For the most part these situations can be reduced to things of the form
"If you don't tell me that I need a $5,000 balance to access your
services, how do I know what to do to comply?".
good point. however, should the response be 'you need $5,000 to have
access' or 'insufficient funds to access'? i know to some this may seem
pedantic, but the former message provides the requestor with specific
information regarding your ACL. (imagine the case of 'denied: not
memeber of xyz group')
Once again, we should leave the decision whether or not to expose policy
to the expression of the policy itself.
ultimately, this may be the only workable solution. (although, let's
shoot a couple of prisoners first and see how it goes to make sure :o)