This is already one of the use-cases listed for WEI. The intended implementation of WEI will be Play Protect which lives in ARM TrustZone and thus runs above the kernel[0]. So you'll have something even more invasive than kernel-level anticheat.
[0] In ARM speak, kernel mode is EL1, hypervisor mode is EL2, and TrustZone mode is EL3. Each exception level is a higher level of privilege.