Any network protocol requesting the MAC address of a host needs to take that host's word for it. No network protocol can really "reach into" remote hardware and verify the claim of a host replying to ARP or similar.
Consequently, there's no real need to provide the capability to modify whatever facility a NIC manufacturer uses to store or contain its MAC address. Many, if not all, NICs have microcontrollers and some element of firmware, and therefore RAM. Some wired NICs, but many wireless LAN cards especially depend on the host side driver to load firmware into the card.
It's sufficient to have this firmware copy the MAC from a micro-ROM or similar on boot to the microcontrollers internal RAM, and provide some type of interface (i.e. PCI registers, etc.) over the host side bus to change the in-RAM copy. There are many legitimate reasons to change a MAC address so manufactuers don't tend to leave it out, except some wireless NICs.
There may be some weird network hardware that has a flash ROM or similar that contains the MAC address. Some very old ISA NICs may have a DIP EEPROM on it - with old (and new, really) PC hardware anything is really possible.