If they waited until there was a credible threat to SHA-2, then that's waiting too long
This is why they have announced an open competition to replace SHA-2 with SHA-3 after 2012...
I have a very simple question. If they don't want to wait anymore, what are you waiting for?
The competition ends in 2012, at which point the new standard will be written. They're not mandating anyone replace SHA-2 in 2012, just that's when the new standard will be written.
They didn't start SHA-3 because they expect SHA-2 to be broken in 2012, which seems to be the assumption you're blindly leaping to.