Back-to-back contracts explained: aligning the end-client agreement and subcontracting
Selling an assignment to the end client and buying it from a non-EU freelancer: the back-to-back contract sits between the two. Why it is the key to a chain with no grey areas.
Your IT services firm may have the right consultant, the right day rate and a need validated by the end client, yet still be blocked at signature stage if the freelancer is based outside the EU.
The issue is not merely administrative. It is contractual, tax-related, operational and reputational.
Back-to-back contracting helps secure a subcontracting chain between the end client, the IT services firm and the supplier performing the service. It consists of aligning the commitments made upstream with those passed down downstream, without creating contradictions between the contracts.
For an IT services firm, this is critical when the tech freelancer is excellent but difficult to onboard as a direct supplier: foreign company, non-EU residence, invoicing that does not meet procurement standards, KYC difficulties, end-client clauses not flowed down, VAT uncertainty, risk of permanent establishment or poorly framed subcontracting.
StelarWork operates precisely in this area of friction: on the contract, between the French IT services firm and the tech freelancer based outside the EU. The IT services firm contracts with a French supplier. StelarWork invoices the IT services firm, contracts in its own name, pays the freelancer and carries the compliance framework applicable to the relationship.
What is a back-to-back contract?
Back-to-back contracting means matching the obligations of a main contract with those of the subcontracting agreement.
In a traditional chain:
- the end client contracts with the IT services firm;
- the IT services firm commits to a service, deadlines, deliverables, confidentiality, security and sometimes penalties;
- the IT services firm brings in a supplier or subcontractor to perform all or part of the service;
- the downstream contract must include the requirements needed so that the IT services firm can meet its upstream commitments.
Back-to-back does not mean copy-pasting the end-client contract.
It means identifying the obligations that genuinely need to flow down through the contractual chain: confidentiality, intellectual property, IT security, GDPR, reversibility, insurance, audit, subcontracting, anti-corruption compliance, international sanctions, due diligence, service continuity and acceptance procedures.
The objective is simple: to avoid the IT services firm being solely responsible for an obligation it cannot enforce against its supplier.
Key takeaway
A well-structured back-to-back contract protects the IT services firm against blind spots between what it promises the end client and what its supplier actually agrees to perform.
Why back-to-back contracting is sensitive for an IT services firm
An IT services firm sells a service to an end client with a high level of requirements.
On the other side, it may need a tech freelancer based in Dubai, Bali, Singapore or elsewhere outside the EU. The profile is available, competent and aligned with the day rate, but it does not always tick the internal boxes for supplier onboarding.
Friction points appear quickly:
- the end client requires a supplier established in France or the EU;
- procurement refuses an unknown foreign entity;
- the clauses of the main contract are not accepted by the freelancer;
- non-EU invoicing raises VAT and compliance questions;
- the freelancer does not want to create a French structure;
- the IT services firm does not want to carry the documentation risk alone;
- the service model is poorly formalised and looks too much like an insufficiently framed time-and-materials presence;
- the contractual chain does not clearly specify who does what.
The risk is not theoretical.
If the downstream contract is weak, the IT services firm may find itself liable to the end client without any practical ability to pass the obligations down. If the tax or operational set-up is artificial, other risks arise: permanent establishment, inconsistent invoicing, reclassification, difficulty proving the facts and procurement non-compliance.
Back-to-back contracting is therefore used to organise the chain before performance begins, not to fix an already poorly framed assignment after the event.
Clauses to align in a subcontracting agreement
A good back-to-back contract starts with a review of the upstream contract.
Not every clause needs to be replicated. Some must be adapted. Others must be excluded if they do not concern the downstream supplier.
Scope of the service
The subcontracting agreement must describe a service.
It must not be limited to “making a consultant available”. That wording creates a dangerous ambiguity for the IT services firm.
The right approach is to define:
- a service scope;
- deliverables;
- responsibilities;
- acceptance criteria;
- a timeline;
- validation procedures;
- a coherent purchase order or statement of work.
Even if management is agile, the contract must remain focused on the service, the deliverables and the expected outcome.
Confidentiality
The end client’s confidentiality commitments must be flowed down to the downstream supplier.
This generally includes:
- technical information;
- commercial data;
- IT architectures;
- accesses;
- project documents;
- information relating to the users or customers of the end client.
The clause must provide for a duration, standard exceptions and obligations to return or destroy information at the end of the service.
Intellectual property
Intellectual property is a sensitive point in tech assignments.
