根据您的要求,我已将输入的HTML内容(包含`
On April 27, 2026, the Office of the Working Mechanism for Foreign Investment Security Review (National Development and Reform Commission) lawfully and in accordance with regulations issued a prohibition decision regarding the foreign acquisition of the Manus project, requiring the parties involved to revoke the acquisition transaction.
In just a few dozen words, it directly pressed the stop button on a deal valued at over 20 billion USD. The product refinement of Manus over several years, the legal framework structuring, and the arrangement and efforts for financing and exit all came crashing down, going down the drain.
This is the first publicly halted foreign acquisition case in the AI sector since the enactment of the "Measures for the Security Review of Foreign Investments" in January 2021.
This transaction has a unique aspect: both parties involved have been legally externalized. Meta is a US company, and Manus has completed its redomiciliation to Singapore and established a holding structure in the Cayman Islands. Yet, Chinese regulators ultimately decided to prohibit the investment.
The spillover effects of this case are also being felt by AI companies like Moonshot AI, ByteDance, and Stepfun, which are now facing clearer compliance window guidance.
Behind this lies a deeper issue: the traditional offshore structure playbook is becoming completely ineffective. Entrepreneurs must figure out their compliance path from Day 0.
This article is not about storytelling, but about substance - what laws and regulations does the supervision rely on, where is the red line drawn for "washing-style" overseas expansion, and how should companies choose their path from today onward.
1. What Laws and Regulations Are Being Followed?
Looking back at the Manus case, initial industry discussions mostly focused on "what happened" - migration, divestiture, and the ban. However, as details of the case gradually emerged, the legal community's attention returned to a more fundamental question: on what basis could regulators halt this transaction? What laws and regulations are being invoked?
The answer is not found in a single law but in a three-tiered logic of regulatory scrutiny. These three layers form a synergistic force, ultimately creating an inescapable review framework.
Layer 1: Determining the "Chinese Entity" - The Foundational Basis for Look-Through Review
This is the legal starting point of the entire case: which country does Manus actually belong to?
From a legal form perspective, the answer seemed clear - Manus had completed its redomiciliation to Singapore, its holding structure was in the Cayman Islands, and its parent company, Butterfly Effect Pte, was a genuine Singaporean entity. This was also the core legal argument of the Manus team throughout the transaction process:
"Our corporate structure has been converted to an offshore structure."
But the regulator's response was:
Form doesn't count; substance does.
AllBright Law Offices systematically analyzed from a legal perspective why the "offshore legal shell" failed in the Manus case. The root cause lies in the fact that AI core assets have substantive ties to China's domestic legal jurisdiction across four dimensions that cannot be severed:
- Team Dimension:The engineering team holding the core underlying logic accumulated R&D experience within China over the long term; their technical capabilities were trained and developed within China.
- Computing Power Dimension: Domestic R&D created path dependency for technical interfaces and computing power scheduling; the architectural genes of the core system are marked as Chinese.
- Algorithm Dimension: The R&D and training of the core model weights were completed within China - this is the most legally significant "technological source."
- Data Dimension: The training data accumulated from Reinforcement Learning from Human Feedback (RLHF) based on massive user interactions originates highly concentrated within China.
These four dimensions point to the same conclusion: Manus's legal form may be Singaporean, but the 'technological substance' of Manus as a company - its origins, core, and foundation - are all within China. According to the principle of "substance over form," from the regulator's perspective, such substantive connections are sufficient to form the basis for a look-through review - this is the first cornerstone for all subsequent legal actions.
So, although Xiao Hong founded Butterfly Effect in Beijing in 2022, built a "Cayman-Hong Kong-Beijing" red-chip structure in 2023, and redomiciled to Singapore in 2025 completing team separation and business isolation, the legal determination does not look at "when it moved out" but "where it came from." Technological assets originating within China do not change their nationality just because of a change in registration documents.
Layer 2: Export Restrictions and Regulatory Evasion - Legal Characterization of "Washing-Style" Overseas Expansion
Once the first layer is established - Manus is deemed substantively a "domestic enterprise" - the legal logic of the second layer follows. Transferring core assets overseas is, in itself, an act of export. Export activities are subject to export control regulations.
In the eyes of regulators, Manus's three-step actions formed a complete puzzle of "evading export controls":
Step 1: Entity Transfer. Moved the company entity from China to Singapore, established the overseas entity Butterfly Effect Pte, and set up the Cayman Islands holding structure. Legally, this was the first step in "de-Sinicization."
Step 2: Team and Asset Migration. Quickly laid off nearly two-thirds of its China-based employees (80 out of 120), retaining over 40 core technical staff who relocated to Singapore.
Step 3: Data and Business Separation. Deleted domestic social media accounts, blocked access from Chinese IP addresses, and terminated domestic partnerships like the one with Alibaba's Tongyi Qianwen.
