Notifications
Clear all
Topic starter
10/06/2026 10:36 pm
TL;DR: Automated KYC, AML screening, and document verification across 220+ countries and territories are being combined by Approvely and SumSub to give regulated gaming merchants a single path from onboarding to checkout, according to SumSub. The real issue is not verification speed alone, but whether identity controls can keep fraud, jurisdictional complexity, and payment flow aligned without creating compliance blind spots.
NHIMG editorial — what this means for NHI practitioners
Questions worth separating out
Q: How should security teams handle verification in regulated payment onboarding?
A: They should treat verification as part of the access decision for the payment flow, not as a disconnected front-end formality.
Q: Why do cross-border merchants struggle to keep identity controls consistent?
A: Because each jurisdiction can impose different verification expectations, screening depth, and evidence requirements.
Q: What breaks when fraud screening and payment approval are managed separately?
A: The programme loses a shared view of risk.
Practitioner guidance
- Map verification to transaction controls Define where KYC, AML screening, and document checks must complete before a payment session can progress.
- Standardise jurisdiction rules in one policy model Document which verification standards apply across countries and territories, then enforce them consistently across merchant cohorts.
- Separate low-risk and high-risk user paths Use risk signals to decide when a user can stay on the fast path and when manual review is required.
What's in the full announcement
Sumsub's full article covers the operational detail this post intentionally leaves for the source:
- How the embedded KYC and AML workflow fits into Approvely's onboarding and payments stack.
- The merchant-facing compliance and fraud outcomes the partnership is intended to support across regulated markets.
- The jurisdictions and verification capabilities that underpin the claimed cross-border coverage.
- The exact integration context for gaming merchants that need a direct path from verification to checkout.
👉 Read Sumsub's partnership analysis for regulated payment onboarding and verification →
KYC in regulated payments: what the Approvely and Sumsub tie-up means?
Explore further
11/06/2026 2:42 am
Customer identity in regulated payments is becoming part of NHI-style governance, even when the subject is human. The same control tension appears here: systems need to know who or what is being trusted before access to a payment path is granted. When onboarding and transaction processing are coupled, identity assurance becomes an operational prerequisite rather than a separate compliance task. Practitioners should treat customer verification as a governed access decision, not just a fraud check.
A few things that frame the scale:
- 92% of organisations expose NHIs to third parties, raising concerns about supply chain security, according to Ultimate Guide to NHIs.
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
A question worth separating out:
Q: Who should own identity governance in high-risk payment environments?
A: Ownership should be shared across IAM, fraud, compliance, and payments teams, but one decision model must govern the user journey. If each group controls a separate checkpoint, exceptions multiply and accountability blurs. The governance question is not who runs the tool, but who defines the policy and who can approve exceptions.
👉 Read our full editorial: Approvely and Sumsub standardise KYC for regulated payment onboarding
