Meta’s Acquisition of Manus: Outbound Investment Controls After the COINS Act

I. Background

In late December 2025, Meta Platforms, Inc. announced its acquisition of Manus, an AI startup known for “agent”-type systems—tools designed to carry out multi-step tasks (e.g., research, coding, and workflow execution) with limited human intervention.[1] Public reporting has described Manus as Singapore-based at the time of the deal, while also emphasizing the company’s China-related origins and earlier operating footprint.[1][2] Reported terms were not disclosed by Meta, although press reports cited a valuation of more than US$2 billion.[1][3]

The transaction drew attention for a practical reason that deal teams increasingly recognize: advanced AI M&A is no longer assessed solely through commercial and IP lenses. It sits in a maturing compliance environment shaped by U.S. national security tools, including outbound investment controls administered by the U.S. Department of the Treasury—rules that took effect on January 2, 2025—and, shortly thereafter, the Comprehensive Outbound Investment National Security Act of 2025 (the “COINS Act”), signed into law in December 2025 as part of the FY2026 National Defense Authorization Act (“NDAA”).[4][6][7] The Meta–Manus fact pattern—U.S. buyer, China nexus, sensitive AI—illustrates why outbound investment analysis is now a mainstream transaction discipline.

II. The Outbound Investment Regime and the COINS Act

A. __Pre-COINS Framework: Treasury’s Outbound Investment Rules Were Already in Operation __

The outbound investment regime began as an executive-branch program. Executive Order 14105 (August 9, 2023) directed Treasury to create a framework to (i) prohibit certain U.S. investments and (ii) require notification for others, where those investments could advance sensitive technologies in “countries of concern.”[4] Treasury issued a final rule that became effective on January 2, 2025 (the “Outbound Investment Regulations” or “OIR”).[4][5] Under the OIR, the core concept is straightforward:

• U.S. persons must not engage in certain prohibited transactions, and must submit a notice for certain notifiable transactions, when the transaction involves a covered foreign person engaged in defined activities involving specified sensitive technology categories.[4][5]

Although the OIR is technical in its definitions, several pillars matter most for commercial readers.

Who is regulated (the “who”): U.S. persons. The rules apply to “United States persons,” which include U.S. companies and U.S. individuals, and they can also reach non-U.S. entities that are “controlled” by U.S. persons in specified ways.[4][5] In practical terms, if a U.S. corporate group is investing, acquiring, funding, or forming a joint venture abroad, the group must understand whether the relevant party qualifies as a U.S. person for OIR purposes.

Where is regulated (the “where”): countries of concern. When the OIR took effect, the program’s “country of concern” focus was on the People’s Republic of China, including Hong Kong and Macau.[4][5] Importantly, the regulations do not stop at a target’s place of incorporation. They include ownership and control concepts that can pull offshore structures into scope where a China nexus remains meaningful.[4]

What transactions are covered (the “what”): more than just venture capital. The OIR addresses a broad set of “covered transactions,” including acquisitions of equity interests, certain greenfield investments, joint ventures, and certain debt or other instruments that convey equity-like features or governance rights.[4][5] The regime is not limited to minority investments: full acquisitions can plainly be in scope, as can “build” transactions and structured financings.

Which sectors are covered: semiconductors, quantum, and certain AI. The OIR focuses on three technology domains: (i) semiconductors and microelectronics, (ii) quantum information technologies, and (iii) certain AI systems.[4][5] The rules are not triggered by a generic “AI” label. Instead, the analysis turns on whether the target is engaged in defined activities involving covered technologies and, for AI, whether the AI system falls within technical and use-based categories set out in the regulations.[4]

__B. What Happens If a Transaction Is “Covered” __

The OIR uses a two-track approach:

• Prohibited transactions: These involve the most acute national security concerns and are simply not permitted for U.S. persons to undertake (subject to the rule’s definitions and exceptions).[4][5]

• Notifiable transactions: These are not categorically banned, but Treasury requires the U.S. person to submit a notice that provides specified information about the transaction, the target, and the technology activity at issue.[4][5]

