This type of transparency will benefit everyone. Users will be more safe with extra testing. People who find exploits are less likely to exploit if they know they can be compensated for the find. The industry overall will benefit from this.
Casinos and exchanges should have a bug bounty, one of the main reasons is they already have a dedicated team for this and the administrator is paying these people to fix bugs and patch and if they post that they have a bug bounty they will be targeted by hackers for exploits because hackers will think that they do not have an internal security to fix exploits.
Casinos and exchange especially the big one will only test for security flaws and bugs prior to their launching and from there they are going to monitor the script or theme for possible exploits so if there is a bug it will be fixed soon by their team or the casino will suffer from too many glitches because of failure to fix the bugs.
That's interesting but I think I still see a lot of websites who have a bug bounty or sometimes called a feedback reward which I think can work the same according to their description. Most of these sites are not really that well known and as for the ones who are already at the top, I think they already done a lot of upgrades and their system is already at a good condition. That may be the reason on why they don't offer a bug bounty anymore.
IDK if it was the OP but I saw a thread last time which the user said that the his bug reports are only being ignored by the casino. We are not sure if they do, or maybe they already take note of the message and fixed it, but the user must be compensated.