PWCNVRT issued on a LOGONID.  The PSWD-TOD has a  last change date and the PSWA2TOD has today's date.
Before the PWCNVRT the password was expired and the user would have been forced to change their PW upon next logon.
Will the decision of expired or not look at the PSWD-TOD or PSWA2TOD?

Release : 16.0

Component : ACF2 for z/OS

The tod date on pswa2tod will always be the date it was "changed" not the date not the date that was in PSWD-TOD.
To force AES2 password to be changed at first usage you  can issue a change command to add  PSWD-EXP.
If this is a logonid that will be used in the near future then there is no need to issue the PWCNVRT command 
as the original password would be "expired" if the rules specify that it should be expired - e.g. maxdays.
The only reason that PWCNVRT should be used is if this is a logonid that should never change its password
due to passwords being stored in external locations to allow this logonid to be used by servers etc and not real people.

Note: if you use PWCNVRT you cannot set pswd-exp on the same command - it needs to be two separate commands.

ACF
CHANGE USER01 PWCNVRT
CHANGE USER01 PSWD-EXP
END