The IT services firm must be able to grant or transfer to the end client the rights it has committed to provide. To do so, it must obtain downstream the necessary rights over developments, scripts, documentation, configurations or other deliverables produced.
The downstream contract must therefore frame:
- creations produced during the service;
- the freelancer’s pre-existing materials;
- open-source components;
- licences used;
- rights transferred or granted;
- territory, duration and methods of exploitation.
Without IP alignment, the IT services firm may sell the end client more rights than it actually holds.
IT security
End clients often impose security requirements.
These may relate to:
- authentication;
- VPN access;
- password management;
- encryption;
- a ban on storing data locally;
- the use of personal equipment;
- remote-working rules;
- incident procedures;
- logging;
- separation of environments.
The subcontracting agreement must include the necessary obligations. It must also provide for the supplier’s cooperation in the event of a security incident.
Personal data and GDPR
When a service involves access to personal data, the contractual chain must be clear.
The IT services firm must identify its role: controller, processor, sub-processor or simple technical service provider with no access to the data.
If the downstream supplier accesses personal data, the contract must include the appropriate obligations: confidentiality, security, assistance, incident notification, location of processing, onward subcontracting, deletion or return.
The situation becomes more sensitive if the freelancer is outside the EU. Transfer mechanisms may be necessary depending on the context.
Prudence point
GDPR cannot be handled with a generic clause added at the end of the contract. The real flows must be understood: what data, what access, which country, which role and which security measures.
Deadlines, quality and acceptance
If the IT services firm commits to milestones or deliverables, the downstream supplier must have compatible obligations.
The contract must provide for:
- production deadlines;
- acceptance procedures;
- corrections;
- exclusions;
- required availability;
- the consequences of a delay attributable to the supplier;
- expected cooperation with the IT services firm’s teams.
Back-to-back contracting prevents the IT services firm being penalised by the end client without being able to document the cause of the downstream delay.
Liability and insurance
Downstream liability must be calibrated against upstream liability.
This is not about mechanically transferring all risk to the supplier. It is about checking that caps, exclusions and insurance obligations remain consistent with the IT services firm’s exposure.
A common imbalance consists of accepting a high cap on the end-client side while signing a downstream contract with very limited liability. In that case, the IT services firm keeps the gap on its own account.
Audit, compliance and due diligence
Some end clients impose compliance requirements: anti-corruption, international sanctions, export control, security, CSR and due diligence.
The downstream contract must allow the IT services firm to demonstrate that it has checked its supplier and can obtain the necessary information.
This does not mean turning every supplier into a legal department. But the IT services firm must have a level of documentation appropriate to the risk.
Back-to-back contracting and the end client: what to avoid
The end client does not always see the entire supplier chain.
Even so, its contract with the IT services firm may strictly regulate subcontracting: prior authorisation, list of suppliers, location, security, enhanced confidentiality, prohibition on subcontracting certain activities.
The IT services firm must avoid three mistakes.
Subcontracting without a clear contractual right
If the end-client contract requires authorisation, the IT services firm must comply with that framework.
Back-to-back contracting does not replace authorisation to subcontract. It only organises the downstream relationship.
Accepting end-client clauses that cannot be flowed down
Some upstream clauses are incompatible with the downstream supplier’s operating model.
Examples: recurring physical presence in France, access to restricted environments, mandatory certifications, on-call duties in an incompatible time zone, on-site audit outside the EU.
If these obligations cannot be performed properly, they must be addressed before signature.
Confusing a service with the provision of personnel
The relationship must remain a structured service.
To reduce risk, the contract and its performance must avoid weak signals of a mere supply of labour: absence of deliverables, direct hierarchical integration, exclusive day-to-day management by the end client, organisational dependency, lack of supplier autonomy.
Proper framing requires a service scope, a purchase order, deliverables, governance and explicit responsibilities.
The specific case of a non-EU tech freelancer
A freelancer based outside the EU raises a practical question for the IT services firm: how can it contract correctly without creating unnecessary risk?
A profile may genuinely be tax-resident in Dubai, Bali or another jurisdiction. That status predates the relationship with the IT services firm. It is neither a product nor a promise of optimisation.
The principle of reality remains central.
A sound configuration notably requires:
- a genuine tax residence outside the EU;
- an effective presence in the country concerned, often assessed by criteria of duration and centre of life;
- a service performed remotely;
- no organised and recurring presence in France;
- no artificial structure created solely for invoicing;
- contracts consistent with the actual performance.
