"It’s pretty much impossible to validate that you are meeting the terms of your contract re: security policy if you’re doing that. You almost certainly were if you were providing SOC services to a big telco."
That second sentence seems to be only interpretable as:
You almost certainly were meeting the terms of your contract re: security policy if you were providing SOC services to a big telco.
However it also says it's impossible to validate - so if it is impossible to validate that you were meeting the terms of your contract re: security policy, it must mean you weren't meeting the terms of your contract because such a contract will require validation.
Once you start poking holes into the security it's hard to assure you only did it for a good cause or with good intentions (whatever that means).