Sumsub's new integration with the Model Context Protocol, the open standard that lets AI assistants take actions inside other apps, lets Claude and ChatGPT write verification levels, risk questionnaires, and onboarding flows directly into a customer's identity verification…
The shift shows up first as a workflow. A compliance team uploads its anti-money-laundering (AML) policy PDF to Claude or ChatGPT, and the model returns a configured Sumsub dashboard: verification levels, weighted risk questionnaires, country-specific onboarding flows, no solutions architect in the loop. The compression, policy document to live configuration in minutes rather than days, is the actual story. The actual story runs on a protocol, not a product.
That protocol is the Model Context Protocol (MCP), an open standard originated by Anthropic and now also used by ChatGPT that lets an AI model take real actions inside other applications rather than only answering questions about them. Sumsub's June 18 announcement is the first time a major identity-verification and AML platform has exposed its full configuration layer through MCP, with open-source agent skills installable from GitHub. The company also says it is the first verification platform officially listed inside the ChatGPT Apps marketplace.
The "first" framing belongs to Sumsub, not to an independent arbiter. None of the larger competitors in identity verification, including Persona, Onfido, Jumio, Veriff, and Trulioo, had a comparable MCP launch on record as of this writing, but absence of a launch is not the same as independent confirmation of a lead. The mechanism itself is independently verifiable. The MCP server at api.sumsub.com/mcp/ is documented, role-based, and gated by human approval for sensitive configuration changes, with changes executing in an isolated sandbox.
Policy-to-configuration is the actual headline. A customer can hand the agent an AML policy containing weighted country risk brackets, conditional rules, and tiered due-diligence thresholds, and the agent translates that document into the corresponding verification levels and onboarding flows inside Sumsub's dashboard. Andrew Novoselsky, Sumsub's Chief Product Officer, called it "a fundamentally different category" of capability in the announcement. The phrasing matters because it is also accurate. Earlier integrations let agents read verification status or summarize a case. This one lets the agent author the configuration that decides who gets verified, how strictly, and against which rules.
This is also the second chapter of a strategy Sumsub started writing in February. The company's Summy AI Copilot, launched February 17, 2026, was framed by Sumsub as a productivity multiplier of up to roughly 3x for fraud and compliance investigators, a figure that is the vendor's framing and not an independent benchmark. The MCP launch extends that agentic layer from reading cases to writing configuration, and both moves rest on the company's Identity Fraud Report 2025-2026 finding that multi-step AI-powered fraud schemes rose 180% year over year in 2025. Sumsub's argument is that fraud has moved into the agent era, and compliance has to follow.
The implication runs beyond Sumsub. If MCP becomes the default interface through which regulated SaaS exposes its setup layer, then policy documents stop being static reference material and become deployable artifacts that any connected model can execute. Three consequences follow, and compliance leads should be asking about each now.
Accountability. When a model misreads a country risk bracket or hallucinates a threshold, the regulated institution is still on the hook to its regulator. Sumsub's documentation makes clear that configuration changes require human approval and run in a sandbox, which is good, but the upstream question is who reviews the agent's translation of a policy before it ever reaches the approval gate. A fundamentally different category of capability, in Novoselsky's phrasing, also produces a fundamentally different audit trail.
Lock-in. Configuring Sumsub from a PDF is convenient, but the more compliance logic an opaque model embeds inside one vendor's data model, the harder it becomes to switch platforms or for a regulator to reconstruct the rule set. MCP is open. The skills catalog on Sumsub's GitHub repository is open. The configuration schema, and a customer's accumulated prompt-shaped logic, lives inside Sumsub.
Scope creep. The "agentic" label is doing work in the announcement. What is actually launching is a well-instrumented integration with a defined action set and human approval, not a free-roaming agent rewriting compliance policy at will. The distinction matters for regulators, who are likely to evaluate the system on what it can actually do, not on what the marketing says.
For compliance leads, the practical question is concrete. Ask every regulated vendor on the stack whether they expose setup via MCP-style protocols, who reviews the agent's translation of the policy, and what the rollback path is when the model gets a rule wrong. Treat the AML policy PDF not as a document that lives with legal, but as a deployable artifact that any connected agent can read and, increasingly, write. The vendors that expose this surface first will also absorb the regulatory scrutiny first, and Sumsub, by its own claim, is now that vendor.