Скриншот сайта sumsub.com
Voter verification in the upcoming Coordination Council elections, which begin on May 11, will be carried out by Sumsub. As “Nasha Niva” found out, the company has Russian founders and acknowledged a data breach in 2026.
To participate in the voting, Belarusians will have to photograph their passport and themselves. These data will be sent to Sumsub.
“They are covered with a wide variety of trust certificates. Neither we, the developers of the voting system, nor the election commission have access there. No one can go there and look at these photos. Could they themselves pass the data to someone? I doubt it. They use encryption on their side already. They work with fairly large companies. For them, any leak story would be fatal. We chose the biggest, best-known company. So that it would be impossible to put pressure on them,” explained Pavel Liber in an interview with Radio Svaboda, explaining the choice of contractor for data processing.
According to “Nasha Niva”, the company was founded in 2015 by three brothers with the surname Severukhin, who today call themselves Severs. Its development offices were originally located in Russia. At least until 2021, Sumsub used document recognition technology from the Russian company Smart Engines, whose developments are used, among other places, in Russian airports. At the same time, Smart Engines was developing AI technologies for the military.
After the start of the full-scale invasion, Sumsub announced that it had stopped working with Russia and Belarus and had switched from Smart Engines technology to another solution, but only after pressure from journalists and Ukrainian cybersecurity companies.
At the beginning of 2026, the company was forced to admit that third parties had been present in its system for almost a year and a half — since 2024 — leading to the compromise of user data.
Formally, Sumsub positions itself as a British company, although its British legal entity belongs to a Cyprus-based structure whose real beneficiaries are unknown to the authors.
The head of the development team for the voting platform in the upcoming elections, Pavel Liber, after questions from “Nasha Niva”, acknowledged the need for an additional review and announced an unscheduled open meeting of the Coordination Council election commission.
“Our technical team (in this case I am responsible for this decision) selected a market leader that has the necessary security certificates, and tests were also conducted on the quality of recognition.
Sumsub is an international company headquartered in London, which Gartner recognized as a leader in the KYC field; it is also GDPR compliant (meaning the company adheres to European Union rules on the collection and storage of personal data. — NN), has joint projects with Interpol (in reality, a ‘joint project with Interpol’ was a conference appearance attended by Interpol employees. — NN), the UN, and performed well in all document-recognition tests.
I worked with this company, including through commercial projects, and there were never any questions about the quality of its service. In 2022, the company refused to work with Russia and Belarus.
As for data security, we asked them separately about this issue — for European companies, Sumsub uses an AWS data center in Germany (with encrypted storage for sensitive data) to ensure GDPR compliance.
As for the question of beneficiaries, we ourselves need to clarify these details and discuss this information with the election commission, since it directly affects the security and ethics of using Sumsub — we will conduct a review.
In addition, today we will hold an unscheduled meeting with the Central Election Commission to discuss this situation; the meeting will be open.
At the same time, we checked once again that Sumsub itself states it ceased working with Russia and Belarus in 2022 and stopped working with Smart Engines that same year in favor of its own technology.
We are verifying the remaining information,” he said.