The Nutrition Assistance Integrity vertical is a new attestation profile on the existing JIL Sovereign Verdict Engine, with SNAP as the lead use case. It binds twenty-eight statutory and behavioral checks to a named policy profile (snap.v1) and produces a Court Ready Evidence Bundle anchored on CourtChain L1 for every flagged transaction, every disqualified retailer, and every skimming reimbursement claim.
The vertical is positioned as the tenth on the canonical site list. It composes alongside the Pre-Settlement Fraud Attestation pillar (real-time authorization) and the Retroactive Verification pillar (historical scan), without altering the architecture of either pillar. The verdict engine is unchanged; the rules are new; the data sources are mostly public federal feeds.
The vertical is SNAP-first. Phase 2 through Phase 4 expansion extends the same Verdict Engine to WIC, school nutrition, and child nutrition programs across the USDA FNS portfolio without architectural change.
All SNAP transactions on EBT cards issued by participating state agencies. Retailer authorization, basket eligibility, trafficking detection, skimming detection, cardholder eligibility drift.
WIC (state-specific Authorized Product List handling, voucher and eWIC card flows under 42 U.S.C. § 1786). School Nutrition Programs (institutional billing model under 42 U.S.C. § 1751, not EBT card-based). Child Nutrition (CACFP and SFSP under 42 U.S.C. § 1761 and § 1766, sponsor and site-level reimbursement model).
| Authority | Subject |
|---|---|
| 7 U.S.C. § 2011 et seq. | Food and Nutrition Act of 2008 (primary SNAP statute) |
| 7 U.S.C. § 2012(k) | Definition of "food" for SNAP eligibility purposes |
| 7 U.S.C. § 2013 | Establishment of SNAP and benefit delivery via EBT |
| 7 U.S.C. § 2024(b) | Criminal penalties for trafficking |
| 7 CFR Part 271 | General information and definitions, including "traffic" |
| 7 CFR Part 278 | Participation of retail food stores, authorization, and disqualification |
| 7 CFR Part 274 | Issuance and use of program benefits |
| CAA 2023 § 501 | Skimming reimbursement framework (state replacement of stolen benefits) |
| PRWORA § 824 | EBT system requirements, codified at 7 U.S.C. § 2016 |
Twenty-eight checks across five signal categories. Each check binds to a statutory citation, fires either pre-settlement (block, hold) or retroactively (score, audit), and contributes a documented evidence chain to the CREB output.
| ID | Check | Authority | Action |
|---|---|---|---|
| SNAP.A.01 | Retailer FNS-authorized at time of transaction | 7 CFR 278.1 | Block |
| SNAP.A.02 | Retailer not under active disqualification | 7 CFR 278.6 | Block |
| SNAP.A.03 | Retailer not under pending administrative action | 7 CFR 278.8 | Hold |
| SNAP.A.04 | Stocking depth attested across 4 staple food categories | 7 CFR 278.1(b)(1) | Score |
| SNAP.A.05 | Authorization category matches transaction profile | 7 CFR 278.1(b)(1)(i) | Audit |
| SNAP.A.06 | Terminal-to-retailer binding integrity verified | 7 CFR 274.8 | Hold |
| ID | Check | Authority | Action |
|---|---|---|---|
| SNAP.B.01 | All basket UPCs on canonical SNAP-eligible food list | 7 U.S.C. § 2012(k) | Hold |
| SNAP.B.02 | No alcoholic beverage UPC present | 7 U.S.C. § 2012(k)(3) | Block |
| SNAP.B.03 | No tobacco UPC present | 7 U.S.C. § 2012(k)(2) | Block |
| SNAP.B.04 | No hot-prepared food UPC present (where flagged) | 7 U.S.C. § 2012(k)(1) | Hold |
| SNAP.B.05 | No non-food UPC present | 7 U.S.C. § 2012(k) | Hold |
| SNAP.B.06 | No vitamin, supplement, or medicine UPC (FDA Supplement Facts panel) | 7 U.S.C. § 2012(k) | Hold |
| SNAP.B.07 | Transaction total within remaining benefit balance | 7 CFR 274.7 | Block |
| ID | Check | Authority | Action |
|---|---|---|---|
| SNAP.C.01 | Round-dollar transaction density (retailer-level) | 7 CFR 271.2 · traffic | Score |
| SNAP.C.02 | Manual key-entry ratio above peer benchmark | 7 CFR 278.6(e)(1) | Score |
| SNAP.C.03 | Multiple max-value swipes within window | 7 U.S.C. § 2024(b) | Hold |
| SNAP.C.04 | Geographic cluster anomaly (retailer + neighbors) | 7 CFR 278.6(b) | Score |
| SNAP.C.05 | Repeat amount pattern (e.g., consistent $40 swipes) | 7 U.S.C. § 2024(b) | Score |
