Ok, so here's the thing. You may have an inventory collection happening at the end of your disk encryption configuration push, but its not occurring at the right time most likely. If you've got it set up so the user enters their password at logout to enable encryption, the Mac reboots right after, so there's no way a policy will be able to collect inventory before the reboot. What you need to do is target those Macs with an inventory collection at reboot or at login, or something like that. This can get a little complicated, especially when talking about Macs that may not be hardwired into an Ethernet jack. They may not have network connectivity by the time the inventory collection tries to run.
We got around this with a package install that rode along with the encryption policy that would install a LaunchDaemon that ran a script. The script would check for the network, and if not available, would exit until next run. A StartInterval key in the LaunchDaemon runs it every 5 minutes. Once it has a valid network connection and can see the JSS, it collects inventory, then disables itself so it won't keep running. The Recovery Key to my knowledge, gets stored in a plist file locally on the Mac as part of the disk encryption config. The next inventory collection sees that and scoops it up into the db, then removes the plist from disk. At that point, the Recovery key should show up in your JSS. This is all assuming there isn't anything wrong with your original Disk Encryption config.