Conversely, an abusive configuration must be ruled out:
- a foreign entity with no substance;
- a freelancer who in reality works from France while invoicing from abroad;
- a shell entity used to conceal the real situation;
- an organised commercial presence in France that has not been declared;
- a contractual chain that does not match the facts.
These matters may raise questions of permanent establishment, VAT, possible withholding taxes, employment law or tax compliance. They must be analysed with the appropriate advisers.
Important note
This article provides general information. It does not constitute personalised legal, tax or employment advice. Each situation must be reviewed with qualified advisers according to the facts, the countries concerned and the applicable contracts.
How StelarWork fits into back-to-back contracting
StelarWork acts as the IT services firm’s French supplier.
The logic is contractual:
- the IT services firm contracts with StelarWork;
- StelarWork contracts in its own name with the non-EU tech freelancer;
- StelarWork invoices the IT services firm;
- StelarWork pays the freelancer;
- StelarWork carries the documentary, invoicing and compliance framework for this relationship.
StelarWork does not sign on behalf of the freelancer. StelarWork does not act as the freelancer’s representative in France. StelarWork contracts in its own name, with its own commitments, within a service chain.
This distinction is important to avoid confusion and limit risks relating to permanent establishment or a poorly qualified commercial representation.
For the IT services firm, the operational benefit is clear: it works with a French supplier, contractually framed, rather than with a foreign entity that is difficult to have accepted by its procurement department or by its end client.
What StelarWork brings to the IT services firm
StelarWork aims to turn a non-EU freelancer who is difficult to sign into a French supplier properly contracted by the IT services firm.
This addresses several concrete frictions.
A French contractual counterparty
The IT services firm receives an invoice from a French company (SASU).
This facilitates supplier onboarding, procurement processing, accounting and contractual review. Compliance elements are grouped within a clearer relationship.
A more robust documentary chain
Back-to-back contracting makes it possible to flow down the key obligations of the upstream contract to the downstream service.
StelarWork can include the necessary requirements in its documentation: confidentiality, security, intellectual property, deliverables, liability, compliance, payment terms, supporting documents and performance rules.
A clear separation of roles
The IT services firm remains responsible for its relationship with the end client.
StelarWork acts as the IT services firm’s contractual supplier.
The freelancer acts within the framework of the service contracted with StelarWork.
This separation avoids grey areas: no employment contract, no salary, no employer-style hierarchical relationship and no representation of the freelancer in France by StelarWork.
A service logic rather than mere presence
The model must be built around a scope, a purchase order, deliverables and governance.
This is essential in order to remain on the compliance side and avoid drift linked to an insufficiently framed relationship.
VAT, invoicing and reverse charge: points to watch
VAT depends on the real invoicing chain, where the parties are established, the nature of the service and the applicable rules.
In a relationship between a French IT services firm and a French supplier, invoicing follows the rules applicable between businesses established in France, unless a specific case applies.
When StelarWork contracts with a freelancer or entity outside the EU, other rules may apply on the purchase side of the international service, in particular the VAT reverse charge depending on the configuration.
The important point for the IT services firm is not to mix the flows:
- end-client contract ↔ IT services firm;
- IT services firm contract ↔ StelarWork;
- StelarWork contract ↔ non-EU freelancer.
Each flow must have its own invoice, contract, supporting documents and tax treatment.
An artificial situation must not be presented in order to obtain favourable tax treatment. The treatment must follow the facts: genuine residence, place of performance, contracting parties, substance, and no organised presence in France where that is the case.
IT services firm checklist before signing a back-to-back contract
Before integrating a non-EU freelancer into an end-client service, the IT services firm can check the following points.
End-client contract side
- Does the contract authorise subcontracting?
- Is prior approval from the end client required?
- Are there any geographical restrictions?
- Are the security and confidentiality clauses compatible with a remote service?
- Does the end client impose certifications, insurance or audits?
- Is personal data accessible from outside the EU?
- Can the intellectual property clauses be flowed down?
Subcontracting agreement side
- Is the scope worded as a service?
- Are the deliverables identified?
- Is the day rate or price tied to a clear scope?
- Are acceptance procedures provided for?
- Are the confidentiality obligations adapted?
- Are intellectual property rights transferable to the IT services firm and then to the end client?
- Are the security obligations applicable in practice?
- Are liability and insurance consistent?
Compliance side
- Is the supplier correctly identified?
- Are the country of residence and the place of performance consistent with the facts?
- Is the service genuinely performed remotely?
