On April 27, 2026, the Office of the Working Mechanism for Security Review of Foreign Investment (National Development and Reform Commission) lawfully and regulatively issued a decision prohibiting the foreign investment in the acquisition of the Manus project and required the parties to withdraw the acquisition transaction.
Just a few dozen words directly terminated the $2 billion+ transaction. Years of product refinement, legal structuring, fundraising, and exit planning by Manus collapsed entirely, all for nothing.
This is the first publicly halted foreign investment acquisition case in the AI sector since the Implementation of the Measures for Security Review of Foreign Investment in January 2021.
This transaction had a unique aspect: both parties had legally been offshore—Meta is a U.S. company, and Manus has completed its corporate relocation to Singapore and established a holding structure in the Cayman Islands. Nevertheless, Chinese regulators ultimately issued a prohibition on the investment.
The spillover effects of this case mean that AI companies such as Moonshot AI, ByteDance, and Step星辰 are now facing clearer compliance guidance.
Behind this lies a deeper issue: traditional offshore structures are completely failing. Entrepreneurs must clearly define their compliance strategy from Day 0.
This article doesn’t tell stories—it delivers practical insights: what laws and regulations govern compliance; where the red lines are drawn for “shower-style” offshore expansion; and how companies should truly choose their path starting today.
I. In accordance with the law and regulations—what laws and regulations?
Looking back at the Manus case, initial industry discussions mostly focused on “what happened”—the migration, the split, the ban. But as more details emerged, legal experts refocused on a more fundamental question: On what authority can regulators halt this transaction? What law? What regulation?
The answer is not found in any single law, but rather in a three-tiered regulatory framework. These tiers work together to form an inescapable review logic.
Layer 1: Identifying "Chinese Entities" — The Foundational Basis for Penetrative Review
This is the legal starting point of the entire case: Where is Manus actually based?
From a legal standpoint, the answer appears clear—Manus has completed its redomiciliation to Singapore, with its holding structure established in the Cayman Islands, and its parent company, Butterfly Effect Pte, is a bona fide Singapore entity. This is also the core legal argument presented by the Manus team throughout the transaction:
Our main structure has been converted to an offshore structure.
But the regulatory response was:
Substance matters, not form.
Jintiancheng Law Firm systematically analyzed from a legal perspective why the "legal shell offshore" strategy failed in the Manus case. The root cause lies in the fact that AI core assets maintain inseparable substantive connections with China’s domestic legal jurisdiction across four dimensions:
- Team dimension: An engineering team with deep expertise in core underlying logic, having accumulated extensive R&D experience domestically, with their technical capabilities developed and honed within China;
- Computing power dimension: Domestic R&D has created technological dependencies in interfaces and computing power scheduling, with the core system’s architectural DNA bearing a Chinese mark;
- Algorithm dimension: The development and training of the core model weights were completed domestically, constituting the most legally significant "technology origin";
- Data dimension: Training data accumulated through human feedback reinforcement learning (RLHF) based on massive user interactions, with sources highly concentrated within the country.
These four dimensions point to the same conclusion: Manus’s legal structure is based in Singapore, but its technological substance—its origin, core, and foundation—is entirely within China. Under the principle of "substance over form," this substantive connection is sufficient to form the basis for regulatory piercing—this is the first cornerstone of all subsequent legal actions.
Although Xiao Hong founded Butterfly Effect Technologies in Beijing in 2022, established a Red Chip structure of “Cayman Islands—Hong Kong—Beijing” in 2023, and relocated its registration to Singapore while completing team separation and business isolation in 2025, legal determination does not focus on “when it moved out,” but rather on “where it came from.” Any technology assets originating within China do not change their nationality due to a mere change of registration.
Layer 2: Export Restrictions and Regulatory Evasion – Legal Classification of “Washing Out”
Once the first layer is established: if Manus is deemed to be a "domestic enterprise" in substance, the legal logic of the second layer follows naturally: transferring core assets overseas constitutes an export activity, and export activities are subject to export control regulations.
Manus's three-step actions, in the eyes of regulators, constitute a complete puzzle of "circumventing export controls":
Step one: Entity transfer. Relocate the company’s legal entity from China to Singapore and establish the offshore entity Butterfly Effect Pte, while setting up a Cayman Islands holding structure. This completes the first legal step toward “de-Chinaization.”
Step two: Team and asset migration. Lightning laid off nearly two-thirds of its China-based employees (80 out of 120), retaining over 40 core technical staff who relocated to Singapore.
