How to build per-state overlay configuration that composes by intersection for 50-state operators

The 4-skill bundle on the per-state-overlay-composer agent

One agent. Four coordinated skills. The Compose + Intersect + Resolve + Audit bundle runs above the policy-engine + per-state-regulator substrate and writes one canonical per-tenant per-state-coverage overlay record.

Compliance overlay

Five anchors run per-tenant per-state-coverage before any overlay commits to runtime policy engine. The first anchor is operationally distinctive: per-state overlay intersection algebra + set-theoretic composition + per- state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis + per- state biometric + per-state data privacy 18-state + federal preemption + per-state choice-of-law converge on every overlay composition.

FAQ

What is per-state overlay configuration that composes by intersection — and what is the per-state-overlay-intersection-algebra-times-50-state-UDTPA-times-per-state-attorney-advertising-times-per-state-professional-licensing-times-per-state-alcohol-cannabis-times-per-state-biometric-times-18-state-data-privacy-times-federal-preemption-times-per-state-choice-of-law problem distinctive to this skill?

A 50-state operator (multi-unit franchise + multi-location retail + DTC ecommerce + multi-vertical regulated) ships tenant-configurable overlays where each per-tenant coverage map (a subset of the 50 states + DC + Puerto Rico + US Virgin Islands + Guam) requires per-state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis/tobacco + per-state biometric + per-state data privacy + per-state right-of-publicity + per-state recording consent + per-state security breach notification + per-state insurance + per-state real estate disclosure + per-state employment-restrictive-covenant overlays to compose by set intersection. The four-skill bundle on the per-state-overlay-composer agent — Compose, Intersect, Resolve, Audit — sits above the policy-engine + per-state-regulator substrate (TypeScript discriminated-union per-state schema + JSON Schema + OpenAPI + Avro + Protobuf overlay registry + OPA Rego + Cedar + AWS Verified Permissions + Casbin per-state policy DSL) and writes a per-tenant per-state-coverage canonical overlay record. The operationally distinctive anchor: per-state overlay configuration intersection algebra (set-theoretic composition: ∩ intersection + ∪ union + ∁ complement + ⊕ symmetric difference) + per-state UDTPA 50-state matrix + per-state Attorney General consumer-protection + per-state attorney advertising 50-state bar matrix + ABA Model Rule 7.1-7.5 + per-state professional licensing (Plumber + Electrician + Locksmith + RoofingContractor + GeneralContractor + Notary + Physician + Dentist + Pharmacy + Optometrist + Veterinarian + Chiropractor + Accountant CPA + Engineer PE + Architect + Insurance + Real Estate) + per-state alcohol TABC + CalABC + TTB + NY SLA + Pennsylvania PLCB + Utah DABC 50-state alcohol + per-state cannabis state-board 38-state cannabis + per-state tobacco state-board + per-state age-restriction + per-state biometric (BIPA + CUBI + Washington biometric + Maryland HB1093) + per-state data privacy 18-state (CCPA + CPRA + VCDPA + CPA + CTDPA + UCPA + ICDPA + INDPA + TIPA + TDPSA + MCDPA + OCPA + DPDPA + FDBR + NHDPA + NJDPA + KCDPA + MODPA) + federal preemption doctrine + per-state choice-of-law (Restatement (Second) Conflict of Laws §188 most-significant-relationship + lex loci contractus + lex loci delicti) + per-state long-arm jurisdiction + Erie doctrine.

Why do TypeScript schema + JSON Schema + OPA Rego + Cedar + Casbin break at 50-state overlay-intersection scale?

Each policy-engine ships per-rule flat policy primitive at single-tenant single-jurisdiction level. None coordinates per-tenant per-state-coverage intersection algebra against per-state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis/tobacco + per-state biometric + per-state data privacy + per-state right-of-publicity + per-state recording consent + per-state security breach notification + per-state insurance + per-state real estate disclosure + per-state employment-restrictive-covenant convergence. None handles federal preemption doctrine + per-state choice-of-law (Restatement (Second) Conflict of Laws §188 most-significant-relationship + lex loci contractus + lex loci delicti) + per-state long-arm jurisdiction + Erie doctrine. None gates against multistate-coverage gap analysis (states where tenant operates without overlay coverage = silent compliance failure). None enforces SOX 302/404/906 + COSO + Exchange Act 13(b)(2) when public-company tenant material. None writes a per-tenant per-state-coverage audit trail with regulatory-defense retention. The four-skill bundle Compose + Intersect + Resolve + Audit sits above the policy-engine + per-state-regulator substrate — it does not replace it.

How does Compose + Intersect work?

Compose runs per-tenant per-state-coverage overlay composition from per-state overlay registry (50-state + DC + Puerto Rico + US Virgin Islands + Guam) keyed by per-state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis/tobacco + per-state biometric + per-state data privacy + per-state right-of-publicity + per-state recording consent + per-state security breach notification + per-state insurance + per-state real estate disclosure + per-state employment-restrictive-covenant overlays. Per-tenant coverage-map (the subset of states the tenant operates in) drives the per-overlay composition selection. Intersect runs set-theoretic composition algebra: ∩ intersection (apply overlay only when ALL covered states require it), ∪ union (apply overlay when ANY covered state requires it), ∁ complement (apply overlay when NO covered state allows exception), ⊕ symmetric difference (flag overlay where overlay required in some but not all covered states). Per-tenant per-overlay applicability resolution. Per-state choice-of-law engine resolves conflicts (Restatement (Second) Conflict of Laws §188 most-significant-relationship + lex loci contractus + lex loci delicti). Per-tenant multistate-coverage gap analysis flags silent-compliance-failure regions.

What does Resolve + Audit do?

