To complete the answer from John Rotenstein.

A stateless machine, service, or component does not retain information about the state of a session or transaction after it has been processed.

Thus, in the case of the NACL, it can't work on OSI layer 4 as it can't record session begin and end. However it have nothing to do with the fact that NACL block traffic by default, this is because it's policy is "deny by default".

To answer the original question, it seems that NACL are stateless in order to avoid unintended complexity while optimizing bandwidth as is the AWS mindset (simplexity).