Treasury is not positioned as a “deal approval” agency in the way some jurisdictions operate for merger control. The primary legal obligation is to avoid prohibited conduct and notify when notification is required. Practically, however, the distinction between “notifiable” and “prohibited” can drive transaction timelines, diligence depth, and drafting strategy. The regime also includes rules addressing a U.S. person’s ability to “knowingly direct” certain activities by non-U.S. persons in ways that would be prohibited if done by the U.S. person directly.[4][6]

__C. What COINS Changes: Codification, Expansion, and Durability __

In December 2025, Congress moved outbound investment controls from an executive-branch program into statute. The COINS Act, enacted as part of the FY2026 NDAA and signed into law on December 18, 2025, largely preserves the OIR’s architecture—prohibited vs. notifiable investments by U.S. persons into certain technology-linked foreign targets—but it also makes notable changes and instructs Treasury to implement them through future rulemaking.[6][7]

1. COINS codifies and signals durability. By anchoring outbound controls in statute, Congress signaled that outbound investment screening is not a short-term initiative. The COINS Act also authorizes significant resources for Treasury’s outbound investment program, which points to a more mature compliance and enforcement posture over time.[7]

2. COINS expands “countries of concern.” While the OIR initially centered on China (including Hong Kong and Macau), COINS expands the statutory list of covered countries to include additional jurisdictions, such as Russia, Iran, North Korea, Cuba, and Venezuela (under the Nicolás Maduro regime).[6][7] For many deal teams, the practical impact remains most immediate for China-linked transactions because of deal volume, but the statutory expansion underscores the broader intent of the regime.

3. COINS expands covered technology sectors. COINS retains the core technology areas already addressed under the OIR and adds categories such as hypersonic systems and expressly identifies high-performance computing and supercomputing as a focus area, while also giving Treasury authority to designate additional technologies through notice-and-comment procedures.[6][7]

4. COINS modifies key definitions and obligations. Among other changes, COINS adjusts how “covered foreign persons” are defined and introduces concepts such as being “subject to the direction or control” of certain persons or governments, which can be highly relevant to offshore structures and governance-heavy investments.[6][7] COINS also expands aspects of the “knowing direction” framework, potentially pulling certain directed notifiable activities into the notification pathway.[6]

5. COINS directs future rulemaking and does not immediately displace the current rules. The statute gives Treasury time to promulgate implementing regulations (reported as 450 days), and commentary from practitioners indicates that the existing OIR remains in effect pending new regulations aligned to COINS.[6][7] In other words, COINS is not “proposed” or “pending”—it is law—but its most practical effects will be shaped by Treasury’s forthcoming regulations.

For transaction parties, the net message is that outbound investment controls are now embedded in the deal landscape: the OIR provides today’s operational rules, while COINS expands the statutory foundation and sets the direction for the next iteration of the program.

III. Applying the Rules to Meta–Manus

Outbound investment analysis is often discussed abstractly. The Meta–Manus deal is helpful because it reflects the real-world sequence counsel and compliance teams typically follow.

__A. Step One: U.S. Person Analysis (Meta) __

Meta is a U.S.-headquartered public company and is therefore a “U.S. person” for OIR purposes.[4][5] That status matters not only for the parent entity but also for how the corporate group executes cross-border transactions. Deal teams commonly map:

• which entity will be the buyer,

• whether any non-U.S. subsidiaries are involved,

• whether U.S. personnel are directing or approving transaction steps that could implicate “knowing direction,” and

• whether the transaction structure creates parallel obligations across the group.[4][6]

For an acquisition, these questions are not academic: a buyer can inadvertently create OIR exposure through a combination of entity choice, governance mechanics, and internal direction of a foreign affiliate’s actions.

__B. Step Two: Target Nexus Analysis (Manus) — Offshore Structure Does Not End Scrutiny __

Public reporting describes Manus as Singapore-based at the time Meta announced the acquisition, but also emphasizes Manus’s China-related origins and earlier operating footprint.[1][2] This is a familiar pattern in Asia-facing deals: an offshore holding company (e.g., Singapore) sits atop founders, IP development, engineering talent, and revenue streams that may have been significantly China-linked historically.

