That's not always true. If it's possible to shave pennies off the BOM by having the radio driven by, or sharing memory with, the main CPU -- and it is possible -- there will be phones in the wild with that configuration.
Yes the radio can be on the same physical chip, but still they are two different systems. Unlocking the bootloader you get the ability to run an unsigned kernel on the main CPU, but still it doesn't give you access to the radio part, that has a completely different firmware (stored on a partition of the same flash memory, yes, but you see it as a black box) that is signed and checked and you cannot modify it. See it as the microcode of the CPU, something that is loaded at boot time but you cannot alter, patch, or even see what it does.
The kernel can only talk to the modem trough AT commands, the same commands that you would use with a 4G USB modem that you plug into any computer. The fact that are physically on the same SOC doesn't implicate nothing in terms of security.
In fact there are no security implication on unlocking a bootloader, if there were, well we would be in trouble since it's a relatively easy operation, that in most cases it's a matter of running a command from a CLI tool, and the only drawback is voiding the warranty.
There are very low cost devices such as those Allwinner or Mediatek produce that are more popular in non-US, non-EU markets that do not have the barriers you are describing.
