I agree with your sentiment, but It's not under your control. It's under the registrar's control. I'd argue registrars are way more prone to social engineering attacks than google is. I also don't use Google as my email provider though.
The choice of registrar is under my control, though.
Also, little-known fact: if you register a UK company (probably more practical if you already have one, but the effort is not actually that big), you can register .uk domains directly with Nominet, the UK registry, by setting yourself up as a self-managed registrar. It doesn't cost anything (beyond the cost of the domain name) and is very easy. I'd love to know if there are any other registries that allow something similar.