Under the OIR (and even more so under COINS’s “direction or control” concepts), the critical question is not simply “where is it incorporated?” but “what is the relevant nexus to a country of concern?”[4][6][7] In a transaction like Meta–Manus, diligence would typically focus on:

• Ownership and control: cap table, investor rights, board seats, vetoes, and any governance rights held by persons tied to a country of concern;

• Operational reality: location of R&D, engineering, training infrastructure, and leadership decision-making;

• IP and data location: where source code, model weights, training datasets, and key know-how reside; and

• Continuity vs. severance: whether the deal structure and post-closing covenants meaningfully change the country-of-concern nexus.

Public reporting indicates that Meta stated it would sever Chinese ownership interests and cease Manus operations in China following the deal.[2] Regardless of the precise implementation, that kind of disclosure is itself instructive: it suggests that (i) the parties recognized the relevance of country-of-concern nexus and (ii) they viewed ownership/operations alignment as part of managing regulatory and compliance posture.

C. Step Three: Covered Technology Analysis — “AI” Labels Are Not the Test

Manus is widely described as an “AI agent” platform.[1][2] But outbound investment analysis does not turn on whether a product markets itself as “agentic.” Under the OIR, the relevant inquiry is whether the target is engaged in defined activities involving covered technologies—particularly “certain artificial intelligence systems”—and, if so, whether the activity falls into a prohibited or notifiable category.[4][5]

For “agent”-type systems, the most practical diligence questions tend to be:

• Use case and end-use exposure: Is the system designed for, marketed for, or deployed in military, intelligence, surveillance, or certain cybersecurity contexts?

• Capability and training profile: Does the system’s development involve covered thresholds or characteristics identified in the regulations (including certain high-end training or specialized applications)?

• Transfer mechanics: Does the investment confer access to model weights, training pipelines, or core engineering know-how (the “intangible benefits” regulators care about), or is it a more arms-length commercial relationship?

Public reporting about Manus emphasizes general-purpose, subscription-based use cases (e.g., productivity, research, coding) rather than military applications.[1][2] On the public record alone, it is difficult to conclude that the technology clearly sits in a prohibited category. A more conservative and common posture for deals like this is that, depending on the precise technical facts and activities, the transaction may fall into the notifiable track rather than the prohibited track.[4][5] That is consistent with the broader structure of the outbound regime: many transactions are intended to be visible to Treasury without necessarily being blocked.

__D. Step Four: Likely Regulatory Posture — Notifiable vs. Prohibited, and Fact-Specific Uncertainty __

From a practitioner perspective, the Meta–Manus scenario underscores two realities.

First, the outcome is highly fact-specific. Two “AI agent” companies can fall on opposite sides of the regime depending on training profile, end-use, customer mix, and access to sensitive technical elements. The OIR is definition-driven, and COINS is poised to evolve those definitions through implementing regulations.[6][7]

Second, deal structuring and diligence can materially shape risk posture. If parties can credibly reduce a target’s country-of-concern nexus (through ownership clean-up, operational relocation, governance controls, or ring-fencing), that can affect whether the target qualifies as a covered foreign person and how the transaction is analyzed—though COINS’s “direction or control” concepts may narrow the effectiveness of superficial fixes.[6][7] Similarly, technology mapping that moves beyond labels to concrete technical facts is often what differentiates an “uncertain, high-friction” assessment from a manageable notification analysis.

In short, Meta–Manus illustrates how outbound investment review is approached: start with U.S. person status, test the target’s country-of-concern nexus beyond corporate form, map the technology to regulatory definitions, and then decide whether the transaction is prohibited, notifiable, or outside scope—while building a record that supports the conclusion.

IV. Brief Dual-Track Regulatory Note (U.S. + PRC)

The Meta–Manus transaction also highlights that AI deals may require parallel analysis under non-U.S. regimes. Public reporting indicates Chinese regulatory attention to the transaction, including statements reported from China’s Ministry of Commerce regarding review or investigation tied to compliance with Chinese laws and regulations, including export controls.[8] Where a target’s IP, models, or key personnel originated in China, parties may need to evaluate whether transferring model weights, source code, or related know-how offshore (or to a foreign acquirer) triggers PRC export control, technology transfer, or related requirements. This is not unique to Meta–Manus; it is increasingly a standard workstream in China-origin technology transactions.

