there are exchanges like bitalo.com out there that do not take control over the coins at all but have user-side generated keys that are stored only in encrypted form on the servers, combined with full multi-signature wallets and backup transaction so that you can get the coins back, even when the site loses all data or goes completely offline.

People just need to use it :-)