We ran into an issue where workflows and audience memberships were failing for users that were part of nested AD groups. The workaround solution given by Support was not a viable solution and would have been very cumbersome to maintain. Understanding the huge risk in editing the SP database, I deleted one AD group, ran a full synch (we are on SP2016, on prem, using AD Import, not FIMS\MIMS) and the problem was resolved for the members of the deleted group. I then did this for multiple other groups that were having this issue and all of the symptoms were resolved.
It would be very nice to have a way of checking group memberships and group relationships either through CA or powershell. This could indicate orphaned groups and other issues that are currently not visible.
The other necessary part of this would be the ability to repair group relationships that is supported by MS.