Shufti-Sphere-Website-Banner
burger-menu cross-icon-2

Resources

us

216.73.216.200

Central KYC (CKYC): The Complete Guide to CKYC, KIN and CERSAI Compliance (2026)

CKYC Guide

TL;DR:

  • CKYC (Central KYC) is India’s single, central repository of customer KYC records, managed by CERSAI, so a customer’s identity is verified once and reused across regulated financial institutions.
  • The CKYC full form is Central Know Your Customer. CERSAI stands for Central Registry of Securitisation Asset Reconstruction and Security Interest of India.
  • Every customer gets a unique 14-digit CKYC number, also called the KIN (KYC Identification Number), which lets institutions pull verified data instead of re-collecting documents.
  • To find your CKYC number, ask the bank, insurer, or mutual fund where you completed KYC. Individuals cannot log in to the CKYC registry directly; only regulated entities can.
  • In 2026, RBI rules and Budget upgrades push OTP-based consent, a seven-day upload window, AI duplicate detection, DigiLocker integration, and risk-based update cycles.
  • Shufti helps Indian regulated entities meet CKYC obligations with identity verification, video KYC, AML screening, and API-based CKYCR integration.

Central KYC (CKYC) is the backbone of digital onboarding in India. It lets a customer complete Know Your Customer (KYC) once and reuse that verified identity across banks, non-banking financial companies (NBFCs), insurers, mutual funds, and other regulated entities, instead of submitting the same documents again and again.

This guide explains everything about CKYC: what it means, what a CKYC number (KIN) is, the role of CERSAI, how the system works, how CKYC compares to eKYC and Aadhaar KYC, how to find your CKYC number, the 2026 regulatory landscape, and what regulated entities must do to comply. It also answers the questions that customers and compliance teams ask most.

What is CKYC (Central KYC)?

Central KYC (CKYC) is a centralised repository of customer KYC records for India’s financial sector, managed by CERSAI, that lets a customer be verified once and recognised across all registered financial institutions. The CKYC full form is Central Know Your Customer. In Hindi, when people ask CKYC kya hota hai, the answer is the same: it is a single, shared KYC record so you do not repeat KYC at every institution.

Instead of each bank or insurer holding its own copy of your documents, your verified KYC data sits in one central registry. When you open a new account elsewhere, that institution can retrieve your existing record using your CKYC number, with your consent. For customers, that means fewer forms. For regulated entities, it means lower risk, faster onboarding, and cleaner audit trails.

The registry that stores these records is called the Central KYC Records Registry (CKYCR). It was launched in 2016 and operates under the Prevention of Money Laundering Act (PMLA) framework, with the Reserve Bank of India (RBI) and other regulators setting the rules that govern it.

What is a CKYC number (KIN)?

A CKYC number is a unique 14-digit code, also known as the KIN (KYC Identification Number), assigned to every customer whose KYC is recorded in the CKYC registry. It acts as a single identifier that any registered financial institution can use to fetch your verified KYC details.

Once your KYC is uploaded to CKYCR, you are issued this 14-digit CKYC number. From then on, you can quote it when opening a new account or buying a financial product, and the institution can pull your record rather than asking for fresh documents. The CKYC number, the KIN, and the CKYC ID all refer to the same identifier.

What is CERSAI?

CERSAI (Central Registry of Securitisation Asset Reconstruction and Security Interest of India) is the government-owned body that manages the Central KYC Records Registry on behalf of the Government of India. It is the operator behind CKYC.

CERSAI was originally set up to maintain a central registry of security interests over property, helping lenders check whether an asset is already pledged. It was later entrusted with running the CKYCR, which is why CERSAI and CKYC are so closely linked. When people search for the CERSAI full form or CERSAI meaning, this is the entity they mean: the registry operator that stores and shares CKYC records.

How CKYC Works

CKYC runs as a shared, consent-driven cycle across the financial sector.

  • Verification and upload: When you complete KYC with a registered financial institution, it verifies your identity and uploads your KYC record to CKYCR.
  • KIN issued: CERSAI assigns your unique 14-digit CKYC number (KIN) and links your verified data to it.
  • Retrieval on consent: When you approach another institution, it uses your CKYC number to fetch your record from CKYCR, with your consent, instead of collecting documents again.
  • Updates: If your details change, the institution updates the record, and the change is reflected centrally within the required timeline.

