Can’t download file using service account for file that was uploaded by another non-service account

I'm struggling with a permissions problem in Google Drive. I have a google account (e.g. blah@domain.co.uk) that's part of an organisation. At the organisation level is a rule that prevents certain files being shared outside of the organisation. Within the blah@domain.co.uk is a service account with owner permissions. Using the Google Drive API v3 I can upload and download files to the organisations' Drive using the service account. If I manually upload a file (via the Web) using the blah@domain.co.uk account, I can't download the file via the API using the Google Drive API. I receive the following exception:-

Google.GoogleApiException HResult=0x80131500
Message=Google.Apis.Requests.RequestError File not found: . [404] Errors [ Message[File not found: ] Location[fileId - parameter] Reason[notFound] Domain[global] ]

My guess is that because the service account (serviceaccount@project.iam.gserviceaccount.com) is outside of the organisation that the rule defined at the organisation level is preventing the service account downloading the file. But, that is a guess.

The folder that files are uploaded to and downloaded from has been shared to the service account with organise, add and edit.

Looking for ideas how to work around this…define a custom security policy to define an exception for the service account?