Since you say "top-level content folder," you've obviously eliminated the inheritance angle that can get in the way. My next step would probably be to search the raw rules themselves (under Rules in SAS Environment Manager) to see if there are any other rules which are getting in the way. These rules are created behind the scenes when you set authorizations using the dialogs from the Content area. As you know, SAS Viya defaults to declining access, so even if you've set up Read access at the atomic folder level for a given group, there may be a conflicting rule that is denying them permission.
If that doesn't uncover the issue, and you're sure you're logging in as a userid in the custom group to test this, I think you'll want to engage Tech Support.
I'm sure you're already aware of the associated doc, but for the other readers' benefit, you can find an overview of SAS Viya general authorization here.