Removing a user from a group that has sudo privileges leaves the user with those privileges until they log out.
UserA is added to GroupA
GroupA is configured in the sudoers file.
UserA is then removed from GroupA while still logged in.
UserA retains the privileges as if they were still a member of GroupA until they log out.
The group membership is automatically loaded into memory when the user logs in and is not removed until the user logs back in again.
Sudo simply processes sudoers and tries to match the user's current attributes against the rule set.
If NOPASSWD is defined in the rule, then it will not attempt to refresh the group membership by re-authentication.