Desmond,
Are you using reverse route injection (RRI) or DVTI setup?
Nromally when you connect to ezvpn (with RRI or DVTI) the router installs a /32 host route for return traffic.
If you're suspecting that the taffic is being routed incorrectly due to PBR you might need to exclude ezvpn users from PBR.
If you do want to apply particular rules later for ezvpn users, the best would be to use DVTI setup and apply PBR on the virtual-template interface.
BTW if I'm saying something odd, it's because I might not be having a full view of the problem, maybe a drawing could help? :-)
Marcin