How to load per-vertical compliance overlays at runtime (without burying every output in disclaimers)

If your franchise system operates in healthcare, cannabis, financial services, alcohol, or any other regulated vertical, your AI marketing pipeline cannot share infrastructure with a non-regulated franchise's pipeline. Compliance failure is the only failure mode that can end the business. A single non-compliant local page can trigger an FDA warning letter, a state attorney general inquiry, or a class-action plaintiff's exhibit.

The fix is not "tighter brand-voice gate thresholds." Compliance is a separate problem with a separate gate, a different audit retention requirement, a different escalation path, and jurisdiction-aware rule loading at runtime. This guide walks through how to design the compliance overlay system so every output gets evaluated against the right rules for its category and jurisdiction without burying every output in defensive disclaimers.

Why the compliance gate is a separate system, not stricter brand-voice thresholds

Key differences from the brand-voice gate: purpose is legally permissible vs. impermissible (not on-brand vs. off-brand). Failure cost is regulatory enforcement, lawsuits, license loss (not reputation). Threshold is binary per claim (not tunable per surface). Model strategy is two-model PLUS rule-based pre-filter (not just two-model voice-grading). Acceptable false positive is strongly preferred over false negative; acceptable false negative is catastrophic and must be near-zero. Override authority is compliance officer + legal review (not brand director). Audit retention is 10+ years or per-jurisdiction max (not 7 years).

The compliance gate runs in parallel to the brand-voice gate, with different inputs (per-category rulesets), different outputs (binary allow/reject + cited rule references), and different escalation paths (compliance officer in Tier 3, legal in Tier 4).

Which categories need compliance overlays + what each one regulates

Compliance load is not uniform. The exposure depends on category × jurisdiction × claim surface. Common franchise categories with compliance load: Healthcare / med-spa / chiropractic / PT (regulators: FTC, FDA, state medical boards, HIPAA; risk surfaces: treatment outcome claims, before/after photos, "FDA-cleared" language, testimonials with results). Cannabis (state cannabis boards, FDA for CBD, local zoning; THC/CBD potency, medical benefit, minor-targeted content, ad distance from schools). Financial services (CFPB, state insurance + banking depts, FINRA; APR claims, "guaranteed approval," state-specific lending limits, suitability disclosures). Alcohol (TTB, state ABC boards, local jurisdictions; pricing claims, promotion compliance, ABV claims, happy-hour rules per state). Education (FTC, state ed depts, ED for accredited programs; outcome claims, "guaranteed," income claims). Childcare (state licensing boards, USDA; capacity claims, staff-to-child ratios, accreditation references). Auto (FTC, state DMV/consumer protection, state lemon laws; pricing claims, warranty language, "certified pre-owned" requirements). Restaurants/QSR (FDA, USDA, local health depts; allergen claims, calorie counts, "fresh"/"natural"). Home services (EPA, state contractor boards, FTC; "EPA-approved" language, license number disclosure, warranty terms).

Most franchise systems live in 1-2 of these categories. The compliance design must match your specific exposure. A national gym franchise's compliance load is small; a national med-spa franchise's compliance load is enormous.

If your operation is non-regulated (most retail, most non-regulated services), you still need allergen-style disclosures and warranty language, but the architecture-heavy version of this guide applies primarily to the categories above.

The two-stage compliance check

LLMs alone cannot be trusted for compliance gating. Three reasons:

1. Hallucination risk — an LLM might confidently approve a claim that violates a regulation it doesn't know about.
2. Jurisdiction blindness — an LLM doesn't reliably know that "$0 down" lending claims are illegal in 7 states unless the rule is in its prompt.
3. Update lag — regulators update rules; LLMs need re-prompting against current rules every time.

The two-stage compliance check pairs a deterministic pre-filter with an LLM gate.