Legally, the technical knowledge, R&D capabilities, and algorithmic experience carried overseas by core technical personnel constitute potential "technology export" activities covered by the "Catalogue of Technologies Prohibited or Restricted from Export." Furthermore, according to the "Data Security Law" and the "Measures for the Security Assessment of Cross-Border Data Transfer," the training data derived from extensive user interactions completed before the separation originates heavily within China. The data genes are already written into the model; the act of separation cannot retroactively delete them.
Therefore, the regulator's look-through logic can be summarized in one cold sentence:
Code written on China's soil, data grown from China's users - this is 'Chinese assets.' Transfer is export, and export must be regulated.
The essence of "washing-style" overseas expansion is using formal compliance to conceal substantive violations, a systematic evasion of the export control system.
Layer 3: Voluntary Reporting Mechanism - You Can't Say "I Didn't Know"
While the first two layers are about 'substantive violations,' the third layer is about 'procedural violations' - and potentially the easiest to convict.
Article 4 of the "Measures for the Security Review of Foreign Investments" clearly states that for foreign investments involving important information technology, key technologies, and other related fields, the parties involved "shall proactively report to the office of the working mechanism before implementing the investment." This is a mandatory obligation of pre-investment reporting, not "suggested reporting" or "supplementary reporting after issues arise."
Throughout the entire transaction process, up until the completion of delivery, neither Manus nor Meta made any form of proactive report to Chinese regulators. During the several months of the transaction period, Manus and its investors seemed to reach a dangerous tacit understanding: as long as the regulator didn't knock on the door, they wouldn't open the window.
In legal practice, "failure to report when required" is itself an independent serious violation. It sends a clear signal: either knowingly committing the violation or deliberately evading it. Either way, regulators cannot easily let it go.
A compliance lawyer summarized it after the incident:
"The biggest compliance flaw exposed by the Manus case isn't the controversial applicability of a specific regulation; it's that the company fundamentally abandoned its reporting obligations to Chinese regulators. Within the legal system, evading the procedure itself is less tolerable to regulators than substantive violations."
Looking back, Manus's fate was sealed at the first layer: once the look-through review determined it was a "substantive Chinese entity," the export control logic of the second layer and the reporting obligation of the third layer automatically unlocked. The three layers of legal logic are progressive and interlocking, forming a closed loop. Within this loop, there is no room for 'wishful thinking' at any stage.
2. Why Was It the NDRC?
The Ministry of Commerce (MOFCOM) acted first. On January 8, 2026, a MOFCOM spokesperson publicly stated it would "conduct an assessment and investigation into the consistency of this acquisition with relevant laws and regulations related to export controls, technology import and export, and outbound investment." However, when the hammer fell on April 27, it was the National Development and Reform Commission (NDRC).
This change in responsible department reveals deeper implications. Some experts believe that MOFCOM's basis would have been the "Catalogue of Technologies Prohibited or Restricted from Export," which contains a specific description for restricted technology: "Artificial intelligence interaction interface technology specifically designed for Chinese and minority languages." After Manus's 'washing,' all its services were switched to English, and Chinese users were shut out. This means, if strictly following the export control line, there might be some controversy over applicability.
This illustrates the potential space for debate on regulation applicability. However, we lean towards a deeper meaning, as legal applicability is ultimately secondary to political considerations in this context.
The NDRC manages "security reviews," while MOFCOM manages "technology import and export." The NDRC's involvement means this matter escalated from a 'business deal' to 'sovereignty.'
In other words, the intervention by the NDRC, a macro-management department with broader economic authority than MOFCOM, itself sends a clear signal - this is not an arbitrary enforcement against a single company but a systemic deterrent intended to 'knock one out to keep a hundred at bay.'
Killing one is meant to warn a hundred.
All practitioners still on the sidelines have now seen where the red line is drawn - not in the ambiguous zone of a specific clause, but at the ultimate, indisputable standard of safeguarding national security.
3. Four High-Risk Trigger Points
Combining the Manus case and the "look-through review" principle established by the "Measures for the Security Review of Foreign Investments," the following four red lines are now clear. If you cross any of them, forget about the 'washing-style' overseas expansion path.
Red Line 1: Founder Holds a Chinese Passport and Has Not Renounced Chinese Nationality
Manus founder Xiao Hong holds Chinese nationality. China's Export Control Law has jurisdiction over natural persons. This means the founder himself could become a target of regulatory scrutiny, and related arrangements cannot be understood only at the company level.
An even harsher reality exists across the Pacific. In the geopolitical risk assessments of North American VCs, the fundraising environment for Chinese founders is also tightening. Under geopolitical pressure, top Silicon Valley VCs like a16z are drastically reducing their willingness to invest in founders holding Chinese passports.
