I have no specific knowledge of how IOS-XE implements IPSEC, which almost certainly has Platform Dependencies based on whether there is hardware available for forwarding and/or crypto. That said, QoS getting FUBARed if the crypto takes place after the QoS scheduler does make sense to me.

The QoS scheduler serializes the output from multiple, parallel queues by deciding the transmission order based on configured (or default) QoS policies. If after being serialized by the scheduler, a packet then needs to be sent to the crypto engine for encryption, that packet will be subject to additional latency due to the crypto process itself. In my limited IPSEC experience, I have found that crypto engines tended to have less throughput than the router's forwarding engine, which means that packets could be placed in output transmission queues for the scheduler to serialize faster than the crypto engine could work its magic. This could lead to additional queueing at the crypto engine as packets needing crypto service are serialized faster than the crypto engine can provide that service. This would add even more and variable latency on top of that needed for the crypto process itself. This extra latency is not accounted for in the configured QoS policies.

And what of the packets not needing crypto service originally serialized behind a packet needing crypto? Should those packets be blocked, HoL-style, waiting for the preceding packet to be encrypted and transmitted, or... should these succeeding packets be transmitted ahead of the previously prioritized packets needing crypto service? Either all packets are taxed by additional latency or the scheduler's priority order is mangled; one of the two will happen. Again, this unpredictable treatment is not accounted for in the configured QoS policies. 

If the QoS policies are enforced post-crypto, encrypted packets will have already incurred extra latency when placed in the output queue, but policies will work as expected.