Stage 1 — Rule-based pre-filter (deterministic)

A regex/parser pass against the output. Flags any forbidden phrase, any required disclaimer absence, any jurisdiction-specific prohibition. Rules live in structured config (YAML/JSON), per category, per jurisdiction:

compliance_rules_v1.yaml:

healthcare:
  global:
    forbidden_phrases:
      - 'cure'
      - 'miracle'
      - 'guaranteed results'
    required_disclaimers:
      - id: 'individual_results_vary'
        text: 'Results may vary. Individual results are not typical.'
        trigger: 'any treatment outcome reference'
    required_with_claim:
      - claim_pattern: "FDA[\\s-]cleared"
        must_include: ['device classification', 'intended use citation']
  jurisdictions:
    california:
      forbidden_phrases:
        - 'doctor recommended'  # state medical board rule
      additional_disclaimers:
        - id: 'ca_medical_board'
          text: '[required CA-specific disclaimer text]'
    new_york:
      additional_required:
        - 'NY-specific consumer notice'

cannabis:
  global:
    forbidden_phrases:
      - 'treats anxiety'
      - 'cures pain'
    required_disclaimers:
      - id: 'fda_not_evaluated'
        text: 'These statements have not been evaluated by the FDA...'
  jurisdictions:
    colorado:
      ad_buffer_zones: ['1000ft from schools', '1000ft from playgrounds']
      forbidden_audiences: ['under 21']
    new_york:
      forbidden_phrases:
        - 'recreational use'  # NY-specific marketing rule

The pre-filter catches deterministic-rule violations before the LLM gate ever runs. Faster, cheaper, more reliable than asking an LLM "is this compliant?"

Stage 2 — LLM compliance gate (softer dimensions)

For outputs that pass the pre-filter, an LLM compliance gate evaluates softer dimensions: implied claims, ambiguous language, novel phrasings the rule list doesn't anticipate. The LLM gate's prompt:

You are a compliance gate for {category} content.
Rules below are the deterministic ruleset that already passed.
Your job: identify SOFTER compliance issues — implied claims,
novel phrasings, ambiguous language that could be interpreted
as violating the spirit of these rules.

Output:
- compliance_risk: low | medium | high
- specific_concerns: [{ concern, rule_implicated, severity }]
- recommended_action: approve | edit (with suggested edit) | reject

[RULES] {{ ruleset }}
[CONTENT] {{ output }}
[METADATA] category, jurisdiction, surface_type, claim_categories

Outputs at medium or high risk route to the compliance officer (Tier 3 per editorial governance). The LLM gate's rationale is logged with the routing decision.

The 6-step setup process

Step 1: Inventory your exposure (2-4 hours)

For your operation, list every category × jurisdiction combination. Example: a 200-location dental franchise operating in 35 states has 35 jurisdictional overlays for the healthcare category. A 50-location cannabis MSO operating in 8 states has 8 jurisdictional overlays for cannabis. Multi-vertical operators (e.g., a restaurant + alcohol franchise) need overlays per category × per jurisdiction. This inventory is the input to step 2.

Step 2: Author the global ruleset per category (4-8 hours per category, with legal review)

For each category, author the global ruleset (forbidden phrases, required disclaimers, required-with-claim patterns). Pull from federal regulator guidance documents (FDA, FTC, CFPB, etc.); industry associations' compliance guides; your existing compliance manual (if one exists); past enforcement actions in your category (these reveal what regulators actually flag).

Step 3: Add jurisdictional overlays per state + local (2-4 hours per state)

For each state your operation touches, author the additional rules that overlay the global ruleset. State medical boards, state cannabis boards, state insurance commissioners, etc. publish their advertising rules; ingest them as overlays. Local jurisdictions (NYC chains rule, San Francisco ordinances, etc.) get their own overlay layer below the state.

Step 4: Wire the pre-filter into the publish pipeline (4-8 hours)

The pre-filter sits BEFORE the brand-voice gate in the pipeline. Pseudocode:

draft = producer.generate(input, brand_spec, surface_metadata)

# Stage 1: deterministic compliance pre-filter
location_jurisdictions = get_jurisdictions_for_location(location_id)
applicable_rules = compose_ruleset(category, location_jurisdictions)
pre_filter_result = compliance_pre_filter.evaluate(draft, applicable_rules)

if pre_filter_result.has_hard_violations:
    reject_immediate(draft, pre_filter_result.violations)
    log_to_compliance_audit_trail(draft, pre_filter_result, decision="hard_reject")
    notify_producer_for_regeneration(draft, pre_filter_result.violations)
    return

