Yes the performance impact depends on the use case. I'm not sure how IDM uses groups.
The impact is reasonably small for updates to groups, for example, adding a single member to a group will trigger one additional update.
If a group is added with 200K members, then this will trigger 200K updates to populate the memberOf attribute in each entry. This will have an initial drain on performance so such a bulk update could potentially be run out of ours.
If a group modifies are performed using remove-attribute member, add-attribute member, instead of remove-value "DN", add-value "DN" then this would be inefficient.
The normal use case for group is that a user is provisioned/de-provisioned then added/removed to/from a number of groups. Each update will trigger an additional update to keep memberOf synchronized.
As an aside, the memberOf feature only works for static groups. CA Directory also supports dynamic groups. We have a feature called views that can be configured to return memberOf that is virtual (dynamically populated). Views also work for static groups but using them requires the LDAP client to redirect requests to a special base object to trigger this behavior. This may not work within the confines of an existing application.