Hi Antony,
It will be difficult to give you an answer, certainly a definitive one. We need to know more here. The first thing to check is the role model and specifically for this access role to find out what is the membership rule. It's possible that this user is a member despite that it was removed if the membership rule is still making it happen.
The first thing I suggest you look at is find the membership rule of this access role and see if that makes this user still be a member. If not, then it's probably needed to confirm in the LDAP itself that the condition for membership is revoked. If also that happened then my suggestion is to open a support case to look into this more deeply.
Sagi