#show crypto session
Crypto session current status

Interface: Tunnel1
Profile: Flex_IKEv2
Session status: UP-ACTIVE     
Peer: <my-peer-ip> port 4500 
  Session ID: 1 
  IKEv2 SA: local <my-wan-ip>/4500 remote <my-peer-ip>/4500 Active 
  IPSEC FLOW: permit ip 0.0.0.0/0.0.0.0 0.0.0.0/0.0.0.0 
        Active SAs: 2, origin: crypto map

also show crypto ipsec sa detail

show crypto ipsec sa detail

interface: Tunnel1

    Crypto map tag: Tunnel1-head-0, local addr <my-wan-ip>

   protected vrf: (none)

   local  ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

   remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

   current_peer <my-peer-ip> port 4500

     PERMIT, flags={origin_is_acl,}

    #pkts encaps: 2076, #pkts encrypt: 2076, #pkts digest: 2076

    #pkts decaps: 1451, #pkts decrypt: 1451, #pkts verify: 1451

    #pkts compressed: 0, #pkts decompressed: 0

    #pkts not compressed: 0, #pkts compr. failed: 0

    #pkts not decompressed: 0, #pkts decompress failed: 0

    #pkts no sa (send) 0, #pkts invalid sa (rcv) 0

    #pkts encaps failed (send) 0, #pkts decaps failed (rcv) 0

    #pkts invalid prot (recv) 0, #pkts verify failed: 0

    #pkts invalid identity (recv) 0, #pkts invalid len (rcv) 0

    #pkts replay rollover (send): 0, #pkts replay rollover (rcv) 0

    ##pkts replay failed (rcv): 0

    #pkts tagged (send): 0, #pkts untagged (rcv): 0

    #pkts not tagged (send): 0, #pkts not untagged (rcv): 0

    #pkts internal err (send): 0, #pkts internal err (recv) 0

     local crypto endpt.: <my-wan-ip>, remote crypto endpt.: <my-peer-ip>

     plaintext mtu 1422, path mtu 1500, ip mtu 1500, ip mtu idb Cellular0

     current outbound spi: 0x5B27E9B7(1529342391)

     PFS (Y/N): N, DH group: none

     inbound esp sas:

      spi: 0x88BAF7BA(2293954490)

        transform: esp-aes esp-sha-hmac ,

        in use settings ={Tunnel UDP-Encaps, }

        conn id: 2002, flow_id: Onboard VPN:2, sibling_flags 80000040, crypto map: Tunnel1-head-0

        sa timing: remaining key lifetime (k/sec): (4256842/1402)

        IV size: 16 bytes

        replay detection support: Y

        Status: ACTIVE(ACTIVE)

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

      spi: 0x5B27E9B7(1529342391)

        transform: esp-aes esp-sha-hmac ,

        in use settings ={Tunnel UDP-Encaps, }

        conn id: 2001, flow_id: Onboard VPN:1, sibling_flags 80000040, crypto map: Tunnel1-head-0

        sa timing: remaining key lifetime (k/sec): (4256584/1402)

        IV size: 16 bytes

        replay detection support: Y

        Status: ACTIVE(ACTIVE)

     outbound ah sas:

     outbound pcp sas:

crypto ikev2 authorization policy default
 subnet-acl anySSH
 route set interface
 route set access-list MYIPS

The subnet-acl command is obsolete. The equilvent is now "route set access-list 110" which is used to push static routes to a flexvpn client, not control access through the device.

As I mentioned earlier, I tried applying ACL both in-bound and out-bound on the Tunnel. Even an ACL to deny ip any any. It does not work. It is as if VPN traffic is immune to ACLs.

And how have you been testing? From traffic sourced on the router or with transit traffic?
I've tested and confirmed this works as I expect.

As I said in my initial response "this would filter transit traffic but not traffic originating from the router itself". 

This reference states:- "An access list can control traffic arriving at a device or leaving a device, but not traffic originating at a device."

I would imagine a ZBFW when using the self zone could possibly filter the outbound traffic if so desired.

"the device" stated refers to the router with the ACL configured.

I tested from VPN peer, so it should be considered transit traffic. I know output ACL does not work on traffic originated from router, e.g. ping. But this is not what I am trying here. If VPN traffic terminated by a router is considered router generated traffic then essentially ACL cannot block anything coming from VPN. With VPN so widely used, this can't possibly be true?