V. Practical Takeaways for Deal Teams

Meta–Manus points to a set of practical disciplines that deal teams can implement without turning every transaction into a regulatory project.

1. Scope early: buyer status, target nexus, and sector mapping. Before exclusivity, identify whether any investor or acquirer is a U.S. person (or a controlled foreign entity) and whether the target has any meaningful nexus to a “country of concern.” Then classify the target’s business against the OIR’s covered technology categories. Early scoping reduces late-stage surprises and helps determine whether technical diligence must be deepened.

2. Treat “AI” as a diligence domain, not a marketing label. Outbound investment screening requires an internal technical brief that is tailored to regulatory definitions: training profile, deployment context, end-use exposure, and what the transaction transfers (governance rights, IP access, model access). This is often best done through a joint legal–technical workstream that produces a short, defensible mapping memo.

3. Build an ownership/control “map,” not just a cap table. For China-linked targets with offshore structures, focus on who has control, direction, or meaningful rights. Under both the existing OIR and COINS’s future direction, governance mechanics and “direction or control” concepts can matter as much as formal incorporation.[6][7] Contracts that look like standard investor protections can become salient in outbound analysis.

4. Structure with perimeter and sequencing in mind. Depending on facts, deal teams may consider ring-fencing sensitive components, carving out specific China-linked operations, sequencing steps (e.g., clean-up of ownership or operations before closing), or limiting access to certain assets until compliance obligations are satisfied. Even where a transaction is likely notifiable rather than prohibited, sequencing can protect timelines and reduce post-signing uncertainty.

5. Document the diligence logic and keep timing discipline. Outbound regimes frequently rely on a “knowledge” standard, which means parties benefit from a diligent, documented process.[4][5] Maintaining a contemporaneous record of the classification analysis, the factual assumptions, and the basis for any conclusion can be as important as the conclusion itself—especially as COINS-driven rulemaking evolves.

6. Integrate outbound review into broader trade/compliance frameworks. Outbound investment analysis should be integrated with export controls, sanctions screening, data governance, and cross-border personnel movement planning. For AI transactions, post-closing integration (data access, model access, employee access, and R&D workflows) can raise issues that do not appear on the signing day checklist.

VI. Conclusion

Meta’s acquisition of Manus—announced in late December 2025, just as the COINS Act became law—illustrates the new baseline for AI-related cross-border M&A: national security compliance is now a standard transaction dimension, not an exceptional one.[1][6][7] The current Treasury rules are already operative, and COINS codifies and expands that framework while directing Treasury to refine it through implementing regulations.[4][6][7] For executives and deal teams, the practical message is simple: structured early analysis of (i) U.S. person exposure, (ii) country-of-concern nexus, and (iii) covered technology definitions is now essential to preserving deal certainty in AI transactions that touch China-linked assets or talent.

Shape

Endnotes

[1] Associated Press, “Meta buys startup Manus in latest move to advance its artificial intelligence efforts” (Dec. 2025). (AP News) [2] Business Insider, “Meta says it will fully sever Manus’s China ties after acquiring the AI startup” (Dec. 2025). (Business Insider) [3] The Wall Street Journal, “Meta Buys AI Startup Manus for More Than $2 Billion” (Dec. 2025). (The Wall Street Journal) [4] U.S. Department of the Treasury, “Outbound Investment Final Rule” (effective Jan. 2, 2025). (U.S. Department of the Treasury) [5] Latham & Watkins, “Final US Outbound Investment Rules to Be Effective January 2, 2025: Key Questions Answered” (Nov. 8, 2024). (Latham & Watkins) [6] Sidley Austin LLP, “The Comprehensive Outbound Investment National Security Act of 2025 Updates the U.S. Outbound Investment Regime: Key Takeaways” (Jan. 8, 2026). (Sidley Austin) [7] Clifford Chance, “The Comprehensive Outbound Investment National Security (COINS) Act: Congress Takes on Outbound Investment Regulation” (Dec. 24, 2025).(Clifford Chance) [8] English.scio.gov.cn (Xinhua), “China’s commerce ministry comments on investigation of Meta’s acquisition of Manus” (Jan. 9, 2026). (english.scio.gov.cn)