Manus's Series B round was led by Benchmark. However, Benchmark faced strong backlash from American political circles for this investment, with several Republican senators claiming the deal constituted 'aiding the Chinese government.'
An investor from Silicon Valley's Founders Fund was blunt:
The founder is Chinese, the company is in Beijing, and the core technology is a general-purpose AI Agent - that is the 'original sin.'
Doors are closing on both sides. With a Chinese passport, American capital is uneasy; with Chinese technology, Chinese regulators won't let go. This squeeze is much tighter than most people imagine.
Red Line 2: Having Taken State Capital
'State capital' isn't limited to "direct investment from sovereign wealth funds." Government guidance funds at various levels, state-owned components in RMB fund LPs, and policy bank loans all fall within the scope of 'state capital infusion.' Then there are the small subsidies for office space, computing power, and talent – the 'trifles' that founders often complain about as cumbersome but still apply for. When the accounting comes due, these will all be noted down.
Red Line 3: The First Line of Code Was Written Within China
The initial writing location of the core code, the place where the algorithm model was trained, the storage location of technical documents - these seemingly 'purely technical' facts legally constitute proof of 'technological source.' Manus's early development was completed within China. When the team relocated to Singapore, the code they carried itself constituted a technology export. Manus never filed any technology export declaration for this transfer.
Red Line 4: Having Used Chinese Data
This is the most common illusion for many AI entrepreneurs: believing that as long as they later clear domestic users and block Chinese IP addresses, the company is clean.
But in the eyes of regulators, 'technological substance' depends not only on code but also on data genes.
The "Data Security Law" and the "Measures for the Security Assessment of Cross-Border Data Transfer" explicitly require review for the cross-border transfer of "important data." Although Manus shut down its Chinese language services and blocked Chinese IPs, the early accumulated user interaction data had already completed core model training. The data genes are etched into the model's weights, not something that can be retroactively deleted through 'later cleanup.' Data grows from China's users, so the model carries a Chinese label.
4. For Entrepreneurs in Specific Industries: Taking Sides Starts Now
The "Security Review Measures" establish a security review mechanism for foreign investments that may affect national security, focusing on areas like military industry and national defense, as well as key sectors where foreign investors acquire de facto control, such as important information technology, key technologies, major infrastructure, and key resources.
In the current regulatory environment post-Manus case, the following points deserve special attention:
First, the determination of "de facto control" in practice does not solely rely on shareholding percentage. If a foreign investor can significantly influence a company's business decisions, personnel, finance, or technology (e.g., possessing veto power or the right to know key technologies), it falls under this scope. This definition is quite broad. For example, you might only hold a 5% equity stake corresponding to a dollar fund, but the veto right attached to that 5% stake could be deemed as "having a significant impact on the company's business decisions," leading to a determination of "de facto control" and triggering a review.
Second, the NDRC, as the lead department of the working mechanism, has the authority to issue compliance window guidance based on national security judgments. For example, the April 24, 2026 guidance from the NDRC asking some AI companies to reject US capital, although not explicitly listed in the provisions, falls within the extended scope of "daily work on security review and preventive management" authorized by Articles 3 and 7 of the "Security Review Measures."
Third, it is not advisable to use structures like VIE, nominee holdings, or trusts to circumvent the review. In practice, if such circumvention arrangements are identified, the company may face risks related to remediation, suspension, withdrawal, or other compliance disposals.
Conclusion: The gray path of 'sitting on the fence' from the past has been blocked off from all directions, 360 degrees. From now on, companies must clearly define their compliance stance from Day 0.
Especially in the AI track, only the following two routes can be chosen.
Route A: The US Capital Route - Completely Disengage and Start Clean
If you decide to take dollar funds, follow the Silicon Valley path, and have the ultimate goal of being acquired or listing on a US stock exchange, what you need is not a 'wash' but a 'blood transfusion.'
A hard standard: You cannot cross any of the four red lines mentioned above.
This specifically means four things:
First, the founder must resolve their nationality. A Chinese passport itself is a compliance risk label in the eyes of American VCs. If you are determined to take this path, renouncing Chinese nationality is not an option; it is a prerequisite.
Second, do not take state capital. Any funds involving government guidance funds, state-owned LPs, or policy bank loans should undergo thorough compliance penetration in the early financing stages, and if necessary, be cleaned up or repurchased.
Third, the code source must be overseas. This is the harshest and most critical rule. The first line of code for the core algorithm must be completed overseas. The domestic team can only work on non-core modules or peripheral businesses. You need to establish a genuine R&D-capable technology center overseas from the very beginning - not a shell, but a real entity.
Fourth, separate data and users from Day 1. Do not touch Chinese user data from the start. It's not about "later cleanup," but about "never having possessed it."
The prerequisite for taking this path is: you can bear the cost of completely severing ties with the domestic market. Give up China's market revenue, users, and brand synergy entirely
