For most people their first day in the job is a whirlwind. For new Star Entertainment boss Robbie Cooke it will be one to remember.
After Star was able to bring forward Cooke’s start date from the end of the year, the NSW regulator didn’t miss a beat. It stripped the troubled casino of its Sydney licence, installed an external manager and whacked it with a $100m fine, the maximum financial penalty it has in its arsenal.
The record fine will sting shareholders who are now unlikely to see dividends until at least 2024, although the licence suspension will come as a mixed blessing for Cooke.
With damning findings from NSW’s Bell inquiry around money laundering, criminal activity, and a tendency of former Star executives to do whatever it takes to lure international VIPs, the loss of a licence makes the case for cultural change even stronger.
The suspension sends a message to the entire organisation – including the board – there is only one way to get the casino licence back and that is through ground-up reform.
Only in recent weeks Cooke was fending off a corporate takeover bid as chief executive of listed payments operator Tyro, but the decision of the NSW casino regulator represents a beginning. It removes some uncertainty and offers a blueprint for what needs to be done.
Here Cooke is confident Star can be rebuilt with a lot of hard work.
“The business is not broken,” he says in an interview. However it has to prove “that we are operating at the highest integrity level” to all its stakeholders.
“There is a 100 per cent desire from the Star point of view that we want to get the business back to suitability. We are very determined to put in place systems and procedures that are necessary to do that.”
Cooke points to work already started in recent months under executive chair Ben Heap, including axing the use of junket operators and closing down overseas offices. Compliance headcount has increased and new monitoring systems are being put in place.
From a practical measure the licence suspension effectively means the NSW government is now responsible for the operation and governance of the casino and gaming floor, with the appointment of a manager, the former Allens partner and one time NRL chief operating officer Nicholas Weeks.
However, the 1.5 per cent lift in Star shares in the face of a sharply weaker broader market shows the punishment could have been worse.
‘Trading on’
NSW’s independent Casino Commission headed by Philip Crawford opted against the nuclear option of a full shutdown, given this would have triggered a chain of events ultimately pushing the debt heavy casino operator on a path toward administration.
Closure would have seen thousands of Star employees losing their jobs overnight and caused uncertainty for suppliers, tourists and a financial strain on other businesses with links to the casino.
Crawford on Monday acknowledged this option would not be in the public interest and went for the pragmatic approach of punishment and reform.
He publicly opened a big door for Cooke to walk through saying there is a possibility of the casino securing its licence back – but only if it can prove it has meaningfully remediated its business and proven it has changed its culture. “Suitability” is hard to measure which shows the NSW regulator holds all the cards.
Cooke is unwilling to put a time frame around how long the journey will take, pointing out Star is in “uncharted territory” and it comes down to rebuilding trust with the NSW casino regulator. There is also work to do in Queensland where it has been declared unfit to hold a licence and told to show cause.
Chief executives usually have one career in them. This is Cooke’s fourth stint as a CEO. The common thread of the different organisations he has led (Wotif, Tatts, Tyro) has been technology underpinning the respective businesses.
He says Star’s main focus as a business is entertainment for customers attending its sites, and technology will be able to play a greater role behind-the-scenes for compliance measures such as anti-money laundering and “know your customer” rules.
Cooke has delivered cultural change programs at Tyro, albeit on a smaller scale, following sector-wide demands from bank regulator APRA. He also oversaw the gaming and wagering businesses at Tatts which are heavily regulated at a state level. Cooke points out there’s no endpoint to cultural change in organisations which require constant evolution and evaluation.
“(Change) has to come from the top, it has to be demonstrated and you’ve got to get an environment where people feel safe calling out things that aren’t right or going according to plan,” he said.
“It will be difficult to pinpoint anything specifically to say that it’s fixed, but you know when you’ve got the right call. You’ll start seeing people reporting things. And you’ll see no consequence on people when they do call out something that might not be working right”.
Medibank stands firm
If anything, the massive Optus cyber attack was a wake-up call for all companies about the weak points in data protection. The SingTel-owned Optus, which lost data on millions of customers, also shows the significant risks when a company gets the essential response to an attack wrong.
Since last month’s Optus hit, there have been a string of attacks that have got through the cyber defences of Australian corporates including Telstra, Woolworths and more recently health insurer Medibank. This is on top of the hundreds of serious ransomware attempts businesses from banks to airlines and even governments experience daily.
Companies are now rightly lowering their threshold for reporting attacks given the prospect that revelation of cyber issues not only impacts customers but is also represents a big financial issue for investors.
Medibank is a case in point after its shares fell 4 per cent after two days of a trading halt where it used the time to focus on the attack. However, the losses could have been much deeper.
Medibank boss David Koczkar believes the insurer has avoided the worst of the hit, with no evidence customer data has been removed or accessed since it first detected unusual activity on one of its systems last Wednesday.
Medibank had clearly rehearsed the prospect of a cyber attack at the highest levels, and its response shows. For years it has been running drills around such an event, with some mock events lasting days.
The insurer was quick to act and as an organisation it is clear it knew what to do and had steps in place to protect data across other parts of the company. From the start, Medibank also committed to a full forensic review of the attack as well its response.
Koczkar and his team who worked through the weekend declared the ransomware threat had been contained. However, he apologised for the inconvenience, including customers being unable to access digital channels.
An attack on a health insurer has an additional layer of sensitivity given it holds medical records and personal information of customers, so any leak dramatically raises the stakes.
For Medibank the attack focused on the IT systems that support its AHM health insurance subsidiary and its international student insurance business. It’s flagship Medibank brand with the bulk of customers sits on another system and wasn’t impacted.
Medibank noticed “unusual activity” last Wednesday which it suspected as a precursor to a ransomware attack and took the major and very expensive step of taking its entire network offline, which meant no data could be physically removed or accessed from outside the organisation.
By Thursday morning, the AHM systems were restored on newly built IT infrastructure and by Friday access was being returned to customers. Medibank has been working with regulators through the response. Koczkar also said he was committed to sharing any technical information with Medibank’s peers, so they too can also bolster their defences.
Koczkar said Medibank’s own systems initially raised the red flag. This set in train a series of steps including the formation of teams to manage the response which worked to contain any ransomware threat. Additional security has been rolled out to protect Medibank’s systems.
“I can say we’ve contained the ransomware threat. But we remain vigilant and will take necessary steps in the future to protect our operations and the data of our customers,” Koczkar said. “We’ll conduct and complete our forensic analysis. And we’ll continue to learn as we go forward.”
johnstone@theaustralian.com.au
More Coverage
Join the conversation
Is Helfie AI really Australia’s newest tech unicorn?
The firm says its AI technology can test for health issues including Covid and cancer via a phone app. It also says it’s worth more than $1bn. But questions about the valuation remain unanswered.
Read more
Office orders spark new war in the workplace
The work from home era is drawing to a close for many businesses, including Amazon and Tabcorp, but others are really just getting started, saying flexibility makes staff healthier.
Read more