While I generally agree, just differentiating the fines is not sufficient.
Small businesses in particular do not have staff or the capacity to to deal with a large amount of compliance overhead. The biggest help for small businesses (and large businesses alike) would probably be if the GDPR would be less vague on the rules surrounding typically collected data
