Well, we don't have vaults onchain yet, so... I'm gonna go with Timelocks.

Any other scheme (multisig, etc) is essentially just a different approach to the key management problem.

Timelocks might be the only way to add security (i.e. some assurance that your holdings will not be spent in an unauthorized way) irrespective of how you manage they key(s).