CKYC Rejections CERSAI Errors Operations Fix | By HSS Technology Team | May 9, 2026 | 13 min read

Why CKYC Records Get Rejected by CERSAI - And How to Fix Them Before Submission

A rejection from CERSAI is not just a technical failure. It means delayed onboarding, rework at 3 to 5 times the original processing cost, and a compliance clock still ticking. This guide breaks down every rejection category, gives you the exact error reasons, and shows you how to catch each one before the API call.

In this article

1. The Real Cost of a CKYC Rejection
2. The Three Rejection Categories
3. Category 1: Document Validation Failures
4. Category 2: Data Validation Failures
5. Category 3: Rejected by CERSAI
6. Rejection Categories at a Glance
7. The Pre-Submission Checklist That Eliminates Most Rejections
8. Benchmark: What Good Looks Like
9. Frequently Asked Questions

The Real Cost of a CKYC Rejection

Most NBFC operations teams track their CKYC rejection rate as a percentage. Few track what each rejected record actually costs. The direct API resubmission is the smallest part of it.

When a CKYC record is rejected, the operations team must: identify the rejection reason from the error response, trace it back to the source data or document, coordinate with the branch or onboarding agent who collected the record, re-collect or re-process the document or data, validate the fix, and resubmit. Each step involves people, time, and systems. The customer is waiting throughout. If the rejection happens at the document cropping stage, the entire KYC collection may need to be repeated.

🚨

The 3-to-5x rework multiplier Industry data consistently shows that CKYC rejection rework costs 3 to 5 times the cost of a first-time-right submission. For an institution processing 10,000 CKYC records per month at a 15% rejection rate, the rework cost on 1,500 rejected records typically exceeds the total cost of processing the other 8,500 combined. Reducing rejection rates from 15% to 2% is not an incremental improvement - it is a fundamental change in the economics of the CKYC function.

3-5x

Cost multiplier for rejection rework vs first-time-right submission

3

Distinct rejection categories - each with different causes and fixes

99%+

First-time-right rate achievable with pre-submission validation

80%

Of rejections are document quality issues - entirely preventable

The Three Rejection Categories

CERSAI's rejection system operates at three distinct processing stages. Understanding which stage a rejection occurs at is essential - it tells you not just what went wrong, but where in your workflow to intervene.

Category	Stage	API Error Response	Who Catches It
1 - Document Validation	During document cropping and image processing	error: "Document Validation Failed"	CERSAI image processing system
2 - Data Validation	During data entry and field validation	error: "Data Validation Failed"	CERSAI data processing system
3 - CERSAI Rejection	Final CKYCRR registration check	error: "Rejected by CERSAI"	CKYCRR core registry

📌

All three return HTTP 400 with status: false All rejection responses return a 400 Bad Request with a JSON body containing status: false, the customer_id, the error category, the specific reason string, and the transaction_id. The reason field contains the detailed rejection text from CERSAI - this is your primary diagnostic tool.

Category 1: Document Validation Failures

1

Document Validation Failed

Rejected during cropping - image processing stage

This is the most common rejection category and the most expensive to fix - because by the time CERSAI returns the error, the customer has already gone through onboarding and the document may need to be physically re-collected. Every document validation rejection is a failure that could have been caught before the API call.

Rejection Reasons

• - Photo is blurry or low resolution
• - POA is blurry or unreadable
• - POA name does not match form
• - POA front page not available
• - POA not available in submission
• - Aadhaar number not masked
• - Document exceeds 1MB file size
• - Invalid file format submitted

Pre-Submission Fix

• + Validate image resolution min 200x200px
• + Check file size before base64 encoding
• + Confirm POA name matches form name field
• + Verify POA front page is included
• + Check document array is not empty
• + Mask Aadhaar - submit last 4 digits only
• + Compress images to stay under 1MB total
• + Only accept JPG, JPEG, PNG, PDF

⚠️

The Aadhaar masking rule is non-negotiable Since CKYCRR 2.0, submitting an unmasked Aadhaar number in a document is both a document validation failure and a DPDP Act compliance violation. The DocumentNumber field for Aadhaar (Type 04) must contain only the last 4 digits. The document image itself must also have the first 8 digits obscured. Both the field and the image are checked independently.

Document Type Code Quick Reference

Code	Document	DocumentNumber Field	Common Rejection Cause
02	Photograph	Use "02" as placeholder	Blurry, low resolution, face not clearly visible
04	Aadhaar Card	Last 4 digits only	Full number submitted, image not masked, front page missing
05	Passport	Full passport number	Expired passport, data page not included
06	Driving Licence	Full DL number	Partial document, lamination causing glare
07	Voter ID	Full Voter ID number	Old format card, text not legible
08	NREGA Job Card	Full card number	Handwritten entries not legible

Category 2: Data Validation Failures

2

Data Validation Failed

Rejected during data entry - field validation stage

Data validation failures occur when the structured fields submitted in the JSON payload fail CERSAI's data rules. These are entirely preventable - every validation rule is documented and can be enforced pre-submission. The most common cause is source data arriving from branch systems without standardisation.

