A policy with keyword rules does not detect when AND'd with other rules. 

The following observations are also true

Keyword rule detects alone

The other rules detects alone

The problem is that the keyword rule is configured to match on same component. When same component is selected the policy will only match the keyword in the data that also matched the other AND'd rule.

Example:

If a keyword rule and EDM rule and AND'd together and 'same component' option is selected in the keyword rule then an email sent with an attachment that meets the EMD criteria will not detect if the keyword is in the subject of the email. It would only detect if the keyword was in the EDM.

Change the keyword rule to match on any component. This allows the keyword detection to monitor any part of the data and not just the part that is applicable to the other rule (EDM / attachment).