Architecture swarm · Lead-scoring-routing agent · Firmographic- enrichment skill · Build pillar · Published June 4, 2026
How to build firmographic enrichment + lead routing
Firmographic enrichment runs every lead that enters the funnel through a multi-vendor waterfall: Apollo + ZoomInfo + Clearbit + Cognism + Lusha + Hunter + RocketReach + LeadIQ + People Data Labs + Coresignal + 14 other vendors; with intent overlay from 6sense + Demandbase + Bombora + Madison Logic + RollWorks + Terminus + Foundry Intent. Firmographic enrichment IS cross- border data processing — leads originating in the EU + UK + Canada are routinely enriched by US vendors, which means GDPR Article 28 data processor obligations + Article 30 records of processing + EU-US Data Privacy Framework (July 2023) + Standard Contractual Clauses + UK International Data Transfer Agreement all apply per vendor per call. The Enrich + Resolve + Gate + Audit skill bundle on the lead-scoring-routing agent sits above the 17+ firmographic vendor surface and writes a per-lead canonical record with named regulatory anchors preserved in every audit record: per-API license terms + hiQ Labs / Van Buren / Meta v Bright Data CFAA scraping doctrine + GDPR Article 28 / 30 + EU-US DPF + SCCs + CCPA / CPRA service-provider + FCRA + ECOA disparate-impact + FDD Item 12 + EU AI Act + NIST AI RMF.
The 4-skill bundle on the lead-scoring-routing agent
Enrich
Multi-vendor waterfall across 3 tiers. Tier 1 (Apollo + ZoomInfo + Clearbit / HubSpot Breeze Intelligence) for highest accuracy + highest cost. Tier 2 (Cognism + Lusha + LeadIQ) for mid-tier coverage. Tier 3 (Hunter + RocketReach + People Data Labs + Coresignal + Adapt + UpLead + Seamless + Surfe + Datanyze) for long-tail at lowest cost. Per-field waterfall fall-through (Tier 1 first; Tier 2 on miss; Tier 3 on miss; cost-budget stop). Per-field vendor-accuracy ranking (firmographic Apollo-first; technographic Clearbit- first; intent Bombora / 6sense / Demandbase / Madison Logic / RollWorks / Terminus / Foundry Intent-first; contact ZoomInfo / Lusha-first). Real-time (form-submission + CRM record-create trigger; Tier 1 sub-500ms; Tier 2 sub-1500ms; Tier 3 sub-3000ms) vs async batch fallback. Per-vendor LLM zero-retention verified per call.
Resolve
Cross-vendor company resolution (domain + DUNS + LinkedIn company URL + tax ID EIN + Crunchbase ID + SEC CIK). Cross-vendor field-value dedup. Cross-vendor field conflict resolution (Tier 1 wins on firmographic + Tier 1 wins on employee count + most-recent wins on contact + highest- confidence wins + LLM-augmented tie-breakers under per- vendor zero-retention). Per-field confidence scoring (Tier 1 95% + Tier 2 85% + Tier 3 75% + cross-vendor agreement bonus + freshness penalty). Per-field data-freshness budget (firmographic 90-day + contact 180-day + technographic 365- day). Stale-field re-enrichment trigger fires Enrich waterfall when freshness exceeded. Low-confidence fields flag for human review.
Gate
Five anchors before commit. Per-API license terms across 17+ firmographic vendors + per-source DPA + per-API rate- limit honoring + hiQ Labs v LinkedIn 9th Cir 2022 + Van Buren 2021 + Meta v Bright Data ND Cal 2024 CFAA scraping doctrine + GDPR Article 5 + 6 + 28 data processor + Article 30 records of processing + Article 32 + Article 35 DPIA + Article 44-49 international transfers + EU-US Data Privacy Framework (July 2023) + Standard Contractual Clauses + UK IDTA + Swiss-US DPF + CCPA service-provider + CPRA contractor + 17-state + LGPD + DPDP + PIPEDA + Quebec Law 25. DSAR fulfillment chain (GDPR Article 15 + 16 + 17 + 20 + CCPA right to know + CPRA right to correct + 17-state DSAR) propagates through every vendor in the chain. FCRA + ECOA Regulation B disparate-impact + Fair Housing + GLBA + COPPA. FDD Item 12 + 15-state franchise + FDD Item 17 + 19 + CFPB UDAAP + FTC Section 5 + CAN-SPAM + TCPA + 10DLC + CASL when enriched lead drives outbound. EU AI Act Article 22 + 26 + 50 + Annex III + Article 13 + 14 + 15 + NIST AI RMF + ISO 42001 + per-vendor LLM zero-retention. Policy-as- code via OPA Rego + AWS Cedar + Casbin + Cerbos + Oso + Styra DAS + Permit.io.
