You could also prevent people from caching passwords in the first
place by editing %APPDATA%\Subversion\config (the [auth] section), but
you can't stop them from reverting it back to caching.
As you suggest, I'm currently looking at ways to restrict the SVN/TSVN configuration client side. It seems that one would need to enforce limited OS account permissions on the client computer and remove permissions for that user to change %APPDATA%\Subversion\config. However in that case, it seems that a user could technically access the repository from another computer unless access was restricted by IP (not a big concern for me anyway, but strictly speaking it seems this would be a hole in the enforcement of the policy).