The casinos debacle challenges current thinking about boards’ accountability for corporate misconduct, writes Professor Pamela Hanrahan.

    The recent history of Australia’s publicly-listed casino sector is a governance debacle. The inquiry by Adam Bell SC into The Star Pty Ltd, released in September, found “a number of extremely serious governance, risk management and cultural failures” at Star that stretch back over many years. Weeks later, the Gotterson inquiry in Queensland came to a similar conclusion. The inquiries followed that of Patricia Bergin SC into rival operator Crown Resorts, released in February 2021, and subsequent Royal Commissions in Victoria and Western Australia into Crown that reported in October 2021 and March 2022, respectively.

    It is tempting to see Crown and Star as anomalies in the Australian corporate landscape — just isolated examples of badly managed businesses operating in a morally dubious and inadequately-supervised sector. Doors remain open at Crown and Star venues, no doubt because there are still enough political and private-sector vested interests who hope things can be turned around. Everyone is contrite, some heads have rolled and the gambling business continues to boom.

    But the root causes of this debacle should not be brushed back under the sticky carpet. There are some hard questions for all of us here, not just the casinos’ (departed or continuing) owners and officers. They include what a board’s collective responsibility is — or should be — when a listed entity’s comprehensive failure to manage its non-financial risks harms the broader community, not just its shareholders.

    Responsible and sustainable

    Managing conduct, compliance and operational risks in a business is fundamental to ensuring it operates lawfully, responsibly and sustainably.

    Sustainable business is profitable, but its profitability does not rely on harming the human communities in which it operates. It acknowledges its environmental and social impact, and respects international norms. It does not — either intentionally or by deliberate or “strategic” ignorance — profit from conduct that breaks the law, is unethical, or contravenes accepted norms of responsible business behaviour. For most business leaders and investors, these basic principles of sustainability are not controversial. But lip service to them is not enough. They must be implemented and constantly reinforced. If an entity’s purpose, governance and culture are not aligned to these principles, its legitimacy — and social licence — will be lost.

    Legal duties, ethical responsibilities and stakeholder accountability each have distinct roles to play in shaping how corporations and their leaders behave. They steer business decision- making away from the avarice and short-termism that damages everyone.

    Legal duties apply at the corporate and individual officer level. They can be owed privately or be publicly enforceable — or both. Corporate and sector-specific regulation is enforced by regulators to protect the interests of the public.

    Ethical responsibilities go to what is right, not just what is legal. Ethics provide a framework for recognising and taking responsibility for the broader impact of business operations. Ethical decision-making considers and adjusts for the moral implications of unfair transactions, unequal or corrupt interactions, unmitigable risks, and the (mis)use of the corporate form to obscure or diffuse culpability.

    Stakeholder accountability involves being transparent and honest about the choices (including on environmental, social and governance matters) a business makes, and being publicly answerable for them. It is supported by enhanced reporting frameworks, including ASX Listing Rule 4.10.3, which for listed entities like Star and Crown, requires reporting against the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (CGPR). “Soft law” reporting regimes for modern slavery, workplace gender equality and sustainability serve similar functions.

    The transparency that fosters this social and commercial — as distinct from legal — accountability recognises the legitimate interests and influence of stakeholders beyond shareholders. It is often why directors and senior executives get moved on after a scandal. Providers of capital
    — including institutional investors and banks — are accountable to their own stakeholders for their stewardship responsibilities, as are politicians to their constituents for the regulatory regimes they design and resource.

    Two hard questions

    Legal duties, ethical responsibilities and stakeholder accountability all impact a board’s role in ensuring that its company is law-abiding and operates responsibly and sustainably. The casinos debacle leaves us with some hard questions about the current model.

    The first question — left unaddressed after the banking Royal Commission — is about a board’s collective responsibility for material conduct or compliance breaches by their company. Is stakeholder accountability enough, or is a clearer legal duty needed?

    “Stepping-stones” enforcement actions by the corporate regulator might pick off individual directors in relation to discrete corporate compliance failures, but these actions are founded on harm to the company itself, rather than to the wider community. This obscures a board’s collective role in overseeing the robustness and integrity of a company’s underlying risk management frameworks.

    Directors have a collective, non-delegable statutory duty to take reasonable steps to secure compliance with their company’s financial reporting obligations, as the Centro case (ASIC v Healey (no 2) [2011] FCA 1003) demonstrated a decade ago. It is time for a proper debate over whether a similar “reasonable steps” duty should extend to other important areas of corporate compliance. This is not to suggest that boards are — or should be — guarantors of corporate compliance or to propose any form of deemed liability. But as Federal Court Justice John Middleton said in the Centro case, “Directors are at the apex of the structure of direction and management of a company”. The legal duty to oversee the overall framework for managing key non-financial risks should reflect that.

    The second important question raised by the casinos debacle concerns the structure and mandate of listed entities’ boards. For three decades, the preferred model (entrenched in the CGPR) has been a unitary board with a majority of non-executive directors, briefed by management and meeting periodically. But a board dominated by non-executive directors — however well- credentialed or independent — is no use to anyone if it can duck major risk management failures by disavowing responsibility, blaming management, or saying it was kept in the dark. Failure by management to identify and escalate matters is itself a failure of governance. New thinking that accepts — and resources — board oversight responsibility and supports and facilitates deeper penetration into the “weeds” of non-financial risks might be needed. Perhaps including more executive directors, with deeper knowledge of the company’s operations, would make it harder to say, “We didn’t know”.

    In the casinos debacle, there is blame enough to cover the casinos’ boards and management, investors who failed in their stewardship responsibilities, and regulators. But we can expect that blame will also fall on the broader governance community if we dodge the hard questions it raises.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.