The requirement is to exclude certain words to be used as password, regardless of the case
We are setting up restrictions in password policy by adding Regex expressions:

By default, the Regex for the blacklisted words is case sensitive, while the requirements are for it to be case insensitive.

For example - would like to restrict any of the following to be used - they should all be rejected:
Password, password, pAsSword etc

Regex documentation indicates (?i) should be used to make the expression case insensitive, however this doesn't seem to work.

However regex works without i flag but is case sensitive , adding i to the regex for case insensitive doesn't work.

the Regex expression in question is as following:
^(.*(password)+.*)$ - this works but is case sensitive
(?i)^(.*(password)+.*)$ - not working as expected

Release : 12.8.03 / Component : SITEMINDER -POLICY SERVER
Release : 14.x / Component : Identity Manager (when SSO is integrated)

By adjusting the registry and setting the UsePCREPasswordChecks key in the registry (Policy Server) we are able to use the Regex expression in case insensitive mode.
1. Add the registry key UsePCREPasswordChecks as per the documentation

 Add the " UsePCREPasswordChecks " registry key under below the location.

" HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\PolicyServer\UsePCREPasswordChecks " 

- Modify the registry value to 1 to enable the registry.

2. Restart the Policy Server
3. Configure case insensitive expression ie (?i)^(.*(password)+.*)$

Attempting to set a new password of values such as Password, password, pAsSword will all be rejected

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8-03/configuring/policy-server-configuration/password-services-and-policies/how-to-configure-password-policies.html