Audit
Per-lead WORM record + territory routing (ZIP + DMA + radius + state + county + FDD Item 12 attestation + overlap resolution + fallback) + ABM tier assignment (Tier 1 strategic 300-target + Tier 2 named 1,500-target + Tier 3 target 5,000-target) + per-tier SLA (Tier 1 1-hour + Tier 2 4-hour + Tier 3 24-hour) + per-tier routing rule (Tier 1 to VP Sales + Tier 2 to Sales Director + Tier 3 to SDR team) + SLA-violation alert + escalation. DSAR export on demand. Storage: AWS S3 Object Lock + Azure Blob immutable + Google Cloud Storage Bucket Lock + Wasabi WORM. Retention stacks (longest applicable): 7-year FTC + 7-year IRS + 7-year FDD + per-state franchise + 6-year SEC + 3-year FINRA 4511 + 36-month CASL + GDPR Article 30 + CCPA 12-month + EU AI Act Article 12 + SOC 2 CC7 / CC8.
The real vendor ecosystem this sits above
Firmographic + intent providers
Firmographic (Apollo.io + ZoomInfo + Clearbit / HubSpot Breeze Intelligence + Cognism + Lusha + Hunter.io + RocketReach + LeadIQ + DiscoverOrg + People Data Labs + Coresignal + LeadFeeder + Adapt.io + UpLead + Seamless.AI + Surfe + Datanyze). Intent (6sense + Demandbase + Bombora + Madison Logic + RollWorks + Terminus + Foundry Intent).
Integration platforms + CRM + LLM
Integration (Workato + Tray.io + n8n + Zapier). CRM destinations (Salesforce + HubSpot + Microsoft Dynamics 365 + Zoho + Pipedrive + Keap + ActiveCampaign + Copper + SugarCRM + Freshsales + Insightly + Nutshell + Apptivo + monday CRM + Method). OpenAI + Anthropic LLM tie-breakers under per-vendor zero-retention back Resolve conflict adjudication. LangSmith + Weights & Biases + Arize + WhyLabs + Helicone + Langfuse + PromptLayer + Galileo observability.
Policy-as-code + WORM + sibling skills
OPA Rego + AWS Cedar + Casbin + Cerbos + Oso + Styra DAS + Permit.io policy-as-code expresses per-API license terms + GDPR Article 28 / 30 + EU-US DPF + SCCs + CCPA service- provider + DSAR propagation + FCRA + ECOA disparate-impact + FDD Item 12 + EU AI Act gates. AWS S3 Object Lock + Azure Blob immutable + Google Cloud Storage Bucket Lock + Wasabi compliance WORM. Siblings on the lead-scoring-routing agent: lead-enrichment (parent commercial); BANT scoring (downstream consumer); multi-source attribution-preserving lead ingestion (#557 upstream lead source); multi-location BANT lead-scoring.
The 6-workstream reporting cycle
Numeric uplift commitments are not made up-front. The engagement ships a pre-engagement baseline across six workstreams; the cycle tracks delta against that baseline. Reporting is the substrate, not the promise.
- Enrich coverage. Per-vendor waterfall tier- hit distribution; per-field vendor-accuracy ranking adherence; per-vendor latency budget adherence (Tier 1 sub-500ms + Tier 2 sub-1500ms + Tier 3 sub-3000ms); cost-budget stop rule telemetry; per-vendor LLM zero-retention verification per call.
- Resolve quality. Cross-vendor company resolution precision + recall; cross-vendor dedup accuracy; field-conflict resolution distribution; per-field confidence- score distribution; per-field freshness adherence (90-day firmographic + 180-day contact + 365-day technographic); LLM tie-breaker escalation rate.
- Gate quality. Per-anchor evaluation completeness (per-API license terms + CFAA scraping doctrine + GDPR Article 28 / 30 + EU-US DPF + SCCs + UK IDTA + CCPA service-provider + DSAR + FCRA + ECOA + Fair Housing + FDD Item 12 + EU AI Act); per-anchor pass / fail / route-to- counsel distribution; per-API ToS violation count; per- cross-border transfer adequacy posture.
- Audit quality. Per-lead WORM record completeness; retention-window coverage (longest of 7-year FTC + 7-year IRS + 7-year FDD + per-state franchise + 6-year SEC + 3-year FINRA 4511 + 36-month CASL + GDPR Article 30 + CCPA 12-month + EU AI Act Article 12 + SOC 2 CC7 / CC8); end-to-end replay success rate; DSAR fulfillment turnaround.
