Exchanges use an internal ledger, sometimes a blockchain, sometimes a relational database, sometimes a hybrid of both. Changing slightly each time due any given coin or tokens idiosyncrasies, an exchange runs a single 'hot wallet' which you can think of as a cash register, where each user gets an address from that wallet which is unique to them. When a deposit is received, it arrives in the hot wallet, and the the exchange credits that user with x amount of y coin. Any and all trading that happens then happens on that exchanges internal ledger and not at all on the blockchains of those coins due to network fees and confirmation times. When you decide to withdraw from the exchange, that's when the exchange goes and commits a transaction to the external blockchain, which is why deposits/withdraws are subjected to confirmations etc, but trades and transfers etc are usually instant.

As you mentioned, it's almost impossible to segregate customer assets from proprietary assets at all times due to how the fees are calculated (again, nothing on the blockchain, only a change of value in a database) - once a day or so it would be possible to move it all in order to comply, but doing it in real time is absolutely unfeasible.