A single ban, $2 billion wiped out to zero

Written by: Biteye Core Contributor Amelia

On April 27, 2026, the Office of Foreign Investment Security Review Mechanism (National Development and Reform Commission) lawfully and regulatively issued a prohibition decision on the foreign acquisition of Manus, requiring the parties to revoke the transaction.

Just a few words, directly pressing the stop button on this over 2 billion USD valuation deal. The years of product refinement, legal framework segmentation, financing, and exit planning—all collapsed suddenly, washed away.

This is the first publicly halted foreign acquisition in the AI sector since the “Measures for the Security Review of Foreign Investment” came into effect in January 2021.

There is a special aspect to this deal:

Both parties in this transaction have legally become offshore: Meta is an American company, Manus has completed registration in Singapore, and established a holding structure in the Cayman Islands. Yet, Chinese regulators ultimately made a decision to prohibit the investment.

The spillover effects of this case, along with the hidden sides—companies like ByteDance, LeapStar, and other AI enterprises—are now facing clearer compliance guidance. Behind this, lies a deeper issue: traditional offshore structuring methods are becoming completely ineffective.

Entrepreneurs must think carefully about their compliance routes from Day 0.

This article does not tell stories, but provides practical insights—what laws and regulations do regulators rely on; where are the red lines in “shower-style” overseas expansion; starting today, how should enterprises choose.

01

Lawful and Regulated, According to Which Laws and Regulations?

Looking back at the Manus case, initial industry discussions mostly focused on “what happened”—migration, segmentation, bans. But as details emerged, legal attention shifted to a more fundamental question: what legal basis allows regulators to halt this deal? What laws and regulations are they relying on?

The answer is not in a single law, but a three-layered regulatory logic. These layers work together, forming an unavoidable review process.

First Layer: Recognizing “Chinese Subject”—The Underlying Basis for Piercing Review

This is the legal starting point of the entire case: where is Manus actually a company from?

Legally, the answer seems clear—Manus has completed registration in Singapore, its holding structure is in the Cayman Islands, and its parent company Butterfly Effect Pte is a genuine Singapore entity. This was the core legal argument from the Manus team throughout the transaction:

“Our entity structure has shifted to an offshore structure.”

But the regulator’s response is:

Formality does not matter; substance does.

Jingtian & Gongcheng Law Firm systematically analyzed why “legal shell offshore” failed in the Manus case. The root lies in the fact that the core AI assets have undeniable substantive links to China across four dimensions:

• Team Dimension: The engineers mastering core logic have accumulated R&D experience domestically; their technical capabilities are trained and developed within China.

• Computing Power Dimension: Domestic R&D has created technical interfaces and dependencies for resource scheduling; the core system architecture bears Chinese characteristics.

• Algorithm Dimension: The development and training of core model weights were completed domestically, representing the most legally significant “technological source.”

• Data Dimension: The training data from massive user interactions for reinforcement learning (RLHF) are highly concentrated within China.

All four dimensions point to the same conclusion: Manus’s legal form is Singaporean, but its “technological essence”—its source, core, and foundation—are entirely within China. According to the principle of “substance over form,” from a regulatory perspective, these substantive links are sufficient for piercing review—this is the first fundamental legal basis for subsequent actions.

Therefore, although in 2022 Xiao Hong founded Butterfly Effect Tech in Beijing, in 2023 established a “Cayman-Hong Kong-Beijing” red-chip structure, and in 2025 registered in Singapore with team separation and business isolation, legal recognition does not consider “when the exit occurred,” but “where it came from.” Any technical assets originating in China do not change nationality just because of registration changes.

Second Layer: Export Restrictions and Regulatory Evasion—Legal Characterization of “Shower-Style” Overseas Expansion

Once the first layer confirms: Manus is substantively a “domestic enterprise,” the second layer’s legal logic follows: transferring core assets offshore is an export activity. Export activities are subject to export control regulations.

