diff --git a/app/celery/tasks.py b/app/celery/tasks.py
index eee951dfd..a9516b646 100644
--- a/app/celery/tasks.py
+++ b/app/celery/tasks.py
@@ -1,10 +1,8 @@
-import itertools
 from datetime import (datetime)
 
 from flask import current_app
 from notifications_utils.recipients import (
-    RecipientCSV,
-    allowed_to_send_to
+    RecipientCSV
 )
 from notifications_utils.template import Template
 from sqlalchemy.exc import SQLAlchemyError
@@ -31,6 +29,7 @@ from app.models import (
     KEY_TYPE_NORMAL,
     KEY_TYPE_TEST
 )
+from app.service.utils import service_allowed_to_send_to
 from app.statsd_decorators import statsd
 
 
@@ -181,15 +180,3 @@ def send_email(self, service_id,
                 "RETRY FAILED: task send_email failed for notification {}".format(notification.id),
                 e
             )
-
-
-def service_allowed_to_send_to(recipient, service, key_type):
-    if not service.restricted or key_type == KEY_TYPE_TEST:
-        return True
-
-    return allowed_to_send_to(
-        recipient,
-        itertools.chain.from_iterable(
-            [user.mobile_number, user.email_address] for user in service.users
-        )
-    )
diff --git a/app/notifications/rest.py b/app/notifications/rest.py
index 48172aedc..e3362c10d 100644
--- a/app/notifications/rest.py
+++ b/app/notifications/rest.py
@@ -9,7 +9,7 @@ from flask import (
     json
 )
 
-from notifications_utils.recipients import allowed_to_send_to, first_column_heading
+from notifications_utils.recipients import first_column_heading
 from notifications_utils.template import Template
 from notifications_utils.renderers import PassThrough
 from app.clients.email.aws_ses import get_aws_responses
@@ -27,6 +27,7 @@ from app.notifications.process_client_response import (
     validate_callback_data,
     process_sms_client_response
 )
+from app.service.utils import service_allowed_to_send_to
 from app.schemas import (
     email_notification_schema,
     sms_template_notification_schema,
@@ -252,19 +253,7 @@ def send_notification(notification_type):
         errors = {'content': [message]}
         raise InvalidRequest(errors, status_code=400)
 
-    if all((
-        api_user.key_type != KEY_TYPE_TEST,
-        service.restricted or api_user.key_type == KEY_TYPE_TEAM,
-        not allowed_to_send_to(
-            notification['to'],
-            itertools.chain(
-                itertools.chain.from_iterable([user.mobile_number, user.email_address] for user in service.users),
-                ([member.recipient for member in service.whitelist])
-                if api_user.key_type == KEY_TYPE_NORMAL else iter([])
-            )
-        )
-    )):
-
+    if not service_allowed_to_send_to(notification['to'], service, api_user.key_type):
         if (api_user.key_type == KEY_TYPE_TEAM):
             message = 'Can’t send to this recipient using a team-only API key'
         else:
@@ -279,7 +268,6 @@ def send_notification(notification_type):
 
     notification_id = create_uuid()
     notification.update({"template_version": template.version})
-
     if not _simulated_recipient(notification['to'], notification_type):
         persist_notification(
             service,
diff --git a/app/service/utils.py b/app/service/utils.py
index e8ca49dc3..17ce89071 100644
--- a/app/service/utils.py
+++ b/app/service/utils.py
@@ -1,6 +1,11 @@
+import itertools
+
 from app.models import (
     ServiceWhitelist,
-    MOBILE_TYPE, EMAIL_TYPE)
+    MOBILE_TYPE, EMAIL_TYPE,
+    KEY_TYPE_TEST, KEY_TYPE_TEAM, KEY_TYPE_NORMAL)
+
+from notifications_utils.recipients import allowed_to_send_to
 
 
 def get_recipients_from_request(request_json, key, type):
@@ -11,7 +16,38 @@ def get_whitelist_objects(service_id, request_json):
     return [
         ServiceWhitelist.from_string(service_id, type, recipient)
         for type, recipient in (
-            get_recipients_from_request(request_json, 'phone_numbers', MOBILE_TYPE) +
-            get_recipients_from_request(request_json, 'email_addresses', EMAIL_TYPE)
+            get_recipients_from_request(request_json,
+                                        'phone_numbers',
+                                        MOBILE_TYPE) +
+            get_recipients_from_request(request_json,
+                                        'email_addresses',
+                                        EMAIL_TYPE)
         )
     ]
+
+
+def service_allowed_to_send_to(recipient, service, key_type):
+    if key_type == KEY_TYPE_TEST:
+        return True
+
+    if key_type == KEY_TYPE_NORMAL and not service.restricted:
+        return True
+
+    team_members = itertools.chain.from_iterable(
+        [user.mobile_number, user.email_address] for user in service.users)
+
+    if key_type == KEY_TYPE_TEAM:
+        return allowed_to_send_to(
+            recipient,
+            team_members
+        )
+
+    if key_type == KEY_TYPE_NORMAL and service.restricted:
+        whitelist_members = [member.recipient for member in service.whitelist]
+        return allowed_to_send_to(
+            recipient,
+            itertools.chain(
+                team_members,
+                whitelist_members
+            )
+        )