diff --git a/internal/policy/operator/certified_images.go b/internal/policy/operator/certified_images.go
index db3c92c4..c724e862 100644
--- a/internal/policy/operator/certified_images.go
+++ b/internal/policy/operator/certified_images.go
@@ -76,6 +76,11 @@ func (p *certifiedImagesCheck) dataToValidate(ctx context.Context, imagePath str
 func (p *certifiedImagesCheck) validate(ctx context.Context, imageDigests []string) (bool, error) {
 	logger := logr.FromContextOrDiscard(ctx)
 
+	if len(imageDigests) == 0 {
+		logger.Info("warning: pinned images are expected but none were discovered")
+		return false, nil
+	}
+
 	pyxisImages, err := p.imageFinder.FindImagesByDigest(ctx, imageDigests)
 	if err != nil {
 		return false, err
@@ -99,7 +104,8 @@ func (p *certifiedImagesCheck) validate(ctx context.Context, imageDigests []stri
 			p.nonCertifiedImages = append(p.nonCertifiedImages, fullImg)
 		}
 	}
-	return true, nil
+
+	return len(p.nonCertifiedImages) == 0, nil
 }
 
 func (p *certifiedImagesCheck) Name() string {
diff --git a/internal/policy/operator/certified_images_test.go b/internal/policy/operator/certified_images_test.go
index e1ea7d9f..af003247 100644
--- a/internal/policy/operator/certified_images_test.go
+++ b/internal/policy/operator/certified_images_test.go
@@ -143,11 +143,11 @@ spec:
 		AfterEach(func() {
 			certifiedImagesCheck.imageFinder = &certifiedImageFinder{}
 		})
-		It("should still succeed", func() {
+		It("should fail", func() {
 			certifiedImagesCheck.imageFinder = &uncertifiedImageFinder{}
 			result, err := certifiedImagesCheck.Validate(context.TODO(), imageRef)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(result).To(BeTrue())
+			Expect(result).To(BeFalse())
 			Expect(certifiedImagesCheck.nonCertifiedImages).To(HaveLen(1))
 		})
 	})
@@ -155,11 +155,11 @@ spec:
 		AfterEach(func() {
 			certifiedImagesCheck.imageFinder = &certifiedImageFinder{}
 		})
-		It("should still succeed", func() {
+		It("should fail", func() {
 			certifiedImagesCheck.imageFinder = &missingImageFinder{}
 			result, err := certifiedImagesCheck.Validate(context.TODO(), imageRef)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(result).To(BeTrue())
+			Expect(result).To(BeFalse())
 			Expect(certifiedImagesCheck.nonCertifiedImages).To(HaveLen(1))
 		})
 	})
@@ -184,7 +184,7 @@ spec:
 		})
 	})
 	When("the images in the CSV aren't pinned", func() {
-		It("should succeed, but mark the image as non-certified", func() {
+		It("should fail", func() {
 			csvContents := `kind: ClusterServiceVersion
 apiVersion: operators.coreos.com/v1alpha1
 spec:
@@ -200,7 +200,7 @@ spec:
 			Expect(os.WriteFile(filepath.Join(imageRef.ImageFSPath, manifestsDir, clusterServiceVersionFilename), []byte(csvContents), 0o644)).To(Succeed())
 			result, err := certifiedImagesCheck.Validate(context.TODO(), imageRef)
 			Expect(err).ToNot(HaveOccurred())
-			Expect(result).To(BeTrue())
+			Expect(result).To(BeFalse())
 			Expect(certifiedImagesCheck.nonCertifiedImages).To(HaveLen(1))
 		})
 	})