Work must be undertaken in the UK - outside IR35 contract clause

Yes because it has nothing to do with tax and everything to do with data security.

Particularly if you’re working for a bank.

It’s a very common clause and normally covered in the various reviews/certification that you do as part of getting permission to access the systems. Data security is a big deal and if suppliers or employees don’t follow the rules and get caught, then it’s a very big issue. This is true of businesses that work with personal data - e.g. medical or financial records, and has been the case for over a decade.

Rather than work from overseas on the sly and risk getting your contract terminated, ask your contact at the client if you can temporarily do work from a non-UK location - they may have a process to follow which will allow this. It's always worth asking, especially if it's a company with an international presence.

If they say no, then don't do it.

most companies that 'ban' work from abroad, actually just have a HR process where you request permission.
A lot have systems that look for risky sign-ins and flag security incidents when unauthorized foreign access is made.

Exactly, so it's best to ask what the policy is and not to just do it on the false assumption that it's your right to take your client's data out of the UK because your contract is outside IR35.

The fact that OP didn't even consider data security makes me think their client should reject such a request.

You need to understand what you do better and who you deliver to. Firstly how have you just 'found' a clause in your contracto? Read and understand your contracts before you sign them. It's absolutely key and it's in your title as a CONTRACTor.

The fact you can't understand why they have clauses is very naive as well. You supply your services to your client so you've got to understand how they work and the risks faced. You don't understand why a client won't allow data out of the country. That's just so wrong. They are your customer so spend more time understanding them. If you can't understand a clients security requirements should be all the reason they need to say no if you request it.

Harsh yes but do both the above and you'll actually start to look like a LTD company supplying services to a customer. It will help in many more situations you'll face going forward.

They do. Even public sector that are hell bent on not letting data out the country have these processes and some do get passed.... but

Most definitely this.

Purchase a 4g portable modem/router that supports a VPN client. Connect the VPN client to a London based VPN and access your clients systems from the VPN only.

Not only does it give you a nice secure tunnel back to the UK, it masks your true location.

I would only do this if you're not working for a bank or other high regulated client.

One of my clients also had this nonsense rule about not working from abroad, the role was a digital transformation architect for an airline. I never even had access to customer data, my access was literally test data and test systems only at that point. They also had IT staff working for them in many other countries already.

Sometimes HR have rules because they're best practice and not for any other reason (I once did a BPSS for a fashion retail project... totally pointless, just pure bureaucracy). Sometimes the rules are because of strong controls to implement regulations. Make sure you understand your client and their business before you do this.

Most of the other contractors here are seat fillers so they wouldn't have a clue when it comes to really understanding their clients business and they will immediately assume that your client is dealing with highly sensitive data or some other third-party contractual restriction. Only you can make this Judgement call.

When I was skiing last season, I spent 3 weeks working form the Alps in the morning and skiing the whole afternoon. It was nice.

I've been doing this for years as a perm and contractor. Try not to take the piss too much though.