China Just Unwound a Closed AI Acquisition Four Months After Announcement. Procurement Diligence Has to Treat Vendor Jurisdiction as a Physical Asset.
On April 27, 2026, China's National Development and Reform Commission ordered Meta to unwind its acquisition of Manus AI, a deal valued between $2 billion and $3 billion and announced in late December 2025. This is the first time China's foreign-investment security review framework, in force since January 2021, has been used to kill a closed acquisition of an AI startup by a U.S. acquirer. The Manus parent, Butterfly Effect, was founded in Beijing in 2022 and relocated its headquarters to Singapore in mid-2025; roughly 100 staff had already been integrated into Meta's Singapore office by March 2026. Co-founders Xiao Hong and Ji Yichao are reportedly barred from leaving China.
The procurement signal here is not that an AI acquisition fell through. It is that a foreign government, four months after deal announcement and after staff integration was largely complete, asserted reach over a target that had relocated, restructured, and closed. Any U.S. acquirer, and any enterprise buyer relying on a vendor with a similar founder and engineering profile, now has to treat jurisdiction as an asset on the same footing as the model weights themselves.
The Failure
The Manus timeline reads like a textbook "Singapore washing" playbook executed competently and still defeated. Butterfly Effect was Beijing-founded in 2022, raised $75 million from Benchmark in April 2025 at roughly a $500 million valuation, relocated its corporate headquarters to Singapore in mid-2025, crossed $100 million in annualized revenue in December 2025 only eight months after launch, and announced the Meta deal on December 29, 2025. By March 2026 the staff integration into Meta's Singapore operation was substantially done.
Then the NDRC opened its review, and over several months it concluded the deal violated China's foreign-investment national security rules. Meta confirmed it has "no further plans to acquire the company." Lizzi Lee of the Asia Society Policy Institute summarized the doctrine that just got activated: "If your tech, founders, or talent base are Chinese, then the company is still strategically Chinese, regardless of where it's incorporated." Wendy Chang of MERICS explained the underlying motive: firms relocate abroad seeking "a combination of funding overseas, a laxer regulatory environment, or to appeal to a global customer base without an explicitly Chinese image." Manus did all three. The NDRC reached the company anyway.
The practical question for procurement is not whether Meta can recover the deal. Nicholas Cook of Nixon Peabody CWL has already given the legal read: "It may be challenging or even impossible to ultimately reverse this transaction." The question is what the doctrine implies for any enterprise contract that depends on an AI vendor whose founders, engineers, weights, training data, or IP touch a jurisdiction that asserts this kind of reach.
The Architecture
Most AI vendor diligence today reads like SaaS diligence with an AI annex. Buyers ask about model architecture, training data provenance, prompt-injection mitigations, SOC 2 reports, data residency, and termination assistance. Those are necessary. They are not sufficient when the vendor's continuity depends on the disposition of foreign-jurisdiction assets that the vendor cannot fully relocate.
The assumption underneath standard SaaS diligence is that vendor risk is principally a function of vendor solvency, vendor security posture, and contractual remedies. That assumption holds when the vendor is a U.S. company with U.S. engineers, U.S. data centers, and U.S.-registered IP. It begins to fail when any of those inputs sit under another sovereign's reach.
Earlier in my career at Houlihan Lokey I worked on cross-border M&A transactions, where this problem has been understood for decades in industries like manufacturing, semiconductors, and natural resources. A buyer evaluating a foreign target with physical plants in a third country runs a standard sequence of questions: where are the assets located, who controls them, can they be expropriated, what does the local regime do when relations sour, and what is the post-close intervention risk. The Manus block is the moment that sequence stops being optional for AI vendor diligence and becomes mandatory. Lian Jye Su of Omdia put the macro framing succinctly: "China is showing the world that it is willing to play hardball when it comes to AI talents and capabilities."
Where the Assumptions Break
The Manus case breaks four assumptions that most enterprise AI procurement programs still rely on.
First, the assumption that incorporation venue determines jurisdictional exposure. Butterfly Effect was a Singapore-headquartered Cayman entity by the time the deal was announced; the NDRC reached it anyway. The data-flow version of this argument was already visible when Chinese legal jurisdiction over AI vendors became a procurement question during the DeepSeek lobbying debate; Manus extends the same argument from data flowing into a PRC-jurisdiction vendor to equity, weights, and engineering held inside one. Asia Times captured the doctrine with one line: "Beijing appears willing to let companies use Singapore as a launch pad, but not as an exit ramp." The legal entity is no longer the bounding box for jurisdictional risk.
Second, the assumption that timing of deal close insulates the buyer. The Manus deal had been announced for four months and operationally integrated for at least a month before the order came down. Post-close intervention risk is real, and contracts written without it produce surprises.
Third, the assumption that key-person risk is bounded by employment contracts and IP assignment. Co-founders barred from leaving China are not available to close out integration, sign protocol updates, or testify in disputes, regardless of what their employment agreements say.
Fourth, the assumption that the U.S. side of cross-border AI investment is the only side actively building review machinery. The U.S. has Treasury's Outbound Investment Security Program for U.S. money flowing into China AI; China has the 2021 NSR framework for foreign money touching Chinese AI, and Manus is the first time it has been pointed at a U.S. acquirer with an AI target in a way that produced an unwind. Both review regimes are now operational. Vendor due diligence has to assume both will be exercised.
What Would Actually Fix This
The correction is to add a concentration-of-jurisdiction test to the existing AI vendor diligence checklist, and to write contract continuity language that survives the kind of post-close intervention the Manus block just demonstrated is real. Six items, each in the same form a manufacturing M&A team would use for foreign nationalization risk:
- Founders' citizenship and current physical location. Where do the named founders hold passports, where do they currently reside, and is there an exit-ban exposure for any individual whose departure would block the vendor's ability to perform under the contract? The Manus founders' reported travel restriction is the canonical example.
- Engineering location. What percentage of the engineering organization is physically located in a jurisdiction that asserts extraterritorial reach over its nationals or its technology, and what is the headcount of any single role (model training lead, security lead, inference infrastructure lead) that cannot operate from outside that jurisdiction.
- Weights and training-data location. Where do the model weights physically reside at rest, where does training compute run, and where does the training dataset originate. A Singapore-incorporated vendor whose weights were trained on Chinese-resident GPUs against a Chinese-resident corpus is exposed in ways the cap table does not show.
- IP registration venue. Where are the patents, trademarks, and copyright registrations filed, and which courts would adjudicate an infringement or assignment dispute. Geopolitechs argues the NDRC framework operates as "technology decontamination," and IP venue is one of the levers that determines whether an unwind reaches the buyer's licensed rights.
- Equity venue and capital structure. Where is the holding company incorporated, where do the priced rounds sit, and what is the foreign-investor concentration in the cap table. A vendor whose largest VC backers are themselves subject to outbound-investment review on either side of the Pacific is a vendor with two regulatory failure modes, not one.
- Contract continuity language. Termination-assistance clauses written for vendor insolvency do not handle a sovereign unwind. Procurement teams should add a sovereign-action trigger that obliges the vendor to escrow weights, document training procedures, and pre-stage migration tooling before any acquisition or restructuring closes, not after.
The diligence checklist is not exotic. It is the same posture that a manufacturing M&A team would take on a foreign target with physical plants in a sensitive jurisdiction. The change is that AI vendor weights, training data, and engineering talent now have to be treated as foreign-jurisdiction physical assets, because the NDRC just demonstrated they can be reached as if they were. Two existing threads from this site bear directly on the corollary. The case for treating concentration in any single AI provider as a procurement risk, applicable equally to OpenAI, Anthropic, Google, or AWS Bedrock, is the through-line of prior posts on single-provider vendor concentration in frontier AI and supply-chain monoculture in federal AI procurement. The broader procurement-control case is in Fannie Mae's AI governance mandate and what mortgage vendors will pay for it.
For any enterprise running an agent platform in production today, the immediate action is to map the six items above against the current vendor list and flag any vendor where two or more concentrate in a single foreign jurisdiction. That list is the Q2 procurement priority.