- Compliance posture. Per-API license-terms attestation cadence; per-source DPA refresh cadence; GDPR Article 30 records-of-processing coverage; EU-US DPF + SCCs + UK IDTA coverage by data-transfer pair; DSAR propagation through vendor chain on right-to-erasure; FCRA permissible- purpose adherence when applicable; ECOA disparate-impact audit cadence; FDD Item 12 territorial-protection adherence; EU AI Act Article 50 disclosure coverage when AI-ML routing participated.
- Audit-trail completeness. Per-anchor regulatory citation completeness; sibling-handoff pointer completeness into the lead-scoring-routing bundle (lead- enrichment parent + BANT scoring + multi-source attribution- preserving lead ingestion #557 + multi-location BANT lead- scoring) and into downstream consumers on the customer-data- graph agent (per-location per-channel per-brand CLV), the rollup-reporting agent (per-location MMM-driven budget recommendation + per-location cross-channel attribution rollup), the territory-analysis-market-scoring agent (per- prospect franchise-territory analysis pipeline), and the governance-decision-router agent (multi-dimensional threshold routing + five-destination routing).
Frequently asked questions
What is firmographic enrichment + lead routing — and what makes it operationally distinctive as cross-border data processing?
Firmographic enrichment runs every lead that enters the funnel through a multi-vendor waterfall: Apollo.io + ZoomInfo + Clearbit (HubSpot Breeze Intelligence) + Cognism + Lusha + Hunter.io + RocketReach + LeadIQ + DiscoverOrg + People Data Labs + Coresignal + LeadFeeder + Adapt.io + UpLead + Seamless.AI + Surfe + Datanyze; with intent overlay from 6sense + Demandbase + Bombora + Madison Logic + RollWorks + Terminus + Foundry Intent. Each lead receives firmographic + technographic + intent + contact fields, then routes to a sales destination under territory rules + ABM tier + SLA. Firmographic enrichment IS cross-border data processing — leads originating in the EU + UK + Canada are routinely enriched by US vendors, which means GDPR Article 28 data processor obligations + Article 30 records of processing + EU-US Data Privacy Framework (July 2023) + Standard Contractual Clauses + UK International Data Transfer Agreement all apply per vendor per call. The four-skill bundle on the lead-scoring-routing agent — Enrich, Resolve, Gate, Audit — sits above the 17+ firmographic vendor surface and writes a per-lead canonical record with named regulatory anchors preserved in the audit trail.
Why do Apollo + ZoomInfo + Clearbit + Cognism + Lusha + Hunter + RocketReach + LeadIQ + People Data Labs + Coresignal break at multi-territory franchise scale?
Each vendor ships a per-tenant per-lead per-field primitive — one account, one lead, one field at a time, one cost. None coordinates the multi-vendor waterfall fall-through (Tier 1 attempt first; Tier 2 on miss; Tier 3 on miss; cost-budget stop rule). None per-field-vendor-accuracy-ranks (firmographic Apollo-first + technographic Clearbit-first + intent Bombora / 6sense / Demandbase-first + contact ZoomInfo / Lusha-first). None enforces per-field data-freshness budget (firmographic 90-day + contact 180-day + technographic 365-day). None resolves cross-vendor company identity (domain + DUNS number + LinkedIn company URL + tax ID EIN) for cross-vendor deduplication + conflict resolution. None propagates per-field confidence (Tier 1 95-percent + Tier 2 85-percent + Tier 3 75-percent + cross-vendor agreement bonus + freshness penalty) into the routing decision. None enforces FDD Item 12 territorial-protection or ECOA disparate-impact when AI-ML routing uses firmographic proxies that correlate with protected class. None propagates GDPR Article 17 right-to-erasure + CCPA opt-out across the entire vendor chain. The four-skill bundle Enrich + Resolve + Gate + Audit sits above the vendor surface — it does not replace it.
What does Enrich do — multi-vendor waterfall + per-field accuracy ranking + real-time vs async + cost-budget discipline?