| SNAP.C.06 | Basket-size deviation from stocking profile | 7 CFR 278.6(e)(1) | Score |
| SNAP.C.07 | Cross-retailer coordinated pattern detection | 7 U.S.C. § 2024(b) | Audit |
| ID | Check | Authority | Action |
|---|---|---|---|
| SNAP.D.01 | Geographic anomaly vs. 90-day baseline (skim signal) | CAA 2023 § 501 | Hold |
| SNAP.D.02 | Velocity spike (multiple swipes per minute) | CAA 2023 § 501 | Hold |
| SNAP.D.03 | Time-of-day anomaly (e.g., 3am at convenience store) | CAA 2023 § 501 | Score |
| SNAP.D.04 | Card not flagged as compromised in shared registry | CAA 2023 § 501 | Block |
| SNAP.D.05 | Out-of-state usage paired with home-state activity (cloning signal) | CAA 2023 § 501 | Hold |
| ID | Check | Authority | Action |
|---|---|---|---|
| SNAP.E.01 | Household composition validated against current case file | 7 CFR 273.2 | Audit |
| SNAP.E.02 | Dual-state issuance detection (cross-state PARIS match) | 7 CFR 272.13 | Audit |
| SNAP.E.03 | ABAWD work requirement compliance, where applicable | 7 U.S.C. § 2015(o) | Audit |
The SNAP profile draws from seven distinct data feeds. Four are public federal feeds available without contractual access. Three require integration agreements with state agencies, processors, or GS1 licensees. All feeds load into the customer-side Verdict Engine; raw data does not transit JIL infrastructure.
Canonical list of all FNS-authorized retailers nationally. Includes FNS number, address, store category (A, B, C, restaurant), authorization status, and disqualification status.
List of retailers under FNS administrative action, including disqualification effective date, reason code, and appeal status. Sourced from FNS Office of the Inspector General publications.
Universal Product Code mapped to SNAP-eligible food category, including alcohol flag, tobacco flag, hot-prepared flag, supplement flag, and non-food flag. Augmented by retailer-provided eligible product lists where available.
Live ISO 8583 authorization messages from the EBT processor. Includes FNS number, transaction amount, terminal ID, card identifier (hashed), basket detail where supported by terminal, time, and geolocation.
Household composition, income recertification status, work requirement applicability, issuance status, and benefit balance per case. Used for Category E (eligibility drift) checks. Strictly retained in customer-side enclave.
Public Assistance Reporting Information System file for dual-state issuance detection. Quarterly cross-state matching of SNAP rolls operated by HHS/ACF.
Supplementary source for product categorization, ingredient classification, and FDA Supplement Facts panel attestation. Used to resolve ambiguous UPCs to SNAP eligibility category.
Cross-state shared registry of cards reported as skimmed, cloned, or compromised. Maintained as a privacy-preserving Bloom filter on the SCN, surfaced only on positive match.
The Verdict Engine deploys in three topologies depending on the customer surface: directly inside the EBT processor (Pattern A, lowest latency), inside the state agency Snowpark or JIL Cloud enclave (Pattern B, retroactive primary), or as a federal channel deployment supporting USDA OIG (Pattern C, forensic primary).
The Verdict Engine runs as a sidecar to the processor's authorization switch. ISO 8583 authorization messages branch on a tap, the Verdict Engine returns a verdict within the latency budget, the processor decisions based on the verdict (allow, hold, block). Verdict roundtrip is fully synchronous with authorization. Production target: 99.95th percentile under 800ms end-to-end.
The Verdict Engine runs in the state's Snowpark Container Services environment or JIL Cloud EKS environment. Authorization data streams from the processor under a state agency data sharing agreement. Verdicts are produced asynchronously, with retroactive scan as the primary mode and quasi-real-time alerts as the secondary mode. Used where state owns the data but does not own the rail.
The Verdict Engine runs in a JIL Cloud federal-cleared environment (FedRAMP Moderate or High, depending on data classification). Historical EBT data from USDA FNS or USDA OIG is loaded for forensic scan. Used for trafficking case development and administrative disqualification packages. Air-gap variant available for OIG sensitive cases.