Resolve runs per-tenant per-overlay-conflict resolution against federal preemption doctrine + per-state choice-of-law + per-state long-arm jurisdiction + Erie doctrine. Per-overlay severity classification: P0 federal preemption violation immediate + P1 multistate gap silent-compliance-failure 72-hour + P2 per-state UDTPA conflict 7-day + P3 per-state choice-of-law ambiguity 30-day + P4 docs-only. Per-tenant per-state-coverage canonical resolution record. Gate runs 5 anchors per-tenant per-state-coverage before any overlay commits to runtime policy engine. (1) Per-state overlay intersection algebra + set-theoretic composition + per-state UDTPA + per-state Attorney General consumer-protection + per-state attorney advertising + ABA Model Rule + per-state professional licensing + per-state alcohol/cannabis/tobacco + per-state biometric + per-state data privacy 18-state + federal preemption + per-state choice-of-law + per-state long-arm + Erie doctrine + multistate-coverage gap analysis. (2) FTC Endorsement Guides 16 CFR Part 255 + FTC Fake Review Rule 16 CFR Part 465 + Section 5 + Pfizer 1972 + MARS + Health Products + CFPB UDAAP + Lanham + USPTO + Robinson-Patman + FDD Item 12 + 15-state franchise. (3) HIPAA 45 CFR 164.502/504/514 + state mini-HIPAA + FINRA Rule 2210 + Rule 3110 + SEC Regulation FD + FDA OPDP + DEA + per-state-pharmacy-board + per-state-medical-board. (4) EU AI Act Article 50 transparency when AI-generated overlay reasoning + Article 13/14/15 + Annex III when AI-ML overlay composition routing + Article 6/27 FRIA + DSA + DMA + GDPR Article 6/7/28/30 + LGPD + DPDP + PIPEDA + Quebec Law 25 + CCPA + CPRA + 18-state. (5) WCAG 2.2 AA + ARIA + EAA + ADA Title III + Section 508 + SOX 302/404/906 + COSO + Exchange Act 13(b)(2) + SEC Reg S-K. Audit writes a per-tenant per-state-coverage WORM overlay-composition record: tenant coverage-map snapshot + per-state overlay applicability + intersection-algebra resolution + per-overlay severity + per-anchor gate-pass + AI-ML provenance + EU AI Act FRIA. Storage: AWS S3 Object Lock + Azure Blob immutable + GCS + Wasabi WORM. Retention: 7-year FTC + 7-year IRS + 7-year HIPAA + 7-year state bar + 6-year SEC + 3-year FINRA + 7-year SOX + GDPR Article 30 + EU AI Act Article 12 + SOC 2 CC7/CC8.

What does this skill connect to on the per-state-overlay-composer agent and across the swarm?

On the per-state-overlay-composer agent: per-vertical compliance overlay (sibling) + per-vertical pre-built compliance overlay templates + per-vertical schema validation with maintained rule libraries. Across the swarm: per-vertical compliance overlay (#346 same per-vertical overlay substrate) + per-location compliant social drafting (#598 DOWNSTREAM consumer of per-state attorney advertising + per-state alcohol/cannabis overlays) + per-vertical catalog schema validation (#597 DOWNSTREAM consumer of per-state product liability + per-state alcohol/cannabis overlays) + governance-decision-router five-destination routing + tiered pre-filter deterministic gates for AI content + nested-autonomy profile inheritance (#342). Commercial-pillar parent: /per-vertical-compliance-overlays. Cross-skill foundational: this skill is the upstream canonical for every downstream skill that requires per-state overlay coverage.

What does the 6-workstream pre-engagement-baseline reporting cycle look like for this skill?

Every two weeks during the Tier 3 Fractional CMO with AI Swarm engagement, six workstreams report against the pre-engagement baseline. Workstream 1: per-tenant per-state-coverage overlay-composition coverage — tenants monitored + state coverage maps + per-overlay categories composed (per-state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis/tobacco + per-state biometric + per-state data privacy + per-state right-of-publicity + per-state recording consent + per-state security breach + per-state insurance + per-state real estate disclosure + per-state employment-restrictive-covenant). Workstream 2: Compose per-tenant per-state overlay composition flow — per-state overlay registry coverage + per-tenant coverage-map applied. Workstream 3: Intersect set-theoretic composition algebra flow — ∩ intersection + ∪ union + ∁ complement + ⊕ symmetric difference resolution + per-state choice-of-law conflict resolution + multistate-coverage gap analysis. Workstream 4: Resolve per-overlay-conflict resolution flow — federal preemption + per-state choice-of-law + per-state long-arm + Erie doctrine resolution + per-overlay severity classification. Workstream 5: Regulatory-defense audit coverage — per-state overlay intersection algebra + per-state UDTPA + per-state attorney advertising + per-state professional licensing + per-state alcohol/cannabis + per-state biometric + per-state data privacy 18-state + federal preemption + per-state choice-of-law + EU AI Act Article 50 + SOX. Workstream 6: FBC feedback-loop pattern-learning — per-tenant per-state realized-vs-predicted overlay applicability + per-state regulator enforcement retrospective + multistate-coverage gap closure retrospective.

Related reading

• Parent commercial pillar: per-vertical compliance overlays
• Sibling build-pillar: per-location compliant social drafting (#598 DOWNSTREAM consumer of per-state attorney advertising + per-state alcohol/cannabis overlays)
• Sibling build-pillar: per-vertical catalog schema validation (#597 DOWNSTREAM consumer of per-state product liability + per-state alcohol/cannabis overlays)
• Sibling build-pillar: nested-autonomy profile inheritance (#342 governance routing)
• Fractional CMO with AI Swarm
• AI Readiness Assessment