I need to restrict the ability to grant proxy privileges in the database. This is the statement: alter user USER_A grant connect through USER_B;

I tried creating this rule that looks at the sql text for %CONNECT THROUGH% in the statement and then added it to the "Can Maintain Own Account" Rule Set which is attached to the Alter System command but it doesn't appear to be working. How can I get this working? Is my rule that I created correct. Ultimately what I want to do is allow proxies to be created for most users but just restrict only certain special users.

BEGIN
dbms_macadm.delete_rule(rule_name => 'NO_PROXY_PRIVILEGES');
DBMS_MACADM.CREATE_RULE(rule_name => 'NO_PROXY_PRIVILEGES',
rule_expr => 'INSTR(UPPER(DVSYS.DV_SQL_TEXT),''%CONNECT THROUGH%'') = 0');
END;

I am running Oracle 11.2.0.2 Enterprise on Windows Server 2008R2
Thank you.