[saalweachter]

"Punish criminals to prevent crime" is ultimately a fear-based strategy. For it to work, your potential criminals have to be frightened enough of the consequences of getting caught that the rewards do not outweigh the risk. It works well when the rewards are small, the probability of getting caught and punished is high, and the punishment is considered sufficiently odious.

You can begin to outline the conditions under which it breaks down: if the probability of getting caught and punished is small, if the rewards are high, or if the punishments are insufficiently threatening. Investment scams and other organized crime is a great example. The rewards are high - millions and millions of dollars. The chance of getting caught are low - a lot of what you do will appear legitimate, and a lot of what you are doing wrong rests on intent. You have to separate the self-deluded from the con men. And if you do get caught, your punishment might be relatively light (a few years in prison as a nonviolent offender), and if you are clever with how you hide the money, you might get to keep most of what you steal.

In some sense, the SEC is like cops patrolling where they are most worried about crime. You are changing the math by increasing the risk while decreasing the reward, which dissuades more criminals than ineffectually punishing a few while others prosper.