Enrich runs the multi-vendor waterfall across three coordinated tiers. Tier 1 (Apollo + ZoomInfo + Clearbit / HubSpot Breeze Intelligence) for highest accuracy + highest cost. Tier 2 (Cognism + Lusha + LeadIQ) for mid-tier coverage. Tier 3 (Hunter + RocketReach + People Data Labs + Coresignal + Adapt + UpLead + Seamless + Surfe + Datanyze) for long-tail coverage at lowest cost. Per-field waterfall fall-through rules: Tier 1 attempt first; Tier 2 on miss; Tier 3 on miss; cost-budget stop rule per lead. Per-field vendor-accuracy ranking: firmographic fields Apollo-first; technographic fields Clearbit-first; intent fields Bombora + 6sense + Demandbase + Madison Logic + RollWorks + Terminus + Foundry Intent-first; contact fields ZoomInfo + Lusha-first. Real-time vs async batch fallback: form-submission trigger + CRM record-create trigger fire real-time enrichment with per-vendor latency budget (Tier 1 sub-500ms; Tier 2 sub-1500ms; Tier 3 sub-3000ms); async batch enrichment fires when real-time budget is exceeded. Per-vendor LLM zero-retention verified per call. Per-Enrich confidence tier + explainability written into Audit.
What does Resolve do — cross-vendor company resolution + dedup + conflict resolution + confidence scoring + data freshness?
Resolve runs four coordinated subsystems on the multi-vendor enrichment output. Cross-vendor company resolution: domain resolution + DUNS number resolution + LinkedIn company URL resolution + tax ID EIN resolution + Crunchbase ID + SEC CIK number where public. Cross-vendor field-value deduplication via composite natural key + SHA-256 content hash. Cross-vendor field conflict resolution: Tier 1 wins on firmographic; Tier 1 wins on employee count; most-recent-update wins on contact; highest-confidence wins; LLM-augmented tie-breakers (OpenAI + Anthropic under per-vendor zero-retention) flag conflicts for operator review where the operator policy requires. Per-field confidence scoring: Tier 1 vendor confidence 95-percent baseline; Tier 2 vendor confidence 85-percent baseline; Tier 3 vendor confidence 75-percent baseline; cross-vendor agreement bonus + data freshness penalty. Per-field data-freshness budget: firmographic 90-day staleness budget; contact 180-day staleness budget; technographic 365-day staleness budget. Stale-field re-enrichment trigger fires the Enrich waterfall when freshness budget is exceeded. Low-confidence fields flag for human review. Per-Resolve confidence tier + explainability written into Audit.
What does Gate do — per-API license terms + GDPR Article 28 / 30 + EU-US DPF + SCCs + CCPA / CPRA + FCRA + ECOA + Fair Housing + FDD Item 12 + EU AI Act?
Gate evaluates five operationally distinctive anchors before any per-lead record commits. Anchor 1 (the most operationally distinctive — distinctive to firmographic enrichment as cross-border data processing): GDPR Article 5 lawful basis + Article 6 + Article 28 data processor obligations + Article 30 records of processing + Article 32 security + Article 35 DPIA + Article 44-49 international transfers; EU-US Data Privacy Framework (July 2023 adequacy decision); Standard Contractual Clauses; UK International Data Transfer Agreement (IDTA); Swiss-US Data Privacy Framework; CCPA service-provider definition + CPRA contractor definition; 17-state comprehensive privacy processor distinctions; Washington My Health My Data Act 2024 + Texas SCOPE Act 2024 + LGPD + DPDP + PIPEDA + Quebec Law 25; per-API license terms across the 17+ firmographic vendor surface (Apollo + ZoomInfo + Clearbit + Cognism + Lusha + Hunter + RocketReach + LeadIQ + DiscoverOrg + People Data Labs + Coresignal + LeadFeeder + Adapt + UpLead + Seamless + Surfe + Datanyze) + per-source Data Processing Addendum + per-API rate-limit honoring; hiQ Labs v LinkedIn 9th Cir 2022 + Van Buren v United States 2021 + Meta v Bright Data ND Cal 2024 CFAA scraping doctrine when data sourcing involves third-party scraping. Anchor 2 (DSAR fulfillment chain): GDPR Article 15 right of access + Article 16 right to rectification + Article 17 right to erasure + Article 20 right to data portability + CCPA right to know + CPRA right to correct + 17-state DSAR variations — DSAR requests must propagate through every firmographic vendor in the chain on right-to-erasure. Anchor 3 (credit + anti-discrimination): FCRA when firmographic enrichment data affects credit decisioning + prescreen + permissible purpose + adverse-action notice; ECOA Regulation B disparate-impact when AI-ML routing routes based on firmographic proxies that correlate with protected class via industry / company size / location / demographic correlate; Fair Housing Act; GLBA Safeguards Rule when financial services; COPPA 15 USC 6501. Anchor 4 (franchise + outbound + AI-governance): FDD Item 12 territorial-protection per FTC Franchise Rule 16 CFR 436 + 15-state franchise registration + state franchise relationship laws + FDD Item 17 + 19; CFPB UDAAP; FTC Section 5 + Pfizer 1972 substantiation; CAN-SPAM + TCPA + 10DLC + CTIA + CASL 36-month + Federal DNC + state DNC when enriched lead drives outbound. Anchor 5 (AI-governance): EU AI Act Article 22 transparency of automated decisions + Article 26 deployer obligations + Article 50 transparency for AI-generated content + Article 13 + 14 + 15 + Annex III high-risk classification (when AI-ML enrichment scoring drives routing + SLA assignment); NIST AI Risk Management Framework; ISO 42001 AI Management System; per-vendor LLM zero-retention verified per call. Policy-as-code expression via OPA Rego + AWS Cedar + Casbin + Cerbos + Oso + Styra DAS + Permit.io.
