Was honestly leaning to just using the exchange's wallet now on. Doubt our local cybercrime division has the time/resources for this, but will try anyway.
Too many exchanges have gotten "hacked" or have done exit scam. Plus, there is nothing stopping hackers from trying to access your account through social engineering and making away with your bitcoin. 2FA is nice. But not if a hacker can convince the support team to reset it. Furthermore, an exchange can determine they do not care for your activity and put you through a bunch of KYC/AML red tape to get access to your funds.