(2) A More Integrated Regulatory Review of Outbound Direct Investment
Historically, market participants generally viewed the completion of China's outbound direct investment (ODI) approval and filing procedures as largely resolving Chinese regulatory risks associated with an outbound transaction. Article 13 of the Regulation significantly expands this perspective. In addition to regulating the direct export of goods, technology, services, and data, it also captures indirect transfers of technology and data through personnel secondments, overseas assignments, technical guidance, and training activities.
As a result, outbound investment transactions now require a broader, multi-layered regulatory assessment extending beyond the traditional ODI regime. Depending on the transaction structure, parties should also consider technology export controls, export control regulations, cross-border data transfer requirements, foreign exchange rules, merger control, state-owned asset regulations, and cybersecurity requirements. Nevertheless, the Regulation should not be interpreted as automatically subjecting every technology licensing or service agreement to outbound investment security review. Rather, Article 13 is more appropriately understood as requiring a separate regulatory assessment only where technologies or data that are restricted or prohibited under applicable laws are substantively transferred overseas.
(3) Introduction of an Outbound Investment Security Review Regime
Article 15 newly establishes a formal Outbound Investment Security Review (OISR) regime that did not previously exist under China's ministerial-level outbound investment rules. Together with the Regulation's approval and filing requirements, information reporting obligations, and anti-interference and counter-sanctions measures, the new security review mechanism forms part of a significantly more comprehensive regulatory oversight framework.
However, because the Regulation has only recently entered into force, key implementation issues, including filing thresholds, procedural requirements, substantive review criteria, and the operation of conditional approvals, remain unclear. Until detailed implementing rules are issued, this regulatory uncertainty is likely to remain a significant transactional risk for cross-border investors.
(4) Enhanced Supervision and Enforcement
The Regulation extends regulatory oversight well beyond the initial approval and filing stage by introducing lifecycle supervision based on the nature and risk profile of outbound investments. It also requires investors and their overseas invested enterprises to establish governance, compliance, internal control, operational safety, and emergency response systems.
The enforcement regime has likewise become considerably more stringent. Depending on the specific type of violation, such as prohibited investments, unauthorized investments without proper approvals or filings, or obtaining approvals through false or fraudulent submissions, authorities may suspend investment activities, require the disposal of equity interests or assets within a prescribed period, confiscate unlawful gains, and impose administrative fines calculated as a percentage of the investment amount. In addition, competent authorities may refuse to accept future approval or filing applications submitted by the offending party for up to three years or prohibit the investor from conducting outbound investment activities for a period of one to three years. Responsible officers and other directly liable individuals may also be subject to personal administrative fines.
Beyond administrative sanctions, violations that result in personal injury or property damage may give rise to civil liability. Conduct constituting a public security offence may result in administrative penalties, while conduct meeting the threshold for a criminal offence may lead to criminal liability under applicable Chinese law.
3. Key Risks for Foreign Counterparties
1) Expanded Conditions Precedent for Foreign Sellers
Chinese acquirers will now be required to assess a broader range of regulatory triggers before closing, extending well beyond the traditional ODI approval process. As a result, foreign sellers should expect more extensive due diligence requests covering the target company's technology, data processing activities, customer base, supply chain, and the development history of its intellectual property. For transactions involving sensitive industries, obtaining the necessary regulatory clearances and completing any applicable security review in China are also likely to become key conditions precedent to closing.
2) Offshore Structures May Offer Limited Protection
The Regulation suggests that simply incorporating or holding assets through an offshore vehicle will no longer be sufficient to insulate a transaction from Chinese regulatory scrutiny. In light of Articles 2, 13, and 15—which respectively address indirect acquisitions, cross-border transfers of technology and data, and the review of transfers or disposals of assets and equity interests—the regulatory focus has shifted from the formal location of an entity to its substantive connection with China. In practice, authorities are more likely to examine whether the relevant technology, intellectual property, key personnel, or data maintain a meaningful nexus with mainland China, rather than relying solely on the jurisdiction of incorporation.
3) Exit and Post-Acquisition Restructuring Risks
Article 15 also expands the scope of security review to include the transfer or disposal of assets and equity interests. Consequently, future divestments or restructurings involving offshore subsidiaries or joint venture interests previously acquired by Chinese investors may become subject to security review where national security concerns are implicated. Although the Regulation does not expressly provide for retroactive application, the extent to which completed transactions may be revisited remains uncertain. Market participants should therefore closely monitor future implementing rules and enforcement practice for greater regulatory clarity.
(4) The Manus Case: Substance Over Corporate Form
The Manus case provides an early indication of China's evolving regulatory approach. Manus, an autonomous general-purpose AI agent developed by Chinese start-up Butterfly Effect (蝴蝶效应), relocated its headquarters and certain core personnel to Singapore in 2025 as part of an offshore restructuring. On 27 April 2026, however, the Office of the Working Mechanism for Foreign Investment Security Review under the National Development and Reform Commission reportedly prohibited Meta's already-signed acquisition of Manus and required the parties to unwind the transaction.
