The compliance team almost certainly has some kind of main document that explains what they do – maybe a Procedure or Plan document. This ought to include their definition of these 2 words.

Find that doc and read their definitions. It’s the only way to be certain of the exact usage at your company.

But if the context is user accounts and cyber security, it is probably:

**verification**

– during Account setup

– is the information the user is providing **true**

– “verify” comes from the Latin word for “truth”)

– eg post a security code to their address or have them input a credit card linked to that address

**authentication**

– each time they login

– do they have the “**authority**” to log into this account?

– (the 2 words aren’t actually related, but it’s a good way to remember the definition)

– eg memorable questions, code-generating apps or gadgets

Couple of sample links from a quick Google:

– [identity verification and authentication](https://www.gbgplc.com/en/blog/identity-verification-vs-authentication/)

– [validation, verification and authentication](https://www.experian.co.uk/blogs/latest-thinking/fraud-prevention/what-is-the-difference-between-validation-verification-and-authentication/?utm_medium=internalRef&utm_source=Consumer%20Services)

– this is why you want to check your own company’s documentation – this source splits the concepts across 3 words..!