What does Audit do — per-lead WORM record + territory routing + ABM tier + SLA enforcement + DSAR export?
Audit writes a per-lead WORM record at every Enrich + Resolve + Gate decision: per-lead ID + per-source pointer + per-banner pointer + per-location pointer + Enrich waterfall trace (per-vendor chain + per-vendor attempt order + per-vendor success / miss + per-vendor latency + per-vendor cost) + per-field source-vendor + per-field confidence + per-field freshness + Resolve cross-vendor company resolution snapshot + Resolve field-conflict resolution snapshot + Resolve LLM tie-breaker snapshot + per-anchor Gate decision with evidence (per-API license-terms attestation + per-source DPA + GDPR Article 28 / 30 + EU-US DPF + SCCs + UK IDTA + CCPA service-provider + 17-state + DSAR propagation + FCRA + ECOA disparate-impact audit + Fair Housing + FDD Item 12 protected-territory + EU AI Act Article 50 disclosure) + per-vendor LLM zero-retention verification + territory routing decision (ZIP code list + DMA + radius from store pin + state + county + FDD Item 12 compliance attestation + overlap-territory resolution + fallback to corporate) + ABM tier assignment (Tier 1 strategic 300-target + Tier 2 named 1,500-target + Tier 3 target 5,000-target) + per-tier SLA (Tier 1 1-hour response + Tier 2 4-hour + Tier 3 24-hour) + per-tier routing rule (Tier 1 to VP Sales + Tier 2 to Sales Director + Tier 3 to SDR team) + SLA-violation alert + escalation + per-conversion outcome record + sibling-handoff pointers. DSAR export on demand for CCPA Right to Know + CPRA right to correct + GDPR Article 15 + Article 17 + 17-state DSAR. Storage on AWS S3 Object Lock + Azure Blob immutable + Google Cloud Storage Bucket Lock + Wasabi compliance WORM. Retention stacks (longest applicable wins): 7-year FTC substantiation + 7-year IRS + 7-year FDD + per-state franchise registration + 6-year SEC + 3-year FINRA 4511 + per-state two-party recording + 36-month CASL + GDPR Article 30 + CCPA 12-month + EU AI Act Article 12 + SOC 2 CC7 / CC8. End-to-end replay rewinds Enrich + Resolve + Gate + routing with confidence tier and explainability at every stage. Sibling handoffs flow into the lead-enrichment parent commercial pillar, the buyer-state-aware BANT scoring sibling build-pillar (downstream scoring consumer of enriched lead), the multi-source attribution-preserving lead ingestion sibling build-pillar (#557, upstream lead source), the multi-location BANT lead-scoring sibling, the customer-data-graph agent (per-location per-channel per-brand CLV sibling), the rollup-reporting agent (per-location MMM-driven budget recommendation engine + per-location cross-channel attribution rollup siblings), the territory-analysis-market-scoring agent (per-prospect franchise-territory analysis pipeline sibling), and the governance-decision-router agent (multi-dimensional threshold routing + five-destination routing siblings).
Engage Completions on the lead-scoring-routing bundle
The Enrich + Resolve + Gate + Audit four-skill bundle ships as the orchestration layer above your existing firmographic + intent + integration + CRM + LLM ensemble surface. Per-API license terms + GDPR Article 28 / 30 + EU-US Data Privacy Framework + SCCs + CCPA service-provider + DSAR fulfillment chain + FCRA + ECOA disparate-impact + FDD Item 12 + EU AI Act anchors are preserved in every per-lead audit record. Tier 1 AI Readiness Assessment scopes the bundle in two to three weeks; Tier 3 Fractional CMO with AI Swarm operates the bundle end-to-end.