This is really the same as TCP and UDP normally are. TCP is a system where by every packet is guaranteed to arrive in order. If a packet is received out of order, it is stored and if a packet doesn't show up to fill in a gap, it is re-requested. This ensures a complete stream with no data lost, but it means that a connection may be held up by one missed packet while the information is requested again.
UDP on the other hand makes no such guarantee and information will arrive in whatever order it arrives and be processed as such. I'm not sure about the security implications exactly, but you would likely still get a similar delay in UDP if using a non-parallelizable chaining stream cipher since it would need all the packets to arrive in order, but this could also be overcome by using an encryption mode that supports parallel decryption.
So basically, the only thing that VPN adds to the typical TCP/UDP mix is that it limits the nature of which encryption modes can be used a little, but is otherwise the typical trade off.