We first encountered this behavior when another application inserted invalid data into a column where we store AES-encrypted date-strings. Silently returning null from the UserType would have rendered it difficult to detect the defectiv values and take measures to delete/deactivate related entities, throwing an exception means that the entity can not be loaded until the database is updated e.g. through criteria-update. Passing something else than the designated value-class to criteria-update's set() leads to a Hibernate-exception prior to calling the UserType and the column-type is non-null so we need to represent null as empty byte[], which can not be the result of an AES-encryption.