Step three: Separate data and operations. Clear out domestic social media accounts, block access from Chinese IP addresses, and terminate partnerships with local entities such as Alibaba’s Qwen.
Legally, the technical knowledge, R&D capabilities, and algorithmic expertise carried abroad by core technical personnel constitute potential "technology exports" covered by the Catalog of Technologies Prohibited or Restricted for Export. Meanwhile, according to the Data Security Law and the Measures for Security Assessment of Data Outbound Transmission, the large volume of user interaction data used for training prior to separation is highly concentrated within China—the data's genetic imprint is embedded in the model, and separation cannot retroactively erase it.
Therefore, the logic of regulatory oversight can be summarized in one cold statement:
The code is written on Chinese soil, and the data grows among Chinese users—that is what constitutes "Chinese assets." Transferring them is an export, and exports must be regulated.
The essence of the "washing-style overseas expansion" is to mask substantive violations through formal compliance, constituting a systematic evasion of export control regulations.
Layer 3: Voluntary Disclosure Mechanism – You Cannot Say, “I Didn’t Know”
If the first two layers constitute "substantive violations," the third layer is a "procedural violation"—and the easiest to convict.
Article 4 of the Measures for Security Review of Foreign Investment explicitly stipulates that investors must proactively declare to the working mechanism office prior to making an investment involving key areas such as important information technology and core technologies. This is a mandatory pre-investment reporting obligation, not a recommendation, nor is it permissible to report after an issue arises.
Manus and Meta never made any voluntary filings to Chinese regulators at any point during the transaction process, up to and including completion of the closing. Over the course of several months of the closing period, Manus and its investors appeared to reach a dangerous tacit understanding: as long as regulators did not knock, they would not open the window.
In legal practice, "failure to report when required" is itself an independent and serious violation. It signals either intentional non-compliance or deliberate evasion—either way, regulators will not overlook it.
A compliance lawyer summarized after the incident:
The greatest compliance failure exposed by the Manus case is not that any specific regulation is controversial in its applicability, but that the company completely abandoned its obligation to report to Chinese regulators. In a legal system, evading the process itself is more intolerable to regulators than substantive violations.
Looking back, Manus’s fate was already sealed at the first level: once穿透式审查 determines you to be a "de facto Chinese entity," the export control logic at the second level and the reporting obligations at the third level are automatically triggered. The three legal layers build upon each other in a tightly interconnected chain, forming a logical闭环. Within this闭环, there is no room for侥幸.
II. Why the National Development and Reform Commission?
The Ministry of Commerce acted first. On January 8, 2026, a spokesperson for the Ministry of Commerce publicly stated that it would conduct an assessment and investigation into whether the acquisition complies with relevant laws and regulations on export controls, technology imports and exports, and overseas investment. However, by April 27, it was the National Development and Reform Commission that delivered the final decision.
There’s more to this department switch than meets the eye. Some experts argue that the Ministry of Commerce is relying on the "Catalog of Technologies Prohibited or Restricted for Export," which provides very specific descriptions of controlled technologies: artificial intelligence interaction interfaces specifically designed for Chinese and ethnic minority languages. However, after Manus underwent its "rebranding," all services have been fully transitioned to English, excluding Chinese users. This suggests that pursuing the export control route alone may lead to some controversy.
This is the gray area where regulatory applicability is contested. However, we lean toward a deeper meaning, since matters of legal applicability are subordinate to political considerations.
The National Development and Reform Commission handles "security reviews," while the Ministry of Commerce handles "technology imports and exports." The involvement of the NDRC means this matter has shifted from a "business issue" to a "sovereign one."
In other words, the National Development and Reform Commission, as a macro-level agency with broader economic regulatory authority than the Ministry of Commerce, its involvement itself sends a clear signal: this is not an isolated enforcement action against a single company, but a systemic deterrent designed to “strike one blow to prevent a hundred.”
To kill one is to warn a hundred.
All practitioners who were still watching have now seen where the red line is drawn—not in the ambiguous areas of specific provisions, but on the undeniable ultimate standard of safeguarding national security.
Three or four high-risk triggers
Based on the Manus case and the "piercing review" principle established by the Measures for Security Review of Foreign Investment, the following four red lines are now clear: if any one of them is crossed, forget about trying to exit via a "wash-out" strategy.
红线一:The founder holds a Chinese passport and has not renounced Chinese nationality.
The founder of Manus, Xiao Hong, is of Chinese nationality. Chinese export control laws extend jurisdiction to individuals. This means the founder personally could also become a subject of regulatory scrutiny, and related arrangements cannot be understood solely at the corporate level.