This is different from a KYC Registration Agency (KRA). KRAs serve the securities market under SEBI, while CKYCR is the wider central registry across banking, insurance, and other sectors. Many institutions interact with both.

CKYC vs eKYC vs Aadhaar KYC vs Traditional KYC

CKYC is often confused with eKYC and Aadhaar-based KYC. They are related but distinct, and they usually work together rather than replacing one another.

Type What it is Key point
Traditional KYC In-person or paper-based identity verification at each institution Repeated at every institution; slow and document-heavy
eKYC Electronic KYC using digital verification methods A method of verifying identity electronically
Aadhaar KYC Verification using Aadhaar (OTP or biometric) An identity verification method, not a storage system
CKYC (Central KYC) A central repository that stores and shares verified KYC records Stores data so KYC is done once and reused; complements eKYC and Aadhaar

 

In short, Aadhaar eKYC is a way to verify identity, while CKYC is where the verified record is stored and shared. CKYC can hold data that was verified using Aadhaar or other methods, which is why CKYC does not replace Aadhaar eKYC; the two complement each other.

Who Needs CKYC?

CKYC applies to both the institutions that report to the registry and the customers they serve.

  • Regulated Entities (REs): Banks, NBFCs, insurers, mutual funds, and securities market intermediaries are required to upload customer KYC to CKYCR and use it during onboarding.
  • Individual Customers: Anyone opening a bank account, buying insurance, or investing in mutual funds in India will have a CKYC record created and a CKYC number assigned.

The top sectors using CKYC are banking, securities, and insurance, which together account for the large majority of records in the registry.

How to Find, Check, or Download your CKYC Number

A common question is how to get or check a CKYC number online. Here is the honest, accurate answer.

  • Ask your Financial Institution: The simplest way is to ask the bank, NBFC, insurer, or mutual fund where you completed KYC. They can share your 14-digit CKYC number.
  • Check your Account or Statements: Some institutions display the CKYC number in your account profile, welcome kit, or investment statements.
  • Individuals cannot log in to CKYCR directly: Access to the central registry is restricted to registered financial institutions. Any site claiming to let an individual freely download a CKYC card should be treated with caution.

If a site asks for sensitive details or a fee to reveal your CKYC number, verify it through your bank or the official CERSAI resources before proceeding.

New to KYC and AML in India? Start with the fundamentals of customer verification and screening: Shufti KYC and AML Screening Solution.

CKYC in 2026: The Regulatory Landscape

CKYC is entering a new phase. A series of RBI master direction amendments and Union Budget upgrades are converging to make digital-first, consent-driven KYC the norm. The key changes regulated entities must plan for are below.

RBI Master Direction Amendments

  • Incremental Uploads: REs must upload legacy KYC data at the next periodic update or sooner.
  • Seven-day Rule: updated KYC information retrieved from a customer must reach CKYCR within seven days.
  • No Repeated Documents: customers with a CKYC number cannot be asked for the same documents again unless their information has changed.

OTP-Based Consent

Every time a regulated entity downloads a customer’s record, an OTP is sent to the customer’s registered mobile number. No OTP means no data, which strengthens consent and creates a cleaner audit trail.

Budget-Driven Upgrades

  • AI-powered duplicate detection using facial similarity to prevent duplicate records.
  • DigiLocker integration to pull and store KYC documents.
  • Customer dashboards that give individuals view-only access and the ability to revoke institutional access.
  • Zero upload fees to encourage universal adoption.

Risk-Based Update Cycles

Update frequency is tied to customer risk: high-risk customers roughly every two years, medium-risk every eight years, and low-risk every ten years, unless there is a material change. Mapping customer risk ratings inside your systems lets a CKYC sync engine trigger re-verification automatically.

CKYC Compliance Requirements for Regulated Entities

Regulated entities must translate these rules into day-to-day controls. The table summarises the key requirements and the actions they trigger.