# Pattern A · EBT Processor In-Line (high level) processor_switch │ ├──→ authorize() # normal path, returns to terminal │ └──→ tap ──→ VerdictEngine │ ├── load: DS.01, DS.02, DS.03, DS.07, DS.08 ├── evaluate: snap.v1 (28 checks) ├── score: trafficking + skim └── emit: {verdict, evidence_chain, anchor_ref} │ ├──→ PoCS receipt # cleared ├──→ CREB.issue() # held or blocked └──→ CourtChain.anchor() # 14/20 BFT seal
End-to-end verdict roundtrip from ISO 8583 message arrival to verdict emission, decomposed across five stages. Total latency budget is 800ms at the 99.95th percentile. Production target is 350ms median.
ISO 8583 tap, parse, normalize. Cache warm-up.
Lookup retailer, cardholder baseline, UPC eligibility, compromised registry.
Run 28 SNAP checks in parallel. Aggregate to verdict.
Quorum signing across SCN validators (async path for CREB).
Return verdict to processor. PoCS or CREB queued.
The Court Ready Evidence Bundle issued under the SNAP profile follows the canonical CREB anatomy, with three SNAP-specific extensions: the statutory citation chain, the FNS-anchored retailer identity, and the state agency disposition routing slip. Sample structure:
CREB { "creb_id": "CREB-2026-SNAP-7F4A2D", "profile": "snap.v1", "issued_at": "2026-05-12T14:33:21Z", "subject": { "transaction_id": "EBT-CONDUENT-X8843921", "fns_number": "0153729", "retailer_name": "[REDACTED PER 7 CFR 272.1(c)]", "amount": 78.42, "cardholder_hash": "sha3-256:..." }, "checks_executed": 28, "checks_failed": [ {"id": "SNAP.B.02", "statute": "7 U.S.C. § 2012(k)(3)", "evidence": "UPC 0123456789012 flagged ALCOHOL"}, {"id": "SNAP.C.01", "statute": "7 CFR 271.2", "evidence": "Round-dollar density 0.84 retailer trailing 30d"} ], "verdict": "HOLD", "anchor": { "chain": "CourtChain L1", "block": 8843921, "tx_hash": "0x9347e...971e8" }, "quorum": { "scheme": "14-of-20 BFT", "validators_signed": 17, "jurisdictions": ["US","CH","UAE","SG","BR","..."] }, "crypto": "Ed25519 + Dilithium-III (ML-DSA-65)", "retention": "15+ years, customer Secure Document Vault", "admissibility": "FRE 902(14)", "disposition_routing": { "state_agency": "TX HHSC", "processor": "Conduent", "fns_region": "Southwest" } }
| Element | Specification |
|---|---|
| Customer | State EBT agency or USDA OIG |
| Duration | 30 to 60 days, kickoff to delivery |
| Data scope | 90 days to 4 years of historical EBT transaction data |
| Deployment | Customer-side Snowpark Container or JIL Cloud enclave |
| Scan rate | 100M records in 10 to 20 minutes |
| Coverage | 100% scan, not sample |
| Deliverable | CREB library, retailer dossier, cardholder dossier, executive summary |
| Pricing | Tier 1 flat fee, $150K to $750K by program size |
| Success criteria | Documented trafficking patterns at retailer-level, CREBs delivered for each pattern, OIG-ready referral packages where applicable |
| Element | Specification |
|---|---|
| Customer | EBT processor or state EBT switch |
| Duration | 90 days, integration + cohort run |
| Cohort | Defined pilot retailer subset (suggest: convenience-store cohort, ≤ 500 stores) |
| Deployment | Pattern A · in-line sidecar at processor switch |
| Latency | Sub-800ms p99.95, sub-350ms median verdict |
| Integration | ISO 8583 tap, Kafka or MQ adapter, response channel |
| Deliverable | PoCS receipts for cleared, CREB for held or blocked, dashboard, weekly trafficking reports |
| Pricing | Per-attestation SKU + one-time integration fee |
| Success criteria | Verdict SLA met, false positive rate ≤ 1.5%, ≥ 3 documented trafficking blocks per pilot week at scale |
The following decisions require founder-level sign-off before the Nutrition Assistance Integrity vertical page goes live on jilsovereign.com and before the technical scope is socialized with prospective channel partners.