It looks like it doesn't. You might find alternative solutions like this user here*, but there is no guarantee any of it to work indefinitely on GrapheneOS. It's essentially a modified aftermarket firmware, and so, many security related features don't work out of the box, for example, the SafetyNet that many banking apps need.
"Many" safety features don't work? My understanding is that Google unsafetynet is the *only* thing that doesn't work because it's by-design trying to detect if the OS has been modified (or completely reinstalled in this case) by the user. It's like you would install a fresh Windows and now it says your device is no longer secure because you used your access to install something at the OS level and the warranty seal is broken. It's obviously bullshit but the impact on app support is how they keep the majority of people afraid of doing this. Any developer that adds "Google Safetynet" is imo complicit in this
Conversely, there are many safety features in GrapheneOS that don't exist on stock, and they're not the security-through-obscurity type that safetynet employs. As noted in the docs, they often find security issues just by people trying to use an app with these default-enabled extra checks: https://grapheneos.org/usage#bugs-uncovered-by-security-feat...
From the user's perspective though, however safe is GrapheneOS, the banking app won't work, Google Pay won't work, Google Play asks a good bunch of questions and might work only some of the time, and the bootloader cannot verify the OS, it will say that there is something unknown on the device, on every restart and powerup.
I know what I'm doing so I don't mind these at all, but they need to be considered when planning with GrapheneOS.
*: https://www.reddit.com/r/GrapheneOS/comments/1jujvee/finally...