Requirement What changed Action for REs
Incremental uploads Legacy accounts must be pushed to CKYCR on the next KYC event Schedule batch uploads and monitor failed records
Seven-day update rule Tighter upload window for updated data Automate submission via API
OTP consent Mandatory OTP for every record pull Integrate an OTP workflow and keep logs
AI duplicate check CKYCR runs facial and biometric matching Ensure images meet quality thresholds
DigiLocker linkage Documents retrieved on demand Add DigiLocker integration to onboarding

 

CKYC Registration and CERSAI Onboarding for Regulated Entities

To report to the registry, a regulated entity must register with CERSAI, obtain access credentials, and integrate with CKYCR to upload and download records. In practice, this means connecting onboarding systems to the CKYCR API, building the OTP consent flow, and maintaining audit logs for every upload and retrieval. Individuals do not register with CERSAI; their records are created by the institutions they deal with.

How to implement CKYC: a Roadmap for Regulated Entities

Treat the move to compliant, low-friction CKYC as a staged plan rather than a single switch.

1. Gap Analysis

Map current KYC flows against the latest RBI requirements and identify where uploads, consent, or update cycles fall short.

2. API Integration

Connect your onboarding stack to CKYCR endpoints so uploads and retrievals happen automatically rather than manually.

3. Consent and Logging

Implement OTP-based consent and immutable audit trails for every record pull and update.

4. Data Hygiene

Validate customer data formats and ensure document and photo quality meet the thresholds for AI duplicate matching.

5. Staff Training

Update standard operating procedures and train teams on the new update cycles and consent rules.

6. Pilot and Monitor

Start with low-risk customer cohorts, track success metrics, and iterate before scaling across the book.

Benefits and Challenges of CKYC

Benefits

  • Faster Onboarding: Verified data is reused, so customers fill fewer forms and accounts open faster.
  • Lower Cost and Risk: Fewer manual document reviews and cleaner, centralised records reduce compliance cost and error.
  • Better Customer Experience: No repeated document requests across institutions.
  • Stronger audit trails: consent-based access and central records make compliance easier to demonstrate.

Challenges

  • Data quality and consistency: records must be accurate and correctly formatted to avoid failed uploads and false duplicate flags.
  • Integration effort: connecting legacy systems to CKYCR and DigiLocker takes technical planning.
  • Consent and privacy: OTP consent and data protection must be handled carefully to maintain trust.
  • Keeping pace with rules: update cycles and master directions change, so processes must adapt.

How Shufti Supports CKYC Compliance

Shufti helps Indian regulated entities meet CKYC obligations while keeping onboarding fast and low-friction. Shufti provides the identity verification, screening, and integration layer that feeds into CKYC compliance, backed by global coverage across 240+ countries.

  • ID and document verification: Verifies customers before their KYC record is created or updated, with support for Indian IDs.
  • Video KYC and biometrics: supports compliant remote onboarding, with output that can be uploaded to CKYCR within the required window.
  • AML Screening and sanctions screening: Screens customers against sanctions, PEP, adverse media, and watchlists as part of due diligence.
  • API-based integration: Developer-friendly APIs and connectors help REs wire verification into their onboarding and CKYCR workflows.
  • Adaptive risk scoring: aligns re-verification with risk-based update cycles so refreshes trigger automatically.
See CKYC-ready onboarding in action Turn CKYC compliance into faster, lower-friction onboarding. Book a Shufti demo.

Frequently Asked Questions

What is the full form of CKYC?

CKYC stands for Central Know Your Customer. It is India's central repository of customer KYC records, managed by CERSAI, so a customer's identity can be verified once and reused across registered financial institutions.

What is a CKYC number?

A CKYC number is a unique 14-digit identifier, also called the KIN (KYC Identification Number), assigned to every customer in the CKYC registry. Financial institutions use it to fetch your verified KYC record instead of asking for documents again.

What is CERSAI, and what is its full form?

CERSAI stands for Central Registry of Securitisation Asset Reconstruction and Security Interest of India. It is the government-owned body that operates the Central KYC Records Registry (CKYCR) on behalf of the Government of India.

How can I get or check my CKYC number?