- Is there an organised presence in France?
- Do the invoicing flows match the contracts?
- Is personal data processed in accordance with the applicable framework?
- Can supporting documents be produced in the event of internal control, client audit or legal review?
Good reflex
A back-to-back contract must not be treated as an administrative formality. It is a supplier risk management tool for the IT services firm.
Frequent mistakes in back-to-back contracting
Replicating the end-client contract without adaptation
A copy-paste often creates inconsistencies.
Some upstream clauses concern only the IT services firm. Others must be reformulated for the downstream supplier. A good back-to-back contract selects and adapts.
Forgetting intellectual property
This is one of the costliest mistakes.
If the freelancer retains rights that are incompatible with the IT services firm’s commitments, the end client may receive a legally fragile delivery.
Letting the freelancer invoice directly from an uncertain structure
This is not always prohibited, but it can complicate supplier onboarding, procurement compliance and documentary evidence.
For an IT services firm, the question is not only “can we pay?”. The question is: “can we properly justify the contractual chain to the end client, procurement, finance and an audit?”
Failing to check the tax reality
The declared tax status must correspond to reality.
A genuinely expatriated freelancer who is tax-resident outside the EU is not in the same situation as a service provider who lives and works in France while invoicing through a foreign company with no substance.
The first configuration can be sound if it is documented and consistent. The second can be abusive and must be avoided.
Confusing speed with compliance
Signing quickly does not compensate for a poor contract.
An urgent assignment may justify an efficient process. It does not justify a vague contractual chain.
When to use StelarWork in an IT services firm chain
StelarWork is relevant when the IT services firm has identified a non-EU tech freelancer, but direct signature creates significant friction.
Typical cases:
- the freelancer is based outside the EU and does not have a French structure;
- the end client or procurement prefers a French supplier;
- the IT services firm wants to avoid a direct contractual relationship with a foreign entity that is difficult to audit;
- the service must be framed with deliverables, confidentiality, IP and security requirements;
- the file must be clear for procurement, finance, legal and the end client;
- the IT services firm wants to reduce the operational risk linked to an insufficient documentation chain.
StelarWork does not replace analysis of the end-client contract. StelarWork facilitates the implementation of a compliant French supplier within the chain, where the facts and context allow.
FAQ
What is a back-to-back contract?
Back-to-back contracting consists of aligning the obligations of the contract signed with the end client with those of the subcontracting agreement. It enables the IT services firm to flow down the necessary obligations to its supplier: confidentiality, intellectual property, security, deadlines, compliance, liability and GDPR.
Is back-to-back contracting mandatory?
There is not always a general legal obligation to draft a back-to-back contract. In practice, it is strongly recommended whenever an IT services firm subcontracts part of the end-client service. Without contractual alignment, the IT services firm may carry obligations alone that it cannot enforce downstream.
Can you create a back-to-back contract with a freelancer based outside the EU?
Yes, if the real situation is consistent and documented. You need to check effective residence, place of performance, invoicing flows, tax compliance, personal data, security and the absence of an artificial arrangement. A genuinely remote service from abroad does not have the same risk profile as an organised presence in France concealed by a foreign company.
Does StelarWork sign on behalf of the freelancer?
No. StelarWork contracts in its own name. It does not act as the freelancer’s representative in France and does not enter into a contract on behalf of the freelancer. The IT services firm signs with StelarWork, a French supplier, and StelarWork contracts separately with the freelancer.
Is StelarWork the freelancer’s employer?
No. The model does not create an employment contract, a salary or an employer relationship. The relationship is structured as a B2B service chain, with contracts, invoices, deliverables and compliance obligations.
Does back-to-back contracting remove all risks?
No. No serious contractual arrangement removes all risk. A well-structured back-to-back contract aims to reduce blind spots, clarify responsibilities and make the chain more defensible. The real facts remain decisive: performance, management, presence, financial flows, the role of the parties and the data processed.
How can the risk of unlawful labour lending be avoided?
The contract must be built around a service, deliverables, an expected outcome and clear governance. Wording and practices that reduce the relationship to a mere supply of labour must be avoided. Performance must remain consistent with the contract.
Why would an IT services firm use StelarWork rather than sign directly with the freelancer?
Because some non-EU freelancers are difficult to onboard or contract with directly under the procurement standards of an IT services firm or an end client. StelarWork enables the IT services firm to work with a French supplier, with a clearer contractual and documentary chain, while respecting the reality of the service and compliance requirements.