WIP Policy disabled, and fails to re-enable

Our company has had a Windows Information Protection policy set up for several years, encrypting the company OneDrive folders on my machine, and protecting information leakage from/to untrusted applications. As of last week, this is turned off, and the event log entry for the WIP Policy application on my machine shows it is trying to turn it on, but fails with the following error :

MDM ConfigurationManager: Command failure status. Configuration Source ID: (), Enrollment Name: (MDMFull), Provider Name: (EnterpriseDataProtection), Command Type: (Add: from Replace or Add), CSP URI: (./Vendor/MSFT/EnterpriseDataProtection/Settings/EDPEnforcementLevel), Result: (Unknown Win32 Error code: 0x807c000a).

If I could find out what that error code is (0x807c000a) - that might give me some clue to what is preventing it from working. 

FYI The MDM report html shows that Intune is successfully pushing the policies to my machine, but the registry key does not get set (that's the error above)

I've been diagnosing for days, but can't work it out!