It’s telling that reg/compliance came out ahead of such sexy topics as aging consumers, radical greening, and energy shocks.
E&Y divide the threats into three categories: macro (geopolitics, macroeconomics), sectoral (industry specific), and operational. I prefer to divide it into perennials and fads. Using E&Y’s numbering:
4. The inability to capitalize on emerging marketsFads
5. Industry consolidation/transition
7. Execution of strategic transactions
8. Cost inflation
10. Consumer demand shifts
1. Regulatory and compliance riskReg/compliance might look like a perennial at first sight, but the transformation being wrought by ICT (“complexification” – see my paper Internet Governance as Forestry, PDF, 600kB) probably makes it a "fad" since it is posing significant new challenges. However, as Peter points out, reg/compliance is neither a perennial nor a fad if there are successive waves of transformation. It’s perhaps better categorized as “cyclical” – just like global financial shocks. (I wouldn't put energy shocks in the cyclical bucket. Even though there have been oil crises before, the exhaustion of reserves takes us to a qualitatively new stage every time.)
2. Global financial shocks
3. Aging consumers and workforce
6. Energy shocks
9. Radical greening
Report: “Strategic business risk: 2008 — the top 10 risks for global business" (PDF , 3.1 MB). The list is a result of interviews with more than 70 analysts around the world; it’s therefore firmly in the “echo chamber” category. Unfortunately the report just focuses on the Top Ten, and so one doesn’t know which risks did NOT make the list. This would’ve been useful as context, categorizations like this are so squishy that one can fit anything in somewhere.