I honestly don't know. I worked with a company once that had regulatory burdens. They were young enough that they hadn't yet hired the first IT person, let alone a security team, so it was just regular devs trying to comply. Needless to say when I came in (as a regular dev that happens to specialize in security) I waved the red flag and pointed out the possible jail time to the executives, and they were not concerned, even though the laws explicitly lay out that "because your employees made a mistake" was unequivocally not an excuse (and this has held up in court by the way). I'm being ambiguous intentionally here so I can't give details.

But regardless whether there is a deterrent benefit, I think the reality is that jails effect non-executives and normal people (especially the closer to poverty you get) far more than they ever would executives. A much better approach IMHO would be to develop alternatives and phase out incarceration altogether (or at least as much as possible) by rolling them out broadly, would be a better, more humane solution.