It is possible to escalate your dispute with a company to H1 itself. They'll review the report and the company's policy, and they may contact the triager or the company to try to resolve any questions.
I wouldn't do that as a regular thing; you're pretty well guaranteed to piss off everyone on the company's side of things.
I should note that I've personally seen probably in excess of $100,000 paid out through H1; the payouts do happen.
That sounds like it's a payout lottery. H1 can't force its customers to pay. It's acting as a go-between on behalf of its customer, the company offering the bounty, not as an neuteal arbiter when there is a dispute.
Perhaps I would take them seriously if there was an escrow account companies paid into and was released to the reporting party when a plurality of multiple, disinterested parties agreed that the report was valid.
HackerOne can force their customers to pay, that's the entire point of their "guaranteed bounty" program, that's it's a guaranteed bounty!
Even with a guaranteed bounty and a critical security vulnerability, HackerOne will punt the entire thing to one of their Portswigger groupies for collection and then won't disclose the details about the discovered flaw that supposedly they found prior to your submission.
Those guys are terrible, worthless product offering unless you are one of their clients getting free penetration testing and vulnerability analysis services.
I wouldn't do that as a regular thing; you're pretty well guaranteed to piss off everyone on the company's side of things.
I should note that I've personally seen probably in excess of $100,000 paid out through H1; the payouts do happen.