I'm working with a company that is undergoing PCI compliance efforts for their US business, however they also have operations in China.

The US and China operations are completely seperate, and all US based credit card transactions are processed / stored on US based systems, and the same goes for China - all chinese based transactions stay within China based systems. Therefore, are we obligated to become PCI compliant for both regions, or is PCI DSS only applicable to our US operations?

Note, the Chinese side of the operations is a wholly owned subsidiary and has a slightly different name (i.e. US company name + the word "China"). Are the credit card companies pushing for PCI compliance for Chinese based transactions?

Thanks!

Yes. The organization is responsible for becoming compliant in both the US and China. You will generate a ROC or SAQ for each and submit those to their respective acquirer/processor.

That said, we're seeing some organizations getting prodded pretty hard for compliance in China and other organizations have never heard from their acquirer/processor and therefore have no idea that they need to be compliant.

My business is based in Hong Kong, so we are dealing with a lot of client companies based in China. I concur with Jeff - a minority of our clients in the PRC have been asked to demonstrate compliance. The vast majority have not, and are not aware that the PCI even exists. In fact, quite a lot of the acquiring banks I work with in China aren't aware of the PCI either!!

Also, many of our clients' Chinese branches only take UnionPay, which are not part of the PCI, so the issue is moot.

In my experience, the culture in the PRC is such that they are very unlikely to work on pre-emptive compliance. Until the demand for compliance arrives in their mailbox, they're simply not interested.

If your gonna start with PCI DSS in China, start with contacting bank and push them to mask bank reports and receipts in terminals. Could take a year or so before it is done so first thing to do imo.

I really appreciate everyone's input!