It isn't really in the hands of the ASF. The ASF can not do much unless IBM cooperates. The ASF policy is that the contributor of the code makes any legal changes to the license headers. This is IMHO a reasonable policy, their might be discrepancies between the code drop and the SGA or legal uncertainties that can only be resolved by the legal department of the company.
As seen in the case of the Oracle code drop this process takes a couple of months. IBM is not willing to do that for all the files (the simplest explanation is that they just don't have the resources to check every file they contributed).
In that sense the ASF is as much a third party as everybody else. Even though they have access the more legal files than other third parties. They still like the contributing company to make the changes necessary so the intended license of code and what the file actually claims matches.
They can nicely ask Rob Weir to check with his legal department and make the changes to benefit the wider community (and all Apache hackers), but they cannot force him or any other IBM employee/volunteer to do any of that work. In that sense IBM employees are as much volunteers as any other Apache contributor.