Although the decision was issued under China's foreign investment security review regime and neither the legal basis nor the substantive reasoning has been made public, the fact that regulators blocked the foreign acquisition of an entity that had already been relocated offshore—and required an executed transaction to be unwound—nevertheless suggests that Chinese regulators may place greater emphasis on a company's substantive connection to China, including the origin of its technology, research and development capabilities, key personnel, and strategic assets, than on its formal place of incorporation. This approach may have significant implications for offshore holding structures commonly used in cross-border M&A transactions.
(5) Post-Closing Risks
Regulatory exposure does not end at closing. If regulatory non-compliance, failure to complete a required security review, or false reporting is discovered after completion of the transaction, sanctions imposed on the Chinese investor may also have significant commercial consequences for foreign counterparties. These may include delays in receiving deferred consideration, disputes over representations and warranties, or post-closing indemnification claims. Accordingly, Chinese regulatory compliance should no longer be viewed solely as a closing condition but as a key factor affecting transaction valuation, execution certainty, and long-term post-closing stability.
4. Practical Steps for Foreign Parties
(1) Early Screening Stage
Foreign parties should assess the target company not only from a commercial due diligence perspective but also from a regulatory jurisdiction perspective. The review should extend beyond the shareholder register and place of incorporation to identify where the core technology was originally developed, whether key developers are or were affiliated with Chinese entities, how intellectual property was transferred offshore, and whether servers or data systems in China have been accessed. Early identification of these factors will help determine whether the transaction may trigger Chinese outbound investment, technology transfer, data, or security review requirements.
(2) Allocating Risks in Contracts
Foreign parties should allocate regulatory risk expressly in the transaction documents, informed by the screening described above. The contract should clearly stipulate the Chinese party's obligation to complete regulatory procedures, such as ODI filings, security reviews, and technology export licenses, and precisely address the following elements: (1) conditions precedent clauses regarding approvals; (2) representations and warranties clauses concerning regulatory compliance; (3) limitations on information disclosure when responding to regulatory inquiries; (4) extension conditions in the event of approval delays; (5) termination rights and default liabilities regarding conditional approvals or rejections; and (6) indemnification mechanisms in the event of post-closing disposal requirements.
(3) Parallel Review Schedule Modeling
Even where a transaction raises no material concerns under Chinese law, it may still be subject to inbound foreign direct investment (FDI) review, export controls, merger control, or other regulatory scrutiny in jurisdictions such as Korea, the European Union, or the United States. This is particularly relevant in advanced technology sectors, including semiconductors, AI, batteries, and data centres, where regulatory standards and national security priorities differ across jurisdictions. Parties should therefore model the relevant review processes in parallel from the outset and reflect potential sequencing conflicts and timing delays in the transaction timetable.
(4) Structuring Information-Sharing Provisions
Under Article 22 of the Regulation, Chinese parties providing documents or information overseas for litigation or investigative purposes must comply with applicable Chinese laws governing state secrets, data security, and personal information protection. Transaction documents should therefore address the possibility that Chinese law may restrict disclosure, including where sensitive information must be anonymised or access to data is subject to regulatory controls. Alternative disclosure procedures should be agreed in advance, together with clear cooperation obligations governing regulatory inquiries, litigation, investigations, and due diligence requests.
(5) Reassessing Existing Joint Ventures, Technology Arrangements, and Offshore Structures
Joint ventures, technology licenses, red-chip structures, and other offshore arrangements established before the Regulation entered into force may still fall within its regulatory scope when equity interests are transferred or technology is moved across borders. Foreign parties should therefore review existing structures and strengthen contractual protections where necessary, including regulatory cooperation covenants, restrictions on cross-border data transfers, and technology ring-fencing provisions. These measures can help reduce transaction risk and improve resilience against future changes in regulatory interpretation and enforcement.
Conclusion
The Regulation is not intended to prohibit or restrict transactions with Chinese counterparties. It is better understood as a clear expression of policy: China intends to promote the high-quality development of outbound investment while exercising firmer control over technology, data, core national interests, and industrial security.
For foreign companies seeking Chinese investment, selling to Chinese acquirers, or planning joint ventures with Chinese partners, the practical implication is a change of perspective. Chinese regulatory compliance can no longer be treated as an internal procedural matter for the counterparty to resolve on its own. From the earliest stage of a transaction, foreign parties should identify substantive connections with China, design contractual risk allocation mechanisms with care, and manage regulatory uncertainty as an integral part of deal execution rather than as a matter to be addressed at closing.
* This material is provided for general informational purposes only and does not constitute legal advice on any specific matter.