Access policies will likely refer several other objects that have been configured in APM, depending on the scope they will likely be other Authentication servers, VPN resources, webtops, logging profiles etcetera. Basically everything in the GUI menu that isn't "access profile" is an object that supports your authentication flow and that might or might not be in use.
Of course, they must be imported as well in new configuration. If you're familiar with references and names it will be pretty easy to find out if an object is missing and which one it is.
When I work on different/incompatible versions I usually pursue the text-config way since it allows me to perform bulk edits within a few minutes, so I'd still suggest it expecially if you have more than one policy to import.
I would create an .ucs file of v12.1.5 appliance, unzip it to retrieve /partitionname/bigip.conf file, and copy-paste in a new file all the objects that begin with "access" or that are related to APM.
Then I would do the same with the new BIG-IP appliance files, and use something like notepad++ to compare these lines. Some objects are defaults and I'd just leave them the way they are, but you'll likely need every other missing object in your new configuration.
Then I would connect to new appliance's CLI (standby appiance if they're in production), back up the configuration:
confront it as well with default object type (in new version) to find lines that might have changed syntax
for quick backup, run "cp bigip.conf.backup bigip.conf" ; i believe "tmsh save sys config" should also work since you only edited text config without actually loading it, and this will overwrite any edit you made on .conf files