Intro
On 27 April 2026, the Office of the Working Mechanism for the Security Review of Foreign Investment, established under the National Development and Reform Commission (“NDRC”) of the People’s Republic of China, rendered a prohibition decision requiring the parties to unwind Meta’s acquisition of the artificial intelligence company Manus. This is the first publicly announced prohibition of a foreign acquisition in the AI sector since the Measures for the Security Review of Foreign Investment came into force in 2021 and represents the most stringent review outcome issued under the framework of these measures. The decision not only terminates a cross-border transaction valued at over USD 2 billion but also delineates legal boundaries for foreign capital entering China’s artificial-intelligence sector and for the cross-border movement of technology assets domiciled in China.
The regulator’s public notice was very concise, citing only that the decision was made “in accordance with law and regulation”, without disclosing the specific grounds of review. Having regard to Manus’s product profile and cross-border operating model, the matter implicates multiple, overlapping regulatory regimes: foreign-investment security review, technology export controls, cross-border data transfer rules, and outbound investment supervision are all potentially applicable. The following provides a brief overview of the case’s factual background, the relevant regulatory framework, and the potential compliance requirements.
I. Background
Manus is operated by the team of Butterfly Effect, founded in Beijing in 2022 by Mr. Xiao Hong, Mr. Ji Yichao, and other co-founders. Launched in March 2025 and marketed as “the world’s first general-purpose AI agent”, Manus achieved rapid user growth and reached annualized revenues of approximately USD 125 million by late 2025. Between June and July 2025, Butterfly Effect relocated its operational headquarters to Singapore, sharply reduced its domestic workforce, and removed its Chinese-language social-media presence — a pattern colloquially described as “Singapore washing”. On 30 December 2025, Meta announced its acquisition of Butterfly Effect for in excess of USD 2 billion.
On 8 January 2026, the Ministry of Commerce (“MOFCOM”), stated that MOFCOM “would, together with relevant departments, conduct an assessment and investigation into whether the acquisition is consistent with applicable laws and regulations on export control, technology import and export, and outbound investment”. On 27 April 2026, the NDRC formally published the security-review decision (Index No. 000013039-2026-00026), prohibiting the acquisition and requiring the parties to unwind the transaction.
II. The relevant Chinese legal framework
As can be seen from the foregoing facts, although the prohibition decision was issued in the form of a public notice, its legal basis has not been explained. The following section outlines the legal framework that may apply to this case, taking into account aspects such as security reviews of foreign investment, controls on the import and export of technology, and data and cyber security, and provides a preliminary analysis of the potential considerations for review.
1. The Foreign-Investment Security Review
The specific implementation rules of the security review system are governed by the Measures for the Security Review of Foreign Investment (Order No. 37 of the National Development and Reform Commission and the Ministry of Commerce, effective 18 January 2021; hereinafter referred to as the Security Review Measures). This legal framework for China’s security review system for foreign investment is authorised jointly by Article 59 of the National Security Law and Article 35 of the Foreign Investment Law, the latter of which explicitly states that “security review decisions made in accordance with the law shall be final”. This finality clause precludes administrative reconsideration and administrative litigation remedies against the review conclusions.
The following provisions may serve as the direct legal reference points for the present prohibition and the unwinding requirement:
- Article 4(1) of the Security Review Measures brings “important information technology and internet products and services” and “key technologies” within the notification scope;
- Article 9(1) of the Security Review Measures provides that, where a special review finds the investment to affect national security, a prohibition decision shall be rendered;
- Article 12 of the Security Review Measures requires parties having implemented the investment to dispose of equity or assets within a prescribed time-limit and take such other measures as are necessary to restore the position prevailing prior to the investment.
Beyond this most directly applicable framework, given that the matter concerns emerging technologies such as AI agents, additional compliance considerations may arise under technology import-export controls, data security, and cybersecurity.
2. Parallel application of technology export controls
MOFCOM’s 8 January statement expressly invoked “export control” and “technology import and export”, signaling parallel compliance pathways under the Regulations on the Administration of Technology Import and Export. Articles 29 and 30 prohibit the export of technologies in the prohibited category and impose a licensing regime on the restricted category; under the 2023 Catalogue of Technologies Prohibited and Restricted from Export (MOFCOM and MOST Announcement No. 57 of 2023), Class XVIII retains the entry on “personalized information-push service technologies based on data analytics”, with the scope of control extending to recommendation algorithms, user profiling and content distribution. Manus realizes its AI-agent functionality through the integration of multiple foundation models; should its core technologies fall within the restricted category and be transferred cross-border — through staff redeployment, code migration, or equity transfer — without the requisite license, this could independently constitute a breach of technology-export administration.
3. The overlay of data and cybersecurity rules
AI businesses depend critically on training and user data, and the present matter inevitably engages the Data Security Law, the Personal Information Protection Law and the Cybersecurity Law as revised in 2025. Articles 38 to 40 of the Personal Information Protection Law govern cross-border transfers and onshore-storage obligations, and Article 24 of the Data Security Law renders data-security-review decisions final, together forming a compliance layer that any AI cross-border transaction must address.
III. Execution issues and likely review considerations
Synthesizing the legal framework above, the matter also raises issues at the execution stage. Once a cross-border acquisition has closed, equity transfer, consideration payment and personnel integration have typically occurred, rendering full factual “restoration” difficult; the specific path by which the NDRC’s instruction to “unwind” will be implemented remains to be observed.
The non-disclosure of review reasoning is a long-standing feature of Chinese security-review notices and is not unique to this matter. Plausible considerations include whether Manus’s core algorithms fall within the restricted-export catalogue, whether the Singapore re-domiciliation interrupts the China-situs character of R&D, whether the training data include important data or personal information collected within China, and the technology export embedded in the proprietary knowledge held by the founders as Chinese nationals.
IV. Compliance implications in M&A
Extending the regulatory framework above to the practical plane, the matter offers the following points of reference:
First, transaction screening should assess security-review triggers at the earliest stage. Any foreign acquisition involving AI, semiconductors, biotechnology, critical infrastructure, or important data — regardless of target size — warrants a dedicated Article 4 of the Security Review Measures notification-scope analysis at deal inception; the “actual control” assessment must combine equity, board composition, voting arrangements, and contractual control. Butterfly Effect’s “Singapore re-domiciliation” did not deflect Chinese jurisdictional reach — for indirect acquisitions routed through Singapore, Hong Kong, or other third jurisdictions, parties should not presume Chinese jurisdiction is excluded; the analysis must turn on substantive connecting factors, including the situs of core R&D, the nationality of key personnel, the composition of original investors, and the location of data storage.
Second, fully utilize the voluntary-notification mechanism. Article 5 of the Security Review Measures permits parties to consult with the Office before notification; even outside the mandatory scope, voluntary notification is preferable to ex post compulsory notification or time-limited divestiture, as it preserves deal structure and commercial interests. Transactions involving restricted-export technologies must be evaluated in parallel under the Regulations on the Administration of Technology Import and Export, rather than relying on a single regulatory pathway.
Third, pre-acquisition due diligence should be expanded. Sensitive-sector M&A should incorporate, beyond conventional diligence, mapping of the target’s core technologies against the Catalogue of Technologies Prohibited and Restricted from Export; training-data lawfulness (in particular, whether important data or personal information collected within China is involved); the nationality of senior management and core R&D personnel and any latent links to Chinese regulators; and supply-chain links to critical infrastructure. Findings should be annexed to transaction documents and reflected in disclosure schedules and corresponding representations and warranties.
Fourth, transaction architecture should incorporate reversibility and defensive features. In high-sensitivity sectors, parties may consider phased transactions and condition closing on security review clearance, so as to allocate regulatory risk. Although the variable-interest-entity (“VIE”) structure has historically been used to circumvent foreign-investment-access restrictions, Article 2 of the Security Review Measures — through its provisions on “indirect investment” — leaves no room for VIE to evade security review; in this matter, a transaction involving a change of actual control was nevertheless brought within national-security review.
Conclusion
In sum, the present matter is the first publicly announced prohibition of a foreign acquisition in the AI sector under the Measures for the Security Review of Foreign Investment since their entry into force in 2021; even where the transaction had closed, substantive delivery effected through technology transfer and personnel movement remains within the regulator’s field of view. This sends a signal to cross-border transactions in sensitive sectors such as AI, data, and key technologies, and carries reference value at the stages of pre-deal assessment, structural design, and execution-phase contingency planning. The finality of security-review decisions means that post-decision legal recourse is extremely limited; pre-transaction compliance planning is therefore critical. The parties involved shall promptly assess the alignment of their business lines with the regulatory landscape disclosed by this matter, seek compliance advice, and undertake a systematic upgrade of their cross-border transaction management framework for China.
