diff --git a/src/access/AccessControl.cpp b/src/access/AccessControl.cpp
index 2a2f37beb40fa7..f9cb48a20f18b2 100644
--- a/src/access/AccessControl.cpp
+++ b/src/access/AccessControl.cpp
@@ -188,6 +188,22 @@ CHIP_ERROR AccessControl::Finish()
     return retval;
 }
 
+CHIP_ERROR AccessControl::RemoveFabric(FabricIndex fabricIndex)
+{
+    ChipLogProgress(DataManagement, "AccessControl: removing fabric %u", fabricIndex);
+
+    CHIP_ERROR err;
+    do
+    {
+        err = DeleteEntry(0, &fabricIndex);
+    } while (err == CHIP_NO_ERROR);
+
+    // Sentinel error is OK, just means there was no such entry.
+    ReturnErrorCodeIf(err != CHIP_ERROR_SENTINEL, err);
+
+    return CHIP_NO_ERROR;
+}
+
 CHIP_ERROR AccessControl::Check(const SubjectDescriptor & subjectDescriptor, const RequestPath & requestPath,
                                 Privilege requestPrivilege)
 {
diff --git a/src/access/AccessControl.h b/src/access/AccessControl.h
index dd74167f0891d5..be1c268e3628b5 100644
--- a/src/access/AccessControl.h
+++ b/src/access/AccessControl.h
@@ -468,6 +468,8 @@ class AccessControl
         return mDelegate->DeleteEntry(index, fabricIndex);
     }
 
+    CHIP_ERROR RemoveFabric(FabricIndex fabricIndex);
+
     /**
      * Iterates over entries in the access control list.
      *
diff --git a/src/app/server/Server.h b/src/app/server/Server.h
index b036f96eed08d7..ca5bdcfa99a394 100644
--- a/src/app/server/Server.h
+++ b/src/app/server/Server.h
@@ -223,6 +223,7 @@ class Server
             {
                 groupDataProvider->RemoveFabric(fabricIndex);
             }
+            Access::GetAccessControl().RemoveFabric(fabricIndex);
         };
         void OnFabricRetrievedFromStorage(FabricInfo * fabricInfo) override { (void) fabricInfo; }