rational person could meaningfully evaluate every page of such material in the time available. Instead, directors inevitably engage in a form of triage, focusing on what appears material and assuming that serious concerns will be clearly identified.

The problem is not simply the volume of information. Board papers often expand because those preparing them include everything that might conceivably be relevant, a habit that protects the author but rarely assists the board. The result can be information overload rather than clarity.

From a governance perspective, the challenge is ensuring that board packs provide synthesis rather than data dumps. Directors must be furnished with information that is both comprehensive and capable of proper digestion.

Technology may assist but judgment remains essential

Justice Lee also commented briefly on the increasing use of technology in boardrooms. Artificial intelligence and other tools may assist directors in reviewing large volumes of material. But the Court made clear that technology cannot replace human judgment.

Directors must still read and understand the information provided to them and apply their own judgment to the issues facing the organisation. Technology may help process information. However, it cannot discharge a director’s responsibility to engage with it.

The limits of the business judgment rule

The judgment also provides a reminder of the limits of the business judgment rule. The rule protects directors who make honest commercial decisions on an informed basis. Its purpose is to prevent courts from second-guessing legitimate business judgments. However, the protection only applies where directors have actually made a decision.

Many modern governance cases arise not from flawed commercial decisions but from failures in systems, controls or escalation processes. The courts in Australia have been reluctant to apply the rule to these circumstances in Star,² the CEO could not use the safe harbour because he failed to show he consciously turned his mind to whether to escalate material risk information to the board. Other recent examples include:

• a failure by directors to properly supervise a lending process that resulted in significant losses;³
• the oversight and monitoring of financial statements is a non-delegable duty and does not involve a “business judgment”;⁴
• causing a company to breach the law (the “stepping stone” theory) is not an exercise of business judgment that the rule was intended to protect;⁵
• whether to comply with statutory disclosure obligations;⁶
• misleading statements made to the market regarding “binding” contracts with Chinese entities.⁷

Though much touted at the time of its introduction in the early 90s, the safe harbour has, as some predicted, turned out to be a very shallow cove.  While s 180(2) was motivated by an intention to create a presumption in favour of directors, and the drafting of the provision was modelled on the more generous American business judgment rule, the effect is “entirely different and of little, if any, practical utility.”⁸

This invites comparison with developments in the United States. Under Delaware law, the business judgment rule provides a powerful presumption protecting directors who make informed business decisions in good faith. Oversight liability is addressed through the Caremark⁹ doctrine, which imposes liability where directors fail to implement or monitor systems designed to identify mission-critical risk.

Although Caremark claims were once regarded as among the most difficult claims to establish in corporate law, recent Delaware decisions have revived the doctrine by focusing on the need for board-level reporting systems for core regulatory and operational risks.

The result is an interesting divergence. In Delaware, the business judgment rule remains a deep harbour for genuine decisions but is increasingly surrounded by a robust oversight doctrine. In Australia, the statutory safe harbour has turned out to offer little protection where directors have failed to engage with the governance systems through which risk is reported.

That contrast may have important implications for the future development of the Australian business judgment rule, and may be an issue for broader law reform.¹⁰

Documentation of board meetings

The judgment also contains important observations about corporate documentation.  Justice Lee found that if directors had consciously decided to continue their relationship with a particular junket operator, it would reasonably be expected that the decision and the reasoning supporting it would appear in the board minutes. This highlights an important reality of governance litigation: what occurs in the boardroom must ultimately be capable of demonstration. In Star Lee J observed that “what occurred, and what can be proven to have occurred, are not always the same thing”.

Board minutes and related records often become the primary evidence of how directors approached a decision. For that reason, careful attention to the preparation of minutes remains one of the most practical forms of protection available to boards.

These issues are explored in greater detail in my forthcoming update of The Art and Science of Company Minutes, which examines how documentation of board deliberations increasingly forms the evidentiary foundation of governance litigation relying in part on the observations in Star.

The role of internal gatekeepers

The case also exposes the critical role played by corporate gatekeepers; this is a win for ASIC as it has been a central part of its prosecution thesis under Chair Joe Longo.  The Court accepted that this is a structural feature of modern corporate governance. Boards rely on internal gatekeepers to filter and escalate risk information. When those gatekeeping functions fail, the board may be left supervising the organisation through an incomplete information lens.

Between management and the board sits a group of officers responsible for identifying and escalating risk within the organisation. These may include general counsel, risk officers, compliance teams and internal auditors. For this reason, boards should periodically examine how major risks are identified and escalated within the organisation but also the systems through which those risks are escalated

In Star, the Court found that the CEO and General Counsel failed to ensure that critical information reached the board. This gave rise to a structural tension that often arises in governance litigation.