# Stage 2: LLM compliance gate (softer dimensions)
llm_gate_result = compliance_llm_gate.evaluate(draft, applicable_rules, metadata)

if llm_gate_result.compliance_risk == "high":
    route_to_compliance_officer(draft, llm_gate_result, tier=3)
elif llm_gate_result.compliance_risk == "medium":
    route_to_compliance_officer(draft, llm_gate_result, tier=3)  # batched
# low risk → continue to brand-voice gate

# Continue to brand-voice gate for outputs that passed compliance
voice_gate_result = brand_voice_gate.evaluate(draft, brand_spec, surface_metadata)
# ... (rest of pipeline per how-to #2 + #3)

log_to_compliance_audit_trail(draft, pre_filter_result, llm_gate_result, decision)

The compliance audit trail is its own log, separate from the brand-voice audit trail. Different retention requirement (10+ years vs 7), different access controls (legal + compliance only), different schema.

Step 5: Build the regulatory-update monitoring loop (1-2 hours initial setup)

Regulators update rules. The compliance officer needs an alerting mechanism. Options: subscribe to a commercial regulatory-monitoring service (JD Supra, Bloomberg Law, FoodSafetyTech for restaurant, etc.); set up Google Alerts for state-specific regulator names + advertising rule changes; engage outside counsel for periodic rule-set review (quarterly minimum). When a rule changes, the compliance officer reviews, updates the ruleset config (PR review), deploys, and triggers a re-evaluation of the affected outputs.

Step 6: Calibrate jurisdiction-aware loading (1-2 hours, then ongoing)

A franchise with 200 locations across 35 states does NOT run every output against every jurisdiction's rules. Naive design wastes compute and confuses the LLM gate. The jurisdiction-aware design tags each location with its jurisdiction (state + local where local rules apply); the compliance pre-filter loads the global ruleset + the location's specific jurisdictional overlay only; the LLM gate's prompt includes only the relevant jurisdictional context, not all 35.

The compliance audit log

For compliance, the audit log answers a specific class of question: "On 2026-03-14, you published a healthcare claim about [treatment X] at the Cherry Creek location. Show me your compliance review for that publication." Or: "Your franchise published a cannabis advertisement within 1,200 feet of a school in Denver. Show me how the geo-fence rule was enforced or why it wasn't." Or: "A consumer alleges your finance franchise made an APR claim that violated state lending limits. Show me the compliance gate's evaluation of that claim."

The audit log per output must include: the full output text; the compliance pre-filter result + rules evaluated; the LLM compliance gate's risk score + concerns (if any); the compliance officer's review decision (if routed); the location's jurisdiction at time of publish; the ruleset version at time of publish; timestamp + approver identity; linked evidence (master record state, local context state, brand spec version).

When a regulator subpoenas this, the franchisor's response is "here is the compliance evaluation for this specific output, including the rules that applied at the time and the human reviewer's decision." That is the regulatory defense.

Validation

Three signals to monitor weekly for the first 90 days:

1. Pre-filter hit rate by category × jurisdiction. Should be 1-3% of outputs (deterministic violations are uncommon at steady state once producer prompts are tuned). Higher means producer prompts need tightening.
2. LLM gate medium/high routing rate. Should be 0.5-2% of outputs. Higher means rule schema may be ambiguous OR producer is generating consistently borderline content; either tighten producer prompt or expand pre-filter rules.
3. Compliance officer override rate. When the gate routes to compliance officer, how often does the officer override (publish anyway)? Should be <15% — higher means LLM gate is too aggressive; calibrate.

What this layer does NOT do

• Not legal advice. The architecture enforces what the rules specify; it does not author the rules. General counsel owns rule content.
• Not a replacement for the compliance officer. The compliance officer remains essential. The system makes their job tractable at scale.
• Not a guarantee against enforcement. Regulators interpret rules; some interpretations surface only in enforcement actions. The system reduces enforcement risk; it does not eliminate it.
• Not optional for regulated categories. A healthcare franchise running auto-publish without a compliance gate is a regulatory bomb waiting to detonate.

What this gets you

A compliance enforcement system that scales with operation size without scaling compliance-officer headcount proportionally. A regulator-facing audit trail that answers "show me your review for this output" with structured evidence. A jurisdiction-aware enforcement pattern that adds new states as explicit operations, not afterthoughts. A two-stage check (deterministic + LLM) that catches both the deterministic violations and the softer implied-claim risks.