As far as I can see, there are none - assuming both the end-user and the service account do not have excessive permissions.
All the same, and since we may implement this, I was asked to investigate and thought I would seek confirmation here.
As I understand it, Kerberos delegation would come into play in a scenario where application XYZ on front-end server A can use the credentials of end-user Bob (or of other users) to access a resource (a SQL database, for example) on back-end server B.
This is achieved by having the application run under a service account for which delegation is enabled.
Unless the end-user or service account had excessive permissions (membership in domain admins group or something like that), this should have no effect on security in general, correct?
Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.