When running CA Access Gateway (SPS) acting as a Provider, does the Policy Server still verify that the user still exists in the User Directory and will it verify if the password (login) will be attempted?

At first glance, yes, the Policy Server will lookup the user from the User Directory configured, and it will check also the current user Session from the Session Store if there's one.

But it won't check the password. The password will only be checked when the user login the first time.