In Star, the regulator advanced arguments attacking both sides of the governance table. Executives were criticised for failing to escalate critical information to the board. At the same time, the non-executive directors were criticised for failing to recognise deficiencies in the information they received.

Reconciling those two propositions can present a significant evidentiary challenge. That creates an inherent tension. If management failed to escalate critical information, it becomes difficult to argue that the board should nevertheless have detected risks that were never clearly presented.

The Court in Star acknowledged this tension directly, noting the difficulty of alleging that management failed to provide adequate information while also alleging that the board should have detected risks that were never clearly escalated.

Why the non-executive directors succeeded

This then is the answer to the question, why the non-executive directors escaped liability despite the governance failures identified in the judgment? The answer lies largely in the distinction between management failure and oversight failure.

Boards necessarily rely on management and internal reporting systems to surface risks. The law does not require directors to assume those systems have failed unless there is reason to suspect otherwise.

ASIC faced a difficult evidentiary challenge. It argued that executives failed to escalate critical information while also alleging that the directors should have detected deficiencies in the information they received. Reconciling those propositions proved difficult on the evidence available.

Part of a longer doctrinal evolution

Star does not appear in isolation. Australian courts have been developing a more demanding conception of the duty of care for directors and officers for more than two decades.

ASIC v Rich¹¹ emphasised the responsibility of directors to remain informed about the financial position of the company. Centro¹² reinforced that directors must read and understand fundamental financial information placed before them. The James Hardie¹³ confirmed that senior officers, including company secretaries and general counsel, owe duties across the full scope of their functions and cannot confine those duties to narrow job descriptions. The stepping stone cases¹⁴ recognise that directors may breach their duty where they permit the corporation to engage in conduct that contravenes material legislative provisions and the contravention exposes the corporation to a foreseeable risk of harm.

Star sits comfortably within that line of authority. The judgment reinforces the proposition that the duty of care requires directors and officers to take reasonable steps to position themselves to guide and monitor the management of the company. What is new is the Court’s explicit focus on information systems as a central component of that duty especially in large complex organisations.

The broader lesson

The most important the lesson from Star is that modern director liability cases increasingly turn on institutional evidence of process that demonstrates how boards supervise management and monitor risk.

The most important governance question for modern boards may therefore be a simple one: not whether directors would recognise a problem if they saw it, but whether the organisation’s governance architecture ensures that they will see it at all.

1 — Helen Bird, ‘Star Casino Judgment Left Directors off the Legal Hook’, The Australian Financial Review (12 March 2026)
2 — In Rich Austen J concluded at [7278]:
the discharge by directors of their ‘oversight’ duties, including their duties to monitor the company’s affairs and policies and to maintain familiarity of the company’s financial position, is not protected by the business judgment rule, because the discharge or failure to discharge those duties does not involve any business judgment as defined
3 — Gold Ribbon (Accountants) Pty Ltd v Sheers [2006] QCA 335
4 — ASIC v Healey [2011] FCA 717 (The Centro Case)
5 — ASIC v Cassimatis (No 8) [2016] FCA 1023 (Storm Financial Case)
6 — ASIC v Vocation [2019] FCA 1607
7 — ASIC v Fortescue Metals Group [2011] FCAFC 19
8 — Nettle J in “The Changing Position and Duties of Company Directors” (2018) 41 Melbourne University Law Review 1402 at 1417.  The author refers to a study by Varzaly that found that:
In the 10 years following the enactment of the statutory business judgment rule, there was only one case in which the defence was successfully invoked, and that was by a receiver, not a director”
9 — In re Caremark International Inc Derivative Litigation (1996)
10 — The Explanatory Memorandum to the Corporate Law Economic Reform Program Bill 1998 described the rule as a “rebuttable presumption in favour of directors” and stated it would provide “a clear presumption in favour of a director’s judgment”.  The courts’ treatment of the rule has significantly undercut its intended protective effect.
11 — ASIC v Rich (2009) 236 FLR 1
12 — ASIC v Healey (2011) 196 FCR 291
13 — Australian Securities and Investments Commission v Hellicar (2012) 247 CLR 345
14 — ASIC v Cassimatis (No 8) (2016) 336 ALR 209; ASIC v Mariner Corporation Ltd (2015) 241 FCR 502; ASIC v Vocation Ltd (in liq) (2019) 140 ACSR 189.