diff --git a/.changelog/19679.txt b/.changelog/19679.txt
new file mode 100644
index 000000000..42f681be2
--- /dev/null
+++ b/.changelog/19679.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+CLI: fix a panic when deleting a non existing policy by name.
+```
diff --git a/command/acl/acl_helpers.go b/command/acl/acl_helpers.go
index b0e65d224..7954cd3e5 100644
--- a/command/acl/acl_helpers.go
+++ b/command/acl/acl_helpers.go
@@ -102,6 +102,10 @@ func GetPolicyIDByName(client *api.Client, name string) (string, error) {
 		return "", err
 	}
 
+	if policy == nil {
+		return "", fmt.Errorf("No such policy with name: %s", name)
+	}
+
 	return policy.ID, nil
 }
 
diff --git a/command/acl/acl_test.go b/command/acl/acl_test.go
index 2095795ff..f5b693de0 100644
--- a/command/acl/acl_test.go
+++ b/command/acl/acl_test.go
@@ -48,6 +48,36 @@ func Test_GetPolicyIDByName_Builtins(t *testing.T) {
 	}
 }
 
+func Test_GetPolicyIDByName_NotFound(t *testing.T) {
+	t.Parallel()
+
+	a := agent.StartTestAgent(t,
+		agent.TestAgent{
+			LogOutput: io.Discard,
+			HCL: `
+				primary_datacenter = "dc1"
+				acl {
+					enabled = true
+					tokens {
+						initial_management = "root"
+					}
+				}
+			`,
+		},
+	)
+
+	defer a.Shutdown()
+	testrpc.WaitForTestAgent(t, a.RPC, "dc1", testrpc.WithToken("root"))
+
+	client := a.Client()
+	client.AddHeader("X-Consul-Token", "root")
+
+	id, err := GetPolicyIDByName(client, "not_found")
+	require.Error(t, err)
+	require.Equal(t, "", id)
+
+}
+
 func Test_GetPolicyIDFromPartial_Builtins(t *testing.T) {
 	t.Parallel()