Ask the bank, NBFC, insurer, or mutual fund where you completed KYC; they can share your 14-digit CKYC number. Some institutions also show it in your account profile or statements. Individuals cannot log in to the CKYC registry directly, since access is limited to registered institutions.

Are CKYC and Aadhaar the same?

No. Aadhaar is a national identity number and a verification method. CKYC is a storage-and-sharing system for KYC records across financial institutions. They work together but are not the same thing.

Is CKYC mandatory for banks?

Yes. RBI-regulated entities, including banks, NBFCs, and payment institutions, are required to upload customer KYC to CKYCR and comply with the associated rules, such as the seven-day update window.

What is CKYC in SBI or other banks?

CKYC works the same way across all banks, including SBI. When you complete KYC, the bank uploads your record to the central registry and a CKYC number is issued, which any registered institution can then use with your consent.

Does CKYC cost anything?

For customers, CKYC does not carry a fee, and recent rules have moved toward zero upload fees to encourage adoption. Regulated entities may incur costs for integration and for third-party verification services.

How often must CKYC records be updated?

Updates follow a risk-based cycle: roughly every two years for high-risk customers, every eight years for medium-risk, and every ten years for low-risk, unless there is a material change in the customer's information.

How does Shufti help with CKYC?

Shufti provides identity and document verification, video KYC, and AML screening for Indian regulated entities, with API-based integration that supports CKYCR uploads and consent workflows, so onboarding stays compliant and fast.

Related Posts

Shufti Blog

What is Biometric Verification: Meaning, Types, Technology & Tools

What is Biometric Verification: Meaning, Types, Technology & Tools

Explore More

Shufti Blog

What Is Transaction Screening? Definition, Process, and How It Works

What Is Transaction Screening? Definition, Process, and How It Works

Explore More

Shufti Blog

AMLR 2027: What the EU’s new anti-money laundering rulebook means for compliance teams

AMLR 2027: What the EU’s new anti-money laundering rulebook means for compliance teams

Explore More

Shufti Blog

AMLO Compliance in Hong Kong: AML Obligations for Licensed Corporations & VASPs

AMLO Compliance in Hong Kong: AML Obligations for Licensed Corporations & VASPs

Explore More

Shufti Blog

Transaction Monitoring for Neobanks: Reducing False Positives Without Missing SAR Triggers

Transaction Monitoring for Neobanks: Reducing False Positives Without Missing SAR Triggers

Explore More

Shufti Blog

Corporate Transparency Act & FinCEN’s BOI Rule: What AML Requires in 2026

Corporate Transparency Act & FinCEN’s BOI Rule: What AML Requires in 2026

Explore More

Shufti Blog

What happens during a Shufti identity check?

What happens during a Shufti identity check?

Explore More

Shufti Blog

What is Biometric Verification: Meaning, Types, Technology & Tools

What is Biometric Verification: Meaning, Types, Technology & Tools

Explore More

Shufti Blog

What Is Transaction Screening? Definition, Process, and How It Works

What Is Transaction Screening? Definition, Process, and How It Works

Explore More

Shufti Blog

AMLR 2027: What the EU’s new anti-money laundering rulebook means for compliance teams

AMLR 2027: What the EU’s new anti-money laundering rulebook means for compliance teams

Explore More

Shufti Blog

AMLO Compliance in Hong Kong: AML Obligations for Licensed Corporations & VASPs

AMLO Compliance in Hong Kong: AML Obligations for Licensed Corporations & VASPs

Explore More

Shufti Blog

Transaction Monitoring for Neobanks: Reducing False Positives Without Missing SAR Triggers

Transaction Monitoring for Neobanks: Reducing False Positives Without Missing SAR Triggers

Explore More

Shufti Blog

Corporate Transparency Act & FinCEN’s BOI Rule: What AML Requires in 2026

Corporate Transparency Act & FinCEN’s BOI Rule: What AML Requires in 2026

Explore More

Shufti Blog

What happens during a Shufti identity check?

What happens during a Shufti identity check?

Explore More

Take the next steps to better security.

Contact us

Get in touch with our experts. We'll help you find the perfect solution for your compliance and security needs.

Contact us

Request demo

Get free access to our platform and try our products today.

Get started