Public key cryptography is supposed to provide Non-repudiation, but if you "store" private key somewhere othner than the card, you just broke one important assumption "private key is only kwnown to its holder".
Computing a digital signature in applet using this key, is other thing, that's what they are for (private keys). If you do not transmit or transfer private keys over the network, or to any other storage location, than the card, you do not brake any assumptions. Your applet should use private key only for calculating digital signature.