A harsher reality lies across the Pacific: in North American VCs’ geopolitical risk assessments, the funding environment for Chinese-founders is also tightening. Top Silicon Valley venture firms like a16z have seen a sharp decline in their willingness to invest in founders holding Chinese passports amid geopolitical pressures.
Manus's Series B funding was led by Benchmark, but afterward, Benchmark faced strong backlash from U.S. politicians, with several Republican senators calling the transaction "assisting the Chinese government."
Investors at Silicon Valley’s Founders Fund were blunt:
The founder is Chinese, the company is based in Beijing, and the core technology is a general AI agent—that’s the “original sin.”
Both sides are closing their doors. If you have a Chinese passport, U.S. capital is uneasy; if you have Chinese technology, Chinese regulators won’t let go. This squeeze is much narrower than most people realize.
Red Line Two: Accepted funding from state-owned capital
State-owned capital isn’t limited to direct investments by sovereign wealth funds. Government-guided funds at all levels, state-owned components within RMB-denominated funds as limited partners, and policy bank loans all fall under the definition of “state capital infusion.” Even the seemingly minor subsidies—like office space, computing power, or talent incentives—that you complain about during application for being bureaucratic and insufficient will be carefully recorded when it’s time to settle accounts.
Rule 3: The first line of code is written within China.
The initial development location of the core code, the location where the algorithm model was trained, and the storage location of technical documentation—these seemingly "purely technical" facts legally constitute proof of a "technology origin." Manus's early development was completed within China, and when the team relocated to Singapore, the code they carried inherently constituted a technology export. However, Manus never filed any technology export declaration for this transfer.
Red Line Four: Used Chinese Data
This is one of the most common illusions among AI entrepreneurs: believing that simply clearing out domestic users and blocking Chinese IPs will make the company clean.
But from a regulatory perspective, "technical substance" involves not just the code, but also the data genetics.
The Data Security Law and the Measures for Security Assessment of Data Cross-Border Transfer impose clear review requirements on cross-border transfers involving "important data." Although Manus has shut down its Chinese services and blocked Chinese IP addresses, the early user interaction data it collected has already been used to train the core model—this data's genetic imprint is embedded in the model's weights and cannot be undone by later data cleansing. Since the data originated from Chinese users, the model carries a Chinese label.
IV. Entrepreneurs in Specific Industries: Choose Your Side, Starting Now
The Security Review Measures establish a security review mechanism for foreign investments that may affect national security, with a focus on defense-related sectors such as defense industry, as well as critical areas where foreign investors gain actual control, including important information technology, key technologies, major infrastructure, and vital resources.
In the current regulatory environment following the Manus case, the following points warrant special attention:
First, in practice, the determination of "actual control" is not based solely on shareholding percentage; if a foreign investor can exert significant influence over a company’s operational decisions, personnel, finance, technology, or other areas—for example, by holding a veto power or access to critical technologies—it falls within this category. This definition is very broad. For instance, even if you hold only 5% of the equity corresponding to a U.S. fund, the veto power attached to that 5% stake could be deemed as constituting "significant influence over the company’s operational decisions," thereby triggering a determination of "actual control" and initiating a review.
Second, as the leading department of the working mechanism, the National Development and Reform Commission has the authority to issue compliance guidance based on national security assessments. For example, on April 24, 2026, the NDRC instructed certain AI companies to reject U.S. capital; although not explicitly stated in regulations, this falls within the extended scope of "routine safety review operations and preventive management" authorized under Articles 3 and 7 of the Security Review Measures.
Third, it is not recommended to circumvent review through VIE structures, nominee holdings, trusts, or similar arrangements. In practice, if such circumvention is identified, the company may face risks including rectification requirements, suspension, withdrawal, or other compliance actions.
Conclusion: The gray path of trying to straddle both sides has now been completely blocked from all directions. Going forward, businesses must clearly establish their compliance stance from Day 0.
In the AI sector, you can only choose one of the following two paths.
Route A: Follow the U.S. capital route — complete clean break
If you decide to use USD funding, follow the Silicon Valley path, and aim for acquisition or a U.S. stock market listing, what you need to do is not a "clean-up," but a complete transformation.
A strict rule: You must not cross any of the four red lines mentioned above.
Specifically, it means four things:
First, the founder must resolve their nationality. A Chinese passport is itself seen by U.S. VCs as a compliance risk. If you are fully committed to this path, renouncing Chinese nationality is not an option—it’s a prerequisite.
