I believe there are good precautions the guarantor can take to ensure that R is published after they close down. They can send an encrypted list of every R for each voucher issued to several trusted escrows, which can be decrypted with a majority of their keys. If the escrows should find that the guarantor has died, or cannot continue for legal reasons, or became evil or whatever, they can publish R themselves.
Maybe I overlooked something important, however.
(Edit: I think I definitively am overlooking something: the problem with the setup I proposed here is that the LN channel in this case wouldn't really have a "counterparty" as both keys are controlled by the buyer once he opens the hologram. So there is no connection to the rest of LN because the guarantor doesn't control any key exclusively. Have to think a bit about that ...)
The thing to remember also is, the buyer might not know the first thing about bitcoin. They might have just used a tool on the guarantor's website to agree on T, they might be using an SPV lightning web wallet to redeem this. And the person who redeems the voucher may not be the same person as the buyer. Transferring ownership should be as easy as placing the voucher and TB (probably on the same card) into someone's hands, and that guy you saw at McDonald's the other day had better be able to figure out how to use it. If they have to operate a specific pre-existing lightning channel, it may be a little stressful to figure out how to buy their first coffee with their new bitcoins.
I don't like it, but it's looking like it may be necessary for the guarantor to offer a less-provably-trustworthy method of redeeming the voucher using a lightning payment, by just taking from the owner TA and TB and the LN invoice off Bitlum with a web form or something, and then the owner has to trust that the guarantor will make good and send the LN payment. Or someone with c-lightning could do it the right way by using T as the secret, because they know their way around the software and don't need to exchange trustworthiness for ease-of-use (that is, if c-lightning or some other software now or will ever support specifying the secret). You could also abolish TB if you trust the issuer - the vast majority of Casascius coins and other physical bitcoins use only TA, because the issuers are trusted to destroy their copy of TA after putting it on their product - but maybe TB can be made user-friendly enough to where that would not be necessary. After all, the only requirement for TB to make sense is that the guarantor must not see it. TB could be a simple pass phrase.
Ideally, the owner would never, ever have to use T and R to claim the bitcoins on-chain, unless they really wanted to. But the option's there and can probably be made simple enough if bad things happened.