I can think of several possible reasons for the number of IPSEC tunnels to be greater than the number of IKE tunnels. As @balaji.bandi suggests it might be related to the number of remote resources reached by vpn. Also I believe that while IKE tunnels are treated as bi-directional (you talk to the remote over the same tunnel the remote talks to you) that IPSEC tunnels are uni-directional (there is one tunnel for you to talk to the remote and a separate tunnel for the remote to talk to you) so I would expect at least a 2 to 1 ratio of IPSEC tunnels. Also it is possible to have active IPSEC tunnels to a peer where there is no active IKE tunnel. In establishing the vpn the first thing negotiated is the IKE tunnel which negotiates authentication and key exchange and after IKE completes successfully then the IPSEC tunnel(s) are negotiated. Depending on the lifetimes that are negotiated it is quite likely that the IKE tunnel lifetime will expire and that tunnel is no longer active while the IPSEC tunnel(s) remain active.

HTH

Rick