Yes. The PIN and timeout security policy requirements are attached to the Exchange ActiveSync account. Once the account is gone, you can undo the requirements, but you'll need to do it manually. (That is, the phone won't remove the password itself and it won't prompt you to "lower security," but it will let you go into the Settings panel to make the change yourself.) I don't know what happens if the security policy enforced full device encryption.