Perhaps the first step would be to guard the code in ValidityAuditStrategy throwing the exception with some "if allow legacy" logic, but I guess it is not necessarily all to be done.