We might have our wires crossed here. The issue I was experiencing was definitely down to my original testing setup having two difference domains. I've managed to convince my IT department to authorise the URL to my upgraded (latest version) moodle against my current production Blackboard VLE service. Both have the same domain name and when third-party cookies are set to be blocked, the issue I experienced when the domains were different does not occur.
So in summary, in a setup with a consumer service linking to the latest version of moodle via LTI, as long as they both belong to the same URL domain no issues will be experienced if third-party cookies are blocked.