Threat Cloud Protections are enforced with the Pattern Matcher while core protections are implemented with the protocol parser and inspection settings in some lower levels of the NGTP engine.
In R77.30 and earlier access control policy had to be pushed anyway to enforce IPS. So, I believe that when we moved IPS to be part of Threat Prevention, we actually moved only the Threat Cloud protections, but the core protections still stayed with the access control because they are enforced in a different place than the actual IPS signatures are.
Inspection Settings and Geo Policy are not actually part of the IPS (Inspection settings used to be called engine settings in R77.x) and also enforced with the access control policy.
This is my understanding, but as I'm not R&D I cannot answer in any more detailed why this kind of separation exists. If someone has better understanding, please comment. 🙂