On Mac endpoints, large PDF file transfers are not blocked as expected.
When uploading a PDF file larger than about 150 MBs, the file transfer is allowed to complete even though the file should be blocked.
The file does contain sensitive information that should be blocked by the policy.
Smaller PDFs that trigger the same policy are blocked.

An incident is created and it shows the following message:
"Allowed on macOS Timeout: Configured Action was Block"

The macOS has a 60-second timeout hard-wired into it.
After that timeout is reached, the macOS will release the file to complete the transfer.
The transfer completes before the endpoint agent has finished extracting and detecting the large PDF.

This can happen with file types other than PDFs, but it is mostly noted on large PDFs.
The timeout applies to all file types.

Due to the nature of their formatting, PDF files have always taken a lot longer than other document types which becomes very noticeable when the size goes up, especially for PDF files that are using an older PDF version. 
The macOS does not give the DLP agent sufficient time to extract and detect larger PDF files. 
This seems due to Apple favoring controlling the end-user experience over the needs of the enterprise.