We all know there is no security without physical security.
But let's forget about that for a second.
Even if you make it ueber-secure (not like today when in many Samsung devices the IMEI is actually in some obfuscated file in the efs partition!) and you really manage to bound each device to an IMEI you still have the challange of managing the blacklist/"nuke from the orbit" authorization list.
It costs 5-10-15EUR to send a box full with phones across Europe, and no customs at all if it's within EU.
You need to have (at least) EU-wide database. How do you manage that? What recourse you have if you bought your phone in Germany, you leave in Belgium and it gets blacklisted by an operator in Bulgaria based on some typo from a dodgy police station in village? How can you argue that (hint: they don't even use the latin alphabet in Bulgaria)?
We had enough of this country-coded DVDs and network locked phone and all the crap. Any more of this and will give (another) unfair advantage to your operator: the only safe phones will be the ones bought directly, they know for sure it's legit. Anything else is a risk.
The real way out here is just to have police go after the thieves. Even the older phones could be tracked well enough and with some social engineering (if you had access to the list of calls) you could find out who has the phone without any GPS or camera and whatnot. However, they just don't bother even if you give them the position of the phone within meters, inside a single-house and a picture of the user.