Unfortunately, since the issue is AD related, there is little that can be done from TPAM to alleviate the issue. Replication will need to be completed to all domain controllers before the problem disappears.
To avoid this issue, it is recommended that you set a static password for the Functional Account that never changes. If this is not feasible, due to your security policies, then an alternate suggestion is to set the account so that it cannot be locked out.
If the above solutions are not acceptable, then the suggested workaround is to stop the TPAM Automation Engine for a period of time (ie. 1 hour) immediately after the new functional account credentials have been set. Doing so will prevent TPAM from performing queued password changes that lead to failed authentications and account lockouts. After the environment is settled, you can restart the Automation Engine and continue with password changes as normal.