My understanding is, that the DAO never offered a bounty to begin with. There was no agreement beforehand and I read somewhere that originally the guy wanted to keep 25% as a finders fee. In my opinion it was a service not requested and I don't see any obligation for the DAO to pay anything.

If he did it out of the goodness of his heart, then great and many thanks, but without an official bounty set beforehand I don't see a reason to reward the theft, just because the money was given back. Now if the DAO wants to set an official bounty for the future I would argue that said bounty can be paid retroactively to the guy, otherwise a proper thank you, not the terrible answer originally given, would be in order, but that is about it.

Back in the days "white-hats" just left a note how to fix the vulnerability and request a job interview.