Thanks everyone. Yes this was the problem. It would make a good SK. Below, I have the Application Blade here because I'm not going to remove the Application policy until I know my inline layers are working.
However, I needed to click the menu to the right of the Security Blade in Access Control, and choose Edit Layer. From there I had to enable the Application and URL "Blade" inside the Security "Blade".
This was a very easy mistake to make and a hard one to fix, and it was a big deal for one customer and would have been a huge deal for the next if I didn't find the check box. Probably the best thing would be for Check Point to not allow you to install policy to a Security Blade with Inline Application Control rules if App & URL Filtering aren't checked.