Yes, we've long pitched that you need to try new things, whether they're risk-based, outcome-based, regulatory sandboxes or iterative processes. Those are important to try to find out what works. Departments try sometimes to do that, but they're incredibly risk-averse. Why risk a knock on the door from the Auditor General when you can just layer on an extra two or three layers of red tape for the end user?
A lot of times, those attempts aren't successful, with the federal government actually itself assuming risk in trying something new that perhaps it may need to adjust. It may not get the outcome it hoped for. It may need to narrow its focus on the bad actors. Part of that requires governments themselves to change some of their thinking in how they will accept the risk of actually trying something new that isn't just a different approach to layering on differing kinds of burdens.