Second, do not accept funding from state-owned assets. Any capital involving government-guided funds, state-owned limited partners, or policy-based loans must undergo thorough compliance due diligence at the initial financing stage, and should be withdrawn or repurchased if necessary.
Third, the source code must be developed overseas. This is the harshest and most critical point: the first line of the core algorithm must be written overseas. The domestic team can only handle non-core modules or peripheral functions. You must establish a genuine, operational overseas technology center from the outset—not just a shell, but a real entity.
Fourth, data and users are isolated from day one. Do not touch Chinese user data at all from the start—not through "later cleanup," but through "never having had it."
The prerequisite for taking this path is: you must be willing to bear the cost of complete separation from the domestic market—abandoning all revenue, users, and brand synergies from China. You are betting that global returns will be sufficient to offset this cost. And even if you accomplish all of the above, you still face an increasingly unfriendly United States—where the founder’s Chinese identity remains an “original sin” in the eyes of certain forces in Silicon Valley.
Option B: Go the domestic route — bind with the state-backed investors
If you don’t want to—or can’t—pursue a U.S.-capital route, make compliance your moat.
Core logic: The soil and land of China can only grow China's renminbi.
First, proactively embrace state-owned and private capital. In fundraising, prioritize acceptance of RMB-denominated funds, government-guided funds, and central enterprise investment platforms. This is not a reluctant choice, but a strategic alignment: state-owned backing is the most credible regulatory clearance.
Second, make compliance a first-mover advantage. While competitors are still trying to find loopholes, you proactively submit for security reviews, complete data classification and grading, and register technology exports. To regulators, you are “one of us”; to the market, your compliance investments create a barrier that latecomers cannot quickly overcome.
Third, turn certification into a licensing barrier. Certifications such as IT Innovation Certification, Data Security Maturity Certification, and recognition as a "Specialized, Refined, Unique, and Innovative" enterprise in relevant technical fields are not costs—they are licenses. In an environment of tightening regulation, having a license means the difference between life and death.
Fourth, proactively initiate a security review. According to Article 4 of the Measures for Security Review of Foreign Investment, foreign investments involving critical information technology and key technologies must be proactively reported prior to implementation. For enterprises pursuing a state-owned capital route, this is not a burden, but rather the best way to demonstrate your stance to regulators.
By choosing this path, you accept the valuation logic and exit timeline of RMB funds—while the fast-in, fast-out $2 billion lightning acquisition may not be for you, you gain policy stability and the ongoing right to operate in the domestic market.
If you want to grow big, there’s no third path.
The "Cayman holding + Singapore operations + domestic R&D + USD funding" hybrid model has been declared dead. Hesitating further on this path is not flexibility—it’s dangerous. Regulators will not grant you exemptions just because you haven’t figured things out yet.
Choose foreign capital, and walk away cleanly. Choose domestic capital, and commit fully.
This is the only operational guide left for AI cross-border entrepreneurs from the Manus case.
In closing: The butterfly effect—words foretold.
Manus named its parent company Butterfly Effect. Looking back now, one can only marvel at how prophetic the name turned out to be.
This butterfly flapped its wings twice, sparking two storms: one was a takeover offer from Silicon Valley, and the other was a ban issued in Beijing. Now, the regulatory squeeze is in place—the takeover offer has turned into a compliance mirage, and this case will be included in the financing memos of every cross-border tech company going forward.
Looking back at the seemingly perfect path of “monetizing and exiting in 9 months, acquired for $2 billion,” it was actually fraught with three overlapping risks from the very beginning:
- Technical pitfall: The moment the AI core code is generated within China, it becomes subject to regulation;
- Data hazard: Once you've used data from China, you can't backtrack;
- Identity minefield: In this era, technology has a nationality, and so do the people who create it.
Compliant with laws and regulations, it was once a principle, and now it is a strict rule.
Today’s focus isn’t on assigning blame, but on recognizing a clear trend: the gray areas once exploited through jurisdiction shopping, structural shifts, and entity changes are being steadily narrowed. For founders, going global is no longer a game of “first evade regulation, then catch up on compliance”—it’s about clearly defining your entity, funds, technology, data flows, and reporting pathways from Day 0.
We hope every founding team seeking a path forward in this era—whether you choose to fully commit to a U.S.-capital runway or deeply cultivate within a domestic capital system—can clearly understand the rules, establish a solid foundation, and go further.
This article presents a subjective analysis by the editorial team based on publicly available information and industry observations, aiming to provide a multidimensional perspective for discussion. Nothing contained herein constitutes legal advice or investment recommendations. For specific legal issues or business decisions, please consult a licensed professional attorney.