Rejection Reasons

• - Father or Spouse name not available
• - Pincode not available or invalid
• - Special characters in name fields
• - Date not in DD-MM-YYYY format
• - KYC date before declaration date
• - Future date submitted
• - Invalid state code value
• - Applicant under 18 years of age

Pre-Submission Fix

• + Enforce Father or Spouse name as required
• + Validate pincode as exactly 6 digits
• + Strip all non-alpha characters from names
• + Enforce DD-MM-YYYY on all date fields
• + Check KYC date is on or after declaration date
• + Reject any date later than today
• + Validate state against CERSAI approved list
• + Calculate age from DOB - reject if under 18

Field Validation Rules Reference

Field	Allowed Values	Max Length	Common Error
Prefix	MR, MS, MRS	10 chars	Mr. with period, lowercase
First_Name, Last_Name	Letters and spaces only	50 chars	Numbers, hyphens, dots in name
Date_Of_Birth	DD-MM-YYYY, not future	10 chars	YYYY-MM-DD format, slashes used
Gender	M or F only	1 char	Male, Female, m, f submitted
PAN_Card	Valid PAN or "Form60"	10 chars	Lowercase pan, spaces included
Marital_Status	M or U only	1 char	Married, Unmarried text submitted
CP_Pincode	Exactly 6 digits	6 chars	5 digits, spaces, dashes
Applicant_Declaration_Place	Letters and spaces only	50 chars	Commas, dashes in city name
KYC_Verification_Emp_Code	Letters and numbers only	20 chars	Slashes, spaces in emp code

Running manual data validation before each submission?

HSS's pre-submission engine validates every field and document against CERSAI rules automatically - before the API call is ever made. Our clients consistently achieve first-time-right rates above 99%.

See How It Works

Category 3: Rejected by CERSAI

3

Rejected by CERSAI

Final CKYCRR registration check - hardest to diagnose

Category 3 rejections occur at CERSAI's core CKYCRR registry after the document and data validation stages have passed. These are the hardest to catch pre-submission because they involve CERSAI's internal business rules - some of which are not explicitly documented. They are also the most damaging because by the time they occur, the record has already passed two validation stages and the operations team believes the submission is complete.

Rejection Reasons

• - Mother name prefix missing
• - Junk values detected in record fields
• - Duplicate Customer ID in system
• - Invalid applicant type submitted
• - CKYC ID missing for update records
• - Name field exceeds character limit
• - Multiple records in single submission
• - Invalid residential status code

Pre-Submission Fix

• + Always include Mother name prefix field
• + Purge test data, NA, null from all fields
• + Run Search API first to check existing record
• + Only submit "Individual" as applicant type
• + Include CKYC_ID field when updating
• + Enforce 50-char limit on all name fields
• + Submit exactly 1 record per API call
• + Use valid codes: 01, 02, 03, or 04 only

💡

The junk values trap One of the most persistent Category 3 rejection causes is "junk values detected in the record." This means fields contain placeholder text like "NA", "N/A", "null", "0", "test", or similar strings that were not removed before submission. This typically happens when source data is pulled from CBS or LMS systems that use these values for empty fields. A pre-submission data scrub that replaces junk values with genuinely empty strings eliminates this rejection reason entirely.

Rejection Categories at a Glance

The infographic below maps all three rejection categories side by side - their frequency, common causes, and the pre-submission fixes that prevent each one.

The Pre-Submission Checklist That Eliminates Most Rejections

Every rejection category above has one thing in common: it could have been caught before the API call. The following pre-submission checklist, implemented as automated validation in your onboarding pipeline, will eliminate the vast majority of CKYC rejections.

Pre-Submission Validation Checklist

Document Checks

Photo resolution minimum 200x200px. Each document under 1MB total. File format is JPG, JPEG, PNG or PDF only. Aadhaar DocumentNumber is last 4 digits only. POA document is present and front page included. POA name matches name in form fields.

Name Field Checks

No special characters - letters and spaces only. No digits in name fields. All name fields under 50 characters. Prefix is MR, MS or MRS only. Father or Spouse first name is present. Mother name prefix is present.

Date Field Checks

All dates in DD-MM-YYYY format. No future dates in any field. Applicant age is 18 or above from DOB. KYC verification date is on or after declaration date. Dates are valid calendar dates.

Address Field Checks

Pincode is exactly 6 numeric digits. State code is in CERSAI approved list. If CL flag is N, all CL fields are populated. Address lines are under 50 characters each. No special characters in address fields.