Manus’s three-step actions form a complete puzzle of “evasion of export controls” in regulators’ eyes:

Step 1: Entity Transfer. Moving the company’s legal entity from China to Singapore, establishing the offshore Butterfly Effect Pte, and setting up a Cayman holding structure. Legally, this completes the first step of “de-Chinification.”

Step 2: Team and Asset Migration. Rapidly dismissing nearly two-thirds of Chinese employees (80 out of 120), retaining over 40 core technical personnel to relocate to Singapore.

Step 3: Data and Business Segmentation. Clearing domestic social media accounts, blocking Chinese IP access, terminating local collaborations like Alibaba Tongyi Qianwen.

Legally, the technical knowledge, R&D capabilities, and algorithms carried out by core technical personnel constitute “technological export” potentially covered by the “Catalogue of Technologies Restricted for Export.” Additionally, under the “Data Security Law” and “Measures for Security Assessment of Data Export,” the large volume of user interaction data accumulated before segmentation—originating mainly within China—has its data genes embedded in the model. This segmentation cannot trace back or delete the data genes.

Thus, the regulator’s piercing logic can be summarized as:
“Code written on Chinese land, data grown from Chinese users—this is ‘Chinese assets.’ Moving them out is an export, and exports are regulated.”

The essence of “shower-style” overseas expansion is to mask substantive violations with formal compliance—systematic evasion of export control regimes.

Third Layer: Active Declaration Mechanism—“I Cannot Say I Don’t Know”

If the first two layers involve “substantive violations,” the third layer is “procedural violation”—and the easiest to convict.

Article 4 of the “Measures for the Security Review of Foreign Investment” explicitly states that foreign investments involving important information technology, key technologies, etc., “shall proactively report” to the Office of the Working Mechanism before implementation. This is a mandatory pre-investment declaration obligation—not a suggestion, nor something to do after issues arise.

Throughout the entire transaction process, Manus and Meta never proactively reported to Chinese regulators. During the months-long closing period, Manus and its investors seemed to have reached a dangerous tacit understanding: as long as regulators did not knock, they would not open the window.

In legal practice, “failure to report when required” is itself a serious violation. It signals either deliberate concealment or willful evasion. Either way, regulators will not overlook lightly.

A compliance lawyer summarized after the incident:

“The biggest compliance flaw exposed by the Manus case is not the dispute over the applicability of a specific regulation, but that the enterprise fundamentally abandoned its reporting obligations to Chinese regulators. In the legal system, evading procedures is even more intolerable than substantive violations.”

Looking back, Manus’s fate was essentially sealed at the first layer: once piercing review identified it as a “substantive Chinese subject,” the second layer’s export control logic and the third layer’s reporting obligations automatically unlocked. The three layers form a logical closed loop, each reinforcing the next. There is no room for “luck” in this loop.

02

Why the National Development and Reform Commission?

The Ministry of Commerce was the first to act. On January 8, 2026, a spokesperson from MOFCOM publicly stated that an assessment would be conducted on the compliance of the acquisition with export control, technology import/export, and foreign investment laws. But by April 27, the decisive action came from the NDRC.

There is an underlying story here. Some experts believe: MOFCOM’s basis was the “Catalogue of Technologies Restricted for Export,” which specifically describes controlled AI technologies used for Chinese and minority languages. After the “shower” move, Manus’s services had all shifted to English, excluding Chinese users. This could lead to disputes if solely relying on export control.

This is a legal applicability debate. But we lean towards a deeper implication: ultimately, legal applicability is subordinate to political considerations.

The NDRC handles “security review,” while MOFCOM manages “technology import/export.” The NDRC’s intervention indicates that this matter has shifted from “business” to “sovereignty.”

In other words, as a macro department with broader economic management authority, the NDRC’s involvement sends a clear signal—this is not an occasional enforcement against a single company, but a systemic deterrent: “strike once, to prevent a hundred strikes.”

Killing one to warn a hundred.

All industry players still observing now see where the red line is drawn—not in vague legal clauses, but in the undeniable final measure of national security.

