Just to chime in again--as someone who volunteered for 6 years as one of the U.S representatives for one specific ISO standard--this is not something that just came up, it isn't something that affects the U.S. only, and it wasn't voted into being by D.C. or the credit card networks.
Depending on the ISO standard in question, there might be scores of countries represented on the committees that ultimately decide on the published revisions to the global standard. The standard here is ISO 18245:2003, the 2003 being the last date a revision was published. BTW, adding or removing merchant codes most likely won't reach the level of being a new revision, so it will likely stay ISO 18245:2003 after these alterations.
There is a "nomination" process for all the ISO standards by which revisions are recommended to the International Organization for Standardization in Geneva. The addition of these new firearm-related codes may well have come from the U.S.; I have no way of knowing. But the countries sitting on the committees for any given ISO standard get one vote each. That is specifically so that no one country controls the voting. I was one of five people on our U.S. team on the committee, and the team as a whole got one vote. For our specific standard (which I won't mention), our biggest concern at the time was China...not because they had more voting power, but because they were flooding the standard with new revision requests.
Neither Elizabeth Warren, Joe Biden, nor the CEO of VISA can directly request a revision. Those go through the teams on the committee, individual volunteers who have bona fides about understanding and experience with that specific standard; they're the ones who publish a revision request. I can't speak for the procedure as it exists today, but less than a decade ago those revision requests would be circulated to the teams of the other participating countries. Each country team who chose to do so would respond with an analysis, their possible changes in wording or actual material aspects of the requested revision, and those analyses submitted to, and combined into a single document by, the ISO oversight committee dealing with that particular standard. Most of those oversight committees had multiple, related standards that they oversaw.
Net message here is that, for the types of revision requests I was involved in dealing with--and they could be as simple as rewording a single paragraph--it would always be a several-month to even a year process to bring the revision to a vote; voting occurred only once per calendar quarter. My guess is that whichever country's team submitted the new coding, the request probably started in the process last May or earlier.
Further, the individual volunteer representatives active on a country's team at any given time remained anonymous. Or names were never posted or used except internally within the ISO communications. Now, that doesn't mean somebody leaked, or somebody got influence over a team member...but I had to wait until I was no longer participating before I could put specifics about it on my resume.
I simply can't see this being a big enough deal for even George Soros to want to spend money to try to influence it. Reason being I doubt it affects many merchants in most countries--where firearms transactions are already highly regulated and thoroughly documented--and that I doubt the teams representing most countries even bothered to respond with their analysis of the request; didn't even blink an eye. In fact, it surprises me that this hadn't been done years ago. If the request came from the UK, for example, the U.S. representation couldn't derail it without convincing a majority of the countries represented to vote "no." Probably no way that was gonna happen even if we had Charles Cotton, Wayne LaPierre, and Ted Nugent representing the U.S. if it was one country out of, say, 50 casting a vote.
Now... With the caveat that I have
no expertise in this particular ISO standard, my take is that all the credit card networks will adopt the full merchant code listing as published in ISO 18245, that means every network from JCB in Japan to VISA, MasterCard, AMEX, and Discover in the U.S. It's an auditable, global standard. They will
have to be able to accept and transmit transaction data no matter where it originates or where it terminates.
That said, a little Google-fu indicates to me that it's the
individual merchant financial institution that sets which subset of the Merchant Category Codes (MCC) that it uses. It
isn't about the financial institution--or card servicing network--that
issued you your credit card. The card issuer is going to pass along on your statement the MCC as obtained through the card network, the MCC that originates from the merchant bank through which the seller processes credit/debit card transactions.
For example, here are category codes used by Checkout.com:
https://www.checkout.com/docs/resources ... gory-codes.
From what I can gather (without paying to purchase a copy of the standard), there are well over 500 MCCs currently in ISO 18245. Checkout.com is using about 270. So it's whatever code the merchant bank or service provider assigns to an individual merchant. It looks like that's who's in control of the originating data. But all the card networks, and therefore all the card issuers, will almost certainly accept any code that's valid per ISO 18245.
I'm probably making this as clear as mud. And this might not help much, but this PDF is an excerpt of ISO 18245 that includes the first 7 pages of the published standard; no list of individual codes, but a degree of explanation about what they are and how ISO is organized to maintain the standard:
https://www.sis.se/api/document/preview/903637/.