System-Level Checks

Customer ID not already in system. Run Search API before Generation. Only 1 record per API call. Residential status is 01, 02, 03 or 04. Applicant Type is "Individual". CKYC_ID present if updating existing record.

Data Quality Checks

No null, NA, N/A or 0 placeholder values. No test or junk data in any field. Gender is M or F only. Marital status is M or U only. PAN is valid format or exactly "Form60". Employee code is alphanumeric only.

Benchmark: What Good Looks Like

The table below shows what a well-run CKYC programme looks like against the industry average. The gap between average and best-in-class is almost entirely explained by the presence or absence of pre-submission validation.

Metric	Industry Average	Best-in-Class	What Makes the Difference
First-time-right rate	82 to 87%	99%+	Automated pre-submission validation on every record
Document rejection rate	8 to 12%	Under 0.5%	Image quality check before base64 encoding
Data rejection rate	4 to 7%	Under 0.3%	Field-level validation against CERSAI rules at source
CERSAI rejection rate	2 to 4%	Under 0.2%	Junk value scrub and Customer ID uniqueness check
Average rework TAT	3 to 5 days	Same day	Error caught at source, not after CERSAI return

💡

The build vs buy question on pre-submission validation Building a robust pre-submission validation engine is a 3 to 6 month development project, followed by ongoing maintenance as CERSAI updates its rules. Every regulatory change - new field requirements, updated state code lists, revised character limits - requires a corresponding update to the validation engine. Institutions that outsource CKYC processing to a specialist managed service get this validation engine as part of the service, maintained in real time against current CERSAI requirements, with no internal development overhead.

What is your current CKYC rejection rate?

If you do not know your first-time-right rate, you cannot manage it. HSS provides a free CKYC operations diagnostic for NBFCs - we will benchmark your rejection rate and identify the top 3 causes within one week.

Request Free Diagnostic How Our Service Works

Frequently Asked Questions

Why do CKYC records get rejected by CERSAI? ▼

CKYC records are rejected at three stages: (1) Document Validation - blurry photo, mismatched POA, Aadhaar not masked, file over 1MB. (2) Data Validation - missing father name, invalid pincode, special characters in name fields, wrong date format. (3) Rejected by CERSAI - missing mother name prefix, junk values in fields, duplicate Customer ID, name exceeding 50 characters. All three return HTTP 400 with status false and a reason string identifying the specific cause.

What is the most common CKYC rejection reason? ▼

Document quality issues are the most common rejection reason, accounting for the majority of all CKYC rejections. Blurry photographs, mismatched POA names, unavailable Aadhaar front page, and documents exceeding 1MB are the top causes. These are entirely preventable with pre-submission image quality checks before the base64 encoding step.

How do I reduce CKYC rejection rates? ▼

Implement a pre-submission validation engine that checks image resolution and file size, POA name match against form data, Aadhaar masking, all mandatory fields present, no special characters in name fields, date format and logical date sequence, Customer ID uniqueness, and field character limits. Institutions with dedicated pre-submission validation consistently achieve rejection rates below 2%.

What does POA mismatch mean in a CKYC rejection? ▼

POA mismatch means the name printed on the Proof of Address document does not match the name entered in the CKYC form. CERSAI's validation system compares these and rejects the record if they differ significantly. The fix is to ensure the name in the form exactly matches the name on the document before submission. Minor spelling variations can cause this rejection.

What happens after a CKYC record is rejected? ▼

After rejection, the institution receives an error response with the rejection category and specific reason. The record must be corrected - either fixing document quality, correcting data fields, or resolving the CERSAI-level issue - and resubmitted. Rejection rework typically costs 3 to 5 times the original processing cost. The customer's onboarding is delayed until the rejection is resolved and the corrected record is accepted by CERSAI.

Ready to Achieve Sub-2% CKYC Rejection Rates?

HSS's managed CKYC service includes a full pre-submission validation engine - every record is checked against all CERSAI rules before the API call. Our clients consistently achieve first-time-right rates above 99%.

Talk to Our Team Explore Our Services

H

HSS Technology Team

Hridayam Soft Solutions Pvt. Ltd. - CKYC Operations Specialists

HSS provides end-to-end CKYC managed services for banks, NBFCs, HFCs, and insurance companies across India. Our ShareDocs DMS platform handles document management, API integration, and CERSAI compliance operations at scale.

Continue Reading

Compliance

CKYCRR 2.0: What Every BFSI Operations Head Must Know Before the 2026 Deadline

Process Guide

The Complete CKYC Lifecycle for NBFCs: From Onboarding to CKYC Number Storage

Glossary

The CKYC Terminology Glossary Every BFSI Professional Should Bookmark

Last Reviewed: May 9, 2026  |  Sources: CERSAI CKYC API documentation, HSS CKYC operations data, RBI Master Direction on KYC (amended August 2025).
This article is for informational purposes only. For institution-specific compliance guidance, consult your legal and regulatory team.