03

Four High-Risk Trigger Points

Based on the Manus case and the “piercing review” principle established by the “Measures for the Security Review of Foreign Investment,” four red lines are now clear. Crossing any one of them means the “shower-style” overseas expansion route is closed.

Red Line 1: Founder holds Chinese passport and has not renounced Chinese nationality

Manus founder Xiao Hong is Chinese. Chinese export control law’s jurisdiction covers natural persons. This means the founder himself could become a regulatory focus; arrangements cannot be understood solely at the corporate level.

A harsher reality lies across the Pacific: in North American VC’s geopolitical risk assessments, Chinese founders face tightening financing environments. Top Silicon Valley VCs like a16z, under geopolitical pressure, are sharply reducing investments in founders with Chinese passports. Manus’s Series B was led by Benchmark, but afterward, Benchmark faced strong political backlash in the U.S., with several Republican senators calling the deal “assisting the Chinese government.” Investors from Founders Fund openly state:

“The founder is Chinese, the company is in Beijing, and the core AI is a general AI agent—that’s the ‘original sin.’”

Both sides are closing doors. If you have a Chinese passport, U.S. capital is wary; if you have Chinese technology, Chinese regulators won’t let go. The gap is narrower than most imagine.

Red Line 2: Receiving state-owned funds

It’s not only “state funds directly investing” that count as state assets. Guidance funds from various levels of government, state-owned LPs, policy bank loans—all fall within “state asset infusion.” Office subsidies, computing resource subsidies, talent subsidies—those “trivial” support measures, when scrutinized later, are also recorded.

Red Line 3: First line of code written in China

The initial development location of core code, the training of algorithm models, the storage of technical documents—all seemingly “purely technical” facts—are legally proof of “technological source.” Manus’s early development was completed in China; when the team moved to Singapore, the code they carried already constituted a technological export. Manus never reported this transfer as a technological export.

Red Line 4: Using Chinese data

Many AI entrepreneurs have a misconception: as long as they clear Chinese user data and block Chinese IPs later, they are clean.

But regulators see “technological substance” not only in code but also in data genes.

The “Data Security Law” and “Measures for Security Assessment of Data Export” have clear review requirements for cross-border transfer of “important data.” Although Manus shut down Chinese services and blocked Chinese IPs, the user interaction data accumulated early on has already embedded data genes into the model—these genes cannot be traced or deleted through “post hoc cleaning.” Data from Chinese users means the model bears Chinese characteristics.

04

Industry-specific Entrepreneurs: Choose Sides, Starting Now

The “Security Review Measures” establish a security review mechanism for foreign investments that may impact national security, focusing on defense-related fields like military industry, and critical areas such as important information technology, key technologies, major infrastructure, and vital resources.

In the current regulatory environment following the Manus case, the following points deserve special attention:

1. The assessment of “actual control” is not only about shareholding percentage; if foreign investors can significantly influence business decisions, personnel, finance, or technology (e.g., veto rights or key tech insights), it falls under this scope. The definition is broad—for example, holding only 5% of USD funds but with veto rights that influence major decisions can be deemed “actual control,” triggering review.

2. The NDRC, as the leading department, has the authority to provide compliance guidance based on national security judgments. For instance, on April 24, 2026, the NDRC instructed some AI companies to reject U.S. capital—though not explicitly in law, this falls within the scope of “routine security review and preventive management” authorized by Articles 3 and 7 of the Measures.

3. It is not recommended to evade review via VIE, trust, or nominee arrangements. In practice, if such arrangements are deemed to evade review, companies risk correction, suspension, withdrawal, or other compliance measures.

Conclusion: The gray path of “balancing on both sides” has been completely closed from all directions.

From now on, companies must clarify their compliance stance from Day 0.

Especially in AI, only two routes are viable:

Route A: U.S. route—Complete exit

If you decide to raise USD funds, follow Silicon Valley, with the ultimate goal of acquisition or U.S. listing, you should not “shower” but “rebuild.”

A strict standard: none of the four red lines can be crossed.

Specifically, four actions:

1. Resolve nationality issues. Holding a Chinese passport is a compliance risk label in U.S. VC circles. If you are committed to this path, renouncing Chinese nationality is not optional but a prerequisite.

2. Do not accept state-owned funds. Any involvement of government guidance funds, state-owned LPs, or policy bank loans must undergo thorough compliance due diligence early on, with necessary corrections or buybacks.

3. Source code must originate offshore. This is the most brutal and core rule. The first line of core algorithm code must be written outside China. Domestic teams can only handle non-core modules or peripheral tasks. You need to establish a truly capable offshore R&D center—it’s an entity, not just a shell.

4. Isolate data and users from Day 1. Do not touch Chinese user data from the start. Not “post hoc cleaning,” but “never owned.”

This route requires accepting the cost of complete disconnection from the domestic market. Abandon revenue, users, and brand synergy in China. You gamble that global returns will compensate for this cost. Even if you meet all these conditions, you still face an increasingly unfriendly U.S.—the founder’s Chinese identity remains an “original sin” in some Silicon Valley circles.

Route B: Domestic route—Align with the national team

If you do not want or cannot follow the U.S. route, make compliance your moat.

Core logic: China’s land, China’s ground, can only grow Chinese RMB.

1. Embrace state-owned/private capital proactively. Prioritize RMB funds, government guidance funds, and central enterprise investment platforms during financing. This is not coercion but strategic binding: state-backed capital is the strongest regulatory pass.

2. Make compliance a competitive advantage. While others try to circumvent, proactively report security reviews, classify and grade data, and file technology exports. Regulators see you as “one of us”; the market views your compliance efforts as a barrier that latecomers cannot quickly catch.

3. Turn qualification certifications into licensing barriers. Certifications like Trusted Innovation, Data Security Capability Maturity, and “Specialized and New” recognition are not costs but licenses. In tightening regulatory environments, having licenses can be a matter of life or death.

4. Proactively report for security review. According to Article 4 of the Measures, foreign investments involving important information technology and key technologies must proactively report before implementation. For companies following the domestic route, this is not a burden but the best way to demonstrate stance to regulators.

Choosing this path means accepting RMB fund valuation logic and exit rhythm—fast, high-volume acquisitions like $2 billion in quick deals may be irrelevant, but policy stability and domestic market operation rights are gained.

If you want to grow big, there is no third way.

The “Cayman holding + Singapore operation + domestic R&D + USD financing” balancing model has been sentenced to death. Hesitation on this path is not flexibility but danger. Regulators will not grant exemptions just because you haven’t figured it out.

Choose the U.S. route—clean and straightforward. Choose the domestic route—completely bind.

This is the only operational manual Manus leaves for all cross-border entrepreneurs.

05

Final Words: Butterfly Effect, a Prophetic Name

Manus named its parent company Butterfly Effect—an apt metaphor. Looking back now, it seems prophetic.

This butterfly flapped its wings twice, stirring two storms: one in Silicon Valley’s acquisition invitation, and one in Beijing’s ban. Now, the regulatory front has formed a pincer movement: the acquisition offer has become a compliance mirage, and this case will be written into the financing memos of every cross-border tech company thereafter.

Revisiting the “9-month exit, $2 billion acquisition” perfect path, it secretly harbored three layered minefields from the start:

• Technology Minefield: The moment core AI code is generated in China, it is under regulatory scrutiny.

• Data Minefield: Using Chinese data makes it irretrievable.

• Identity Minefield: In this era, technology has nationality, and so do the people making it.

Lawful and regulated—past principles, now ironclad rules.

Today’s focus is not on condemning anyone but on recognizing a trend: the gray space of shifting registration, structure, and subject has been continuously squeezed. For founders, going overseas is no longer a game of “dodging regulation first, then complying later,” but a matter of clarifying the subject, funds, technology, data, and declaration paths from Day 0.

May every entrepreneurial team seeking a way through the era’s cracks see the rules clearly, stand firm, and go further—whether you pursue the U.S. route wholeheartedly or deepen the domestic system.