EIP-20: why states MUST for transfer zero amount?

in EIP-20: Token Standard

you have

Note Transfers of 0 values MUST be treated as normal transfers and fire the Transfer event.

I am security auditor and I often face with clients who have

require(amount > 0, "prohibited");

in their erc-20 token implementation.

It looks intuitive, that indeed, transfer for zero amount makes not sense.

  1. Why EIP-20 states “MUST” for allowing such transfers? What is the rationale behind?

  2. What is the risk if you prohibit transfer for zero amount?

My proposal is to add sich rationale inside EIP-20 standard to avoid confusion and incompliency