NTLM Acceptor does not authenticate credentials

Maybe I'm doing something wrong here but it doesn't look like the NTLM security package is validating the credentials at all as an acceptor. It does a few things like validate the bindings or the encrypted random session key but I cannot see it verifying the NT hash received matches the known credential provided in the inbound credential handle.