Reading on the security of Borg backups and both encryption and authentication is used (Encrypt-then-MAC).
My understanding is authentication is used to prevent tampering which is especially important for backups vulnerable to unauthorized access (cloud storage or safety deposit boxes for example).
Reading on the security of VeraCrypt (which uses XTS), I can’t find anything about authentication.
XTS mode is susceptible to data manipulation and tampering, and applications must employ measures to detect modifications of data if manipulation and tampering is a concern: "…since there are no authentication tags then any ciphertext (original or modified by attacker) will be decrypted as some plaintext and there is no built-in mechanism to detect alterations. The best that can be done is to ensure that any alteration of the ciphertext will completely randomize the plaintext, and rely on the application that uses this transform to include sufficient redundancy in its plaintext to detect and discard such random plaintexts."
Can VeraCrypt encrypted volume be tampered with?