Meta, Manus, and the Hidden Compliance Risks in Global AI Deals
Meta’s Manus Deal and the New Reality of Cross-Border AI Compliance
Meta’s US$2 billion acquisition of AI agent startup Manus has quickly become a cautionary case for enterprise CTOs and CIOs. On January 9, China’s Ministry of Commerce announced it would review whether the deal violated export controls, technology transfer rules, or overseas investment regulations— despite Manus having relocated its headquarters from Beijing to Singapore in 2025.
The investigation highlights an uncomfortable truth for enterprise AI buyers: a vendor’s registered headquarters does not define its regulatory exposure. The origin of the technology does.
Why Corporate Relocation Does Not Eliminate Regulatory Risk
Manus appeared to follow the textbook playbook for regulatory independence. I think, it moved its 105-person team out of Beijing, reduced mainland staffing, expanded operations across Singapore, Tokyo, and San Francisco, and raised US$75 million from US investors.
Meta reinforced this narrative by stating there would be no continuing Chinese ownership and that Manus would cease operations in China. Yet Chinese regulators made it clear that compliance isn't determined by corporate structure alone.
As legal experts note, Chinese export control regimes focus on the technology itself—where it was developed, who built it, and how it was transferred abroad.
Technology Origin Defines Jurisdiction
According to export control specialists, AI agents and advanced algorithms developed in China can fall under strategic technology classifications. Actually, that status gives Beijing jurisdiction even after a company reincorporates elsewhere.
Regulators are expected to assess when Manus transferred technology, talent, or intellectual property from China-based entities and whether export licenses were required. Failure to secure approvals could expose founders to severe legal consequences under Chinese law.
The Regulatory Framework Enterprises Can’t Ignore
China’s 2020 updates to its technology export control rules expanded oversight to include certain algorithms and AI systems. These changes became more assertive after geopolitical tensions surrounding high-profile tech divestments. It's worth noting that
Key Regulatory Dimensions
- Export controls: AI models and agents developed in China may require licenses before being transferred or commercialised abroad.
- Data security rules: Cross-border movement of training data or model weights can trigger approval requirements, regardless of where inference occurs.
- Overseas investment reviews: Technology transfers by Chinese nationals may be scrutinised even during legitimate corporate restructurings.
Legal experts estimate such reviews can take months, creating prolonged uncertainty for acquiring companies and downstream customers.
What This Means for Enterprise AI Due Diligence
The Manus case exposes a blind spot in standard enterprise procurement. Most AI vendor assessments focus on data residency, SLAs, and contractual liability—but rarely on the regulatory history of how the technology was created.
Questions Enterprises Must Now Ask
- Technology origin: Where was the core AI model or agent developed, and under which national regimes?
- Transfer compliance: Were export licenses obtained when technology or staff moved across borders?
- Operational continuity: How would regulatory investigations affect service delivery and customer obligations?
- Risk mitigation: Does the vendor maintain reserves, insurance, or contingency plans for regulatory disruption? I think,
Even if approvals are ultimately granted, the review process itself can delay integrations and create uncertainty for enterprise customers.
The Precedent Risk for Enterprise AI Strategy
This investigation extends far beyond Meta and Manus. If regulators assert jurisdiction over Chinese-origin AI regardless of relocation, it establishes a precedent for ongoing oversight across global AI supply chains.
Manus reached US$100 million in annual recurring revenue within months, illustrating how quickly enterprises can become dependent on AI agents for critical workflows such as research, coding, and data analysis.
Future regulatory intervention could disrupt those dependencies overnight, particularly in periods of geopolitical tension. Actually,
A New Standard for AI Vendor Risk Assessment
For enterprise buyers, the lesson is clear: AI compliance risk extends beyond contracts and cloud regions into complex jurisdictional questions about talent, data, and development history.
As governments tighten oversight of strategic technologies, procurement teams will need deeper legal and geopolitical insight. Evaluating AI vendors now requires understanding not just